怎么办啊，杀也杀不掉，我急死了，请各位救救我~！

【回复“邱枫你知道吗”的帖子】
用HijackThis 1.99.1扫描出来的
HijackThis_815汉化版扫描日志 V1.99.1
保存于      21:15:45, 日期 2005-9-15
操作系统：  Windows XP  (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 (6.00.2600.0000)

当前运行的进程：         
D:\WINDOWS.0\System32\smss.exe
D:\WINDOWS.0\system32\csrss.exe
D:\WINDOWS.0\system32\winlogon.exe
D:\WINDOWS.0\system32\services.exe
D:\WINDOWS.0\system32\lsass.exe
D:\WINDOWS.0\system32\svchost.exe
D:\WINDOWS.0\System32\svchost.exe
D:\WINDOWS.0\System32\svchost.exe
D:\WINDOWS.0\System32\svchost.exe
F:\瑞星杀毒\RISING\RAV\Ravmond.exe
F:\瑞星杀毒\RISING\RAV\RavStub.exe
D:\WINDOWS.0\system32\spoolsv.exe
D:\WINDOWS.0\Explorer.EXE
D:\WINDOWS.0\esscw10.exe
D:\WINDOWS.0\VM_STI.EXE
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\wsearch\Search.exe
F:\瑞星杀毒\RISING\RAV\RAVTIMER.EXE
F:\瑞星杀毒\RISING\RAV\RAVMON.EXE
D:\WINDOWS.0\system32\rundll32.exe
F:\影音风暴\Storm Downloader\StormDownloader.exe
D:\WINDOWS.0\System32\ctfmon.exe
D:\WINDOWS.0\system32\rundll32.exe
E:\PSP游戏\TTPlayer.exe
D:\WINDOWS.0\System32\alg.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\DuDu\DddClient\dudupros.exe
D:\WINDOWS.0\System32\nvsvc32.exe
F:\瑞星杀毒\RISING\RAV\CCENTER.EXE
D:\WINDOWS.0\System32\svchost.exe
F:\QQ2005\TT\TTraveler.exe
D:\Program Files\WinRAR\WinRAR.exe
F:\HijackThis 1.99.1\HijackThis1991zww.exe

