Logfile of HijackThis v1.99.1
Scan saved at 23:05:53, on 2006-6-5
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\sina\UC\uc.exe
D:\Program Files\Tencent\QQ\QQ.exe
D:\Program Files\Tencent\QQ\TIMPlatform.exe
D:\Program Files\Maxthon\Max.exe
D:\Program Files\Kingsoft\FastAIT 2006\FastAIT.exe
G:\软件包\杀毒软件\HijackThis\HijackThis.exe

R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 218.66.102.160 club.17173.com
O1 - Hosts: 202.103.172.43 bt.jujumao.com
O1 - Hosts: 61.172.251.53 pt.sdo.com
O1 - Hosts: 61.152.248.9 bbs.218.cc
O1 - Hosts: 202.104.94.3 www.gznet.com
O1 - Hosts: 218.97.193.68 www.huaxia2.com
O1 - Hosts: 219.147.8.18 www.blueshow.net
O1 - Hosts: 222.92.41.246 www.qqjia.com
O1 - Hosts: 61.129.102.95 www.114ie.net
O1 - Hosts: 210.51.189.133 my.coolala.net
O1 - Hosts: 221.235.112.148 cuibo.bbs.ful.cn
O1 - Hosts: 58.215.64.132 www.hao2.com
O1 - Hosts: 211.155.232.208 www.onlybeloved.com
O1 - Hosts: 218.16.118.177 www.softb2b.net
O1 - Hosts: 218.85.133.55 www.600it.com
O1 - Hosts: 61.152.95.147 www.programfan.com
O1 - Hosts: 218.22.223.163 www.gupin.com
O1 - Hosts: 61.141.8.37 soft.winzheng.com
O1 - Hosts: 61.132.75.115 www.vhosting.cn
O1 - Hosts: 211.154.171.132 www.ssreader.com
O1 - Hosts: 202.102.249.40 www.mydrivers.com
O1 - Hosts: 125.91.104.210 rav.xxjp.org
O1 - Hosts: 218.93.205.186 www.vistafans.com
O1 - Hosts: 222.88.88.225 www.piaodown.com
O1 - Hosts: 61.152.249.8 www.91f.net
O1 - Hosts: 61.145.116.79 www.gz-bus.com
O1 - Hosts: 125.65.76.35 www.ddvip.net
O1 - Hosts: 219.150.221.37 www.hackbase.com
O1 - Hosts: 222.77.186.38 www.rsony.com
O1 - Hosts: 220.181.18.66 www.hao123.com
O1 - Hosts: 61.135.158.217 www.sunvv.com
O1 - Hosts: 218.108.238.104 wwz521.home.sunbo.net
O1 - Hosts: 218.83.158.120 www.rd888.com
O1 - Hosts: 61.172.245.207 www.rj588.com
O1 - Hosts: 202.119.248.128 www.nod32info.cn
O1 - Hosts: 221.231.15.138 blog.lanyue.com
O1 - Hosts: 60.190.223.6 www.98959.com
O1 - Hosts: 61.141.8.161 www.hackol.com
O1 - Hosts: 218.15.233.238 www.jujumao.com
O1 - Hosts: 61.153.8.12 bbs.mumayi.net
O1 - Hosts: 211.152.182.218 www.in9.cn
O1 - Hosts: 59.42.254.55 www.msfans.net
O1 - Hosts: 66.98.250.38 www.virustotal.com
O1 - Hosts: 61.141.8.87 www.tomatolei.com
O1 - Hosts: 222.88.223.19 bbs.downxp.com
O1 - Hosts: 222.34.5.130 www.lai98.net
O1 - Hosts: 61.129.77.158 www.yuhome.net
O1 - Hosts: 61.186.254.62 www.8888i.net
O1 - Hosts: 61.143.210.98 56.com
O1 - Hosts: 218.93.127.205 www.crsky.com
O1 - Hosts: 218.66.104.201 www.greendown.cn
O1 - Hosts: 207.46.20.60 www.microsoft.com
O1 - Hosts: 207.46.198.60 www.microsoft.com
O1 - Hosts: 202.102.229.39 www.jorux.com
O1 - Hosts: 61.129.90.92 2pan.mumayi.net
O1 - Hosts: 218.5.77.88 www.keygen.cn
O1 - Hosts: 222.73.4.71 www.yisung.com
O1 - Hosts: 221.7.129.107 www.vdisk.cn
O1 - Hosts: 218.83.153.138 www.ys168.com
O1 - Hosts: 58.215.74.238 www.xieke.net
O1 - Hosts: 211.93.137.139 down.sanhaoonline.com
O1 - Hosts: 