R3 - 默认的URLSearchHook丢失。用HijackThis修复
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - D:\WINDOWS.0\System32\xunleibho_v8.dll
O2 - BHO: IDDTInitObj Class - {15DDE989-CD45-4561-BF99-D22C0D5C2B74} - F:\UC\UC\UCddt\ddtinit.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - D:\Program Files\3721\Assist\Angling.dll
O2 - BHO: WebMiscItem Class - {3CD4296F-6CC3-11D9-B888-000C299AA719} - D:\WINDOWS.0\system32\WebMisc.dll
O2 - BHO: Anti Fish - {5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} - D:\WINDOWS.0\System32\aclayer.dll (file missing)
O2 - BHO: 3721中文邮 - {6231D512-E4A4-4DF2-BE62-5B8F0EE348EF} - (no file)
O2 - BHO: KillObj Class - {66C28884-4E5D-494B-80C9-CAA27528FD6D} - F:\UC\UC\UCddt\ddtkillw.ocx
O2 - BHO: DDDMon Class - {6BDE1669-B490-48E3-B668-456314F2D6C3} - D:\Program Files\DuDu\DddClient\dddiemon.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - E:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O2 - BHO: YiSou - {EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} - D:\PROGRA~1\YiSou\yisoub.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS.0\System32\msdxm.ocx
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O3 - IE工具栏增项: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - F:\UC\UC\UCddt\DDTONG~1.DLL
O3 - IE工具栏增项: MSN 工具栏 - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Toolbar\01.01.2607.0\zh-cn\msntb.dll
O3 - IE工具栏增项: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - D:\Program Files\YiSou\yisou.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] D:\WINDOWS.0\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [EssSpkPhone] esscw10.exe
O4 - 启动项HKLM\\Run: [kpcdst] E:\cdsprite.exe
O4 - 启动项HKLM\\Run: [rfw] D:\Program Files\rising\Rfw\Rfw.exe
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS.0\System32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [PHIMETIPSYNC] D:\Program Files\Common Files\Microsoft Shared\IME\IMTC60\Phonetic\TINTLCFG.EXE /PHIMETIPSync
O4 - 启动项HKLM\\Run: [BigDogPath] D:\WINDOWS.0\VM_STI.EXE USB PC Camera VM301+
O4 - 启动项HKLM\\Run: [NMGameX_AutoRun] D:\WINDOWS.0\System32\Rundll32.exe nmgamex.dll,LiveProcess /aa
O4 - 启动项HKLM\\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [MoveSearch] D:\Program Files\wsearch\Search.exe
O4 - 启动项HKLM\\Run: [RavTimer] F:\瑞星杀毒\RISING\RAV\RAVTIMER.EXE
O4 - 启动项HKLM\\Run: [RavMon] F:\瑞星杀毒\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - 启动项HKLM\\Run: [ExFilter] Rundll32.exe "D:\PROGRA~1\CNNIC\Cdn\cdnspie.dll,ExecFilter solo"
O4 - 启动项HKLM\\Run: [helper.dll] D:\WINDOWS.0\system32\rundll32.exe D:\PROGRA~1\3721\helper.dll,Rundll32
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "F:\影音风暴\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [MINI_BFYY] F:\影音风暴\Storm Downloader\StormDownloader.exe
O4 - 启动项HKLM\\Run: [Thunder] "F:\讯雷5\ThunderShell.exe" /s
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS.0\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MessengerHelperWatch] E:\MESSEN~1\MSNHEL~1.EXE
O4 - HKCU\..\Run: [GameBuddy] D:\Program Files\Softnyx\GameBuddy\GameBuddy.exe
O4 - HKCU\..\Run: [VXP] "F:\可视通\VXP.EXE" start
O4 - HKCU\..\Run: [Kugoo] F:\kugoo\KUGOO\kugoo.exe
O4 - HKCU\..\Run: [Yahoo! Pager] F:\雅虎通\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [eMuleAutoStart] F:\电驴\eMule\eMule.exe -AutoStart
O4 - Startup: 新浪UC.lnk = F:\UC\UC\uc.exe
O4 - Global Startup: 桌面传媒.lnk = ?

【回复“邱枫你知道吗”的帖子】
O8 - IE右键菜单中的新增项目: !搜一搜 - res://D:\WINDOWS.0\downlo~1\CnsMinEx.dll/1003
O8 - IE右键菜单中的新增项目: !搜一搜(&S) - res://D:\Program Files\YiSou\yisou.dll/232
O8 - IE右键菜单中的新增项目: &使用DuDu 加速器下载 - res://D:\Program Files\DuDu\DddClient\dddmext.dll/202
O8 - IE右键菜单中的新增项目: &使用暴风下载器下载 - F:\影音风暴\Storm Downloader\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - F:\讯雷5\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - F:\讯雷5\getAllurl.htm
O8 - IE右键菜单中的新增项目: 使用Kugoo下载 - F:\kugoo\KUGOO\KugooDownX.htm
O8 - IE右键菜单中的新增项目: 使用彩信超级自写发送到手机 - http://mms.sina.com.cn/mmsnews.html
O8 - IE右键菜单中的新增项目: 使用影音传送带下载 - E:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - IE右键菜单中的新增项目: 使用影音传送带下载全部链接 - E:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - IE右键菜单中的新增项目: 使用新浪下载助手下载 - F:\UC\UC\UCddt\sinadl.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - F:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - F:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 发送图片到手机(&M) - http://sms.sina.com.cn/diy/send.html?from=467
O8 - IE右键菜单中的新增项目: 收藏此页到新浪ViVi - http://vivi.sina.com.cn/collect/click.php?agent=ddt
O8 - IE右键菜单中的新增项目: 新浪搜索 - http://cha.sina.com.cn/ddt.html
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - F:\QQ2005\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\QQ2005\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - F:\QQ2005\SendMMS.htm
O8 - IE右键菜单中的新增项目: 用比特精灵下载(&B) - F:\BT软件1\BitSpirit\bsurl.htm
O9 - 浏览器额外的按钮: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm (file missing)
O9 - 浏览器额外的按钮: ATS专业网络心理测评系统(429b.) - {1930DD7F-476F-4328-93F4-AF8724C23F64} - F:\Program Files\ats - www.psy-test.net\ats.exe (file missing)
O9 - 浏览器额外的按钮: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - F:\UC\UC\UC.exe
O9 - 浏览器额外的按钮: 下载管理 - {3DB9F45E-AA74-4373-A466-C18A9F1C500D} - D:\Program Files\DuDu\DddClient\DuDuAcc.exe
O9 - 浏览器额外的“工具”菜单项: 下载管理 - {3DB9F45E-AA74-4373-A466-C18A9F1C500D} - D:\Program Files\DuDu\DddClient\DuDuAcc.exe
O9 - 浏览器额外的按钮: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - 浏览器额外的按钮: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing)
O9 - 浏览器额外的按钮: 3721中文邮 - {5D73EE86-05F1-49ed-B850-E423120EC329} - http://cmail.3721.com?fb=client (file missing)
O9 - 浏览器额外的按钮: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS.0\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS.0\web\related.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\QQ2005\QQ.EXE (file missing)
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\QQ2005\QQ.EXE (file missing)
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的按钮: 易趣购物 - {DE607141-AC19-421e-861A-1D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {DE607141-AC19-421e-861A-1D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的按钮: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - F:\雅虎通\MESSEN~1\YPAGER.EXE (file missing)
O9 - 浏览器额外的“工具”菜单项: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - F:\雅虎通\MESSEN~1\YPAGER.EXE (file missing)
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - F:\UC\UC\UCddt\DDTONG~1.DLL
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - 浏览器额外的“工具”菜单项: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: (no name) - {974AD624-EA50-4831-A6C0-3040F6665396} - F:\UC\UC\UCddt\rssband.dll (HKCU)
O9 - 浏览器额外的“工具”菜单项: 新浪点点通阅读器 - {974AD624-EA50-4831-A6C0-3040F6665396} - F:\UC\UC\UCddt\rssband.dll (HKCU)
O9 - 浏览器额外的按钮: 新浪点点通阅读器 - {F0646DC8-58CD-4C64-8F6B-525043914685} - F:\UC\UC\UCddt\rssband.dll (HKCU)
O11 - Options group: [!CNS]  上网助手-地址栏搜索
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://cn.download.yahoo.com/dl/install/yinst0401.cab
O16 - DPF: {73BF47F8-04F4-4857-9F04-A1FF670CB5EA} (iChatX Control) - http://www.ichat.net.cn/ichatx.ocx
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {BA0F088C-72C1-475A-92F8-42391DEF6961} (Blueskyvoice Control) - http://www.bluesky.cn/download/blueskyvoice_26.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28578.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{30B7347C-98E6-4251-BB39-DE9B57A81C79}: NameServer = 202.96.209.6 202.96.209.133
O18 - 列举现有的协议: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - D:\WINDOWS.0\System32\mbprot.dll
O18 - 列举现有的协议: mbox - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - D:\WINDOWS.0\System32\mbprot.dll
O23 - NT 服务: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - D:\WINDOWS.0\G_Server.exe
O23 - NT 服务: internew - Unknown owner - d:\windows.0\system32\system.exe
O23 - NT 服务: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS.0\System32\nvsvc32.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - F:\瑞星杀毒\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\瑞星杀毒\RISING\RAV\Ravmond.exe

救救我吧，我急死了555555555555555555555555555555555555555

O23 - NT 服务: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - D:\WINDOWS.0\G_Server.exe

http://forum.ikaka.com/topic.asp?board=28&artid=6202404

大哥为什么我又扫描了一遍O23 - NT 服务: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - D:\WINDOWS.0\G_Server.exe
怎么没了，晕……

你已经停止或是删除了Gray_Pigeon_Server这项服务了么 ？

没有啊~现在用瑞星查还是有这个病毒~！

你再扫个日志贴上来看看

当前运行的进程：         
D:\WINDOWS.0\System32\smss.exe
D:\WINDOWS.0\system32\winlogon.exe
D:\WINDOWS.0\system32\services.exe
D:\WINDOWS.0\system32\lsass.exe
D:\WINDOWS.0\system32\svchost.exe
D:\WINDOWS.0\System32\svchost.exe
F:\瑞星杀毒\RISING\RAV\Ravmond.exe
F:\瑞星杀毒\RISING\RAV\RavStub.exe
D:\WINDOWS.0\system32\spoolsv.exe
D:\WINDOWS.0\Explorer.EXE
D:\WINDOWS.0\esscw10.exe
D:\WINDOWS.0\VM_STI.EXE
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\wsearch\Search.exe
F:\瑞星杀毒\RISING\RAV\RAVTIMER.EXE
D:\WINDOWS.0\system32\rundll32.exe
F:\影音风暴\Storm Downloader\StormDownloader.exe
D:\WINDOWS.0\System32\ctfmon.exe
D:\WINDOWS.0\system32\rundll32.exe
E:\PSP游戏\TTPlayer.exe
D:\WINDOWS.0\System32\nvsvc32.exe
F:\瑞星杀毒\RISING\RAV\CCENTER.EXE
D:\WINDOWS.0\System32\svchost.exe
F:\QQ2005\TT\TTraveler.exe
D:\Program Files\DuDu\DddClient\dudupros.exe
D:\WINDOWS.0\System32\conime.exe
F:\HijackThis 1.99.1\HijackThis1991zww.exe

R3 - 默认的URLSearchHook丢失。用HijackThis修复
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - D:\WINDOWS.0\System32\xunleibho_v8.dll
O2 - BHO: IDDTInitObj Class - {15DDE989-CD45-4561-BF99-D22C0D5C2B74} - F:\UC\UC\UCddt\ddtinit.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - D:\Program Files\3721\Assist\Angling.dll
O2 - BHO: WebMiscItem Class - {3CD4296F-6CC3-11D9-B888-000C299AA719} - D:\WINDOWS.0\system32\WebMisc.dll
O2 - BHO: Anti Fish - {5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} - D:\WINDOWS.0\System32\aclayer.dll (file missing)
O2 - BHO: 3721中文邮 - {6231D512-E4A4-4DF2-BE62-5B8F0EE348EF} - (no file)
O2 - BHO: KillObj Class - {66C28884-4E5D-494B-80C9-CAA27528FD6D} - F:\UC\UC\UCddt\ddtkillw.ocx
O2 - BHO: DDDMon Class - {6BDE1669-B490-48E3-B668-456314F2D6C3} - D:\Program Files\DuDu\DddClient\dddiemon.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - E:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O2 - BHO: YiSou - {EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} - D:\PROGRA~1\YiSou\yisoub.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS.0\System32\msdxm.ocx
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O3 - IE工具栏增项: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - F:\UC\UC\UCddt\DDTONG~1.DLL
O3 - IE工具栏增项: MSN 工具栏 - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Toolbar\01.01.2607.0\zh-cn\msntb.dll
O3 - IE工具栏增项: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - D:\Program Files\YiSou\yisou.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] D:\WINDOWS.0\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [EssSpkPhone] esscw10.exe
O4 - 启动项HKLM\\Run: [kpcdst] E:\cdsprite.exe
O4 - 启动项HKLM\\Run: [rfw] D:\Program Files\rising\Rfw\Rfw.exe
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS.0\System32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [PHIMETIPSYNC] D:\Program Files\Common Files\Microsoft Shared\IME\IMTC60\Phonetic\TINTLCFG.EXE /PHIMETIPSync
O4 - 启动项HKLM\\Run: [BigDogPath] D:\WINDOWS.0\VM_STI.EXE USB PC Camera VM301+
O4 - 启动项HKLM\\Run: [NMGameX_AutoRun] D:\WINDOWS.0\System32\Rundll32.exe nmgamex.dll,LiveProcess /aa
O4 - 启动项HKLM\\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [MoveSearch] D:\Program Files\wsearch\Search.exe
O4 - 启动项HKLM\\Run: [RavTimer] F:\瑞星杀毒\RISING\RAV\RAVTIMER.EXE
O4 - 启动项HKLM\\Run: [RavMon] F:\瑞星杀毒\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - 启动项HKLM\\Run: [ExFilter] Rundll32.exe "D:\PROGRA~1\CNNIC\Cdn\cdnspie.dll,ExecFilter solo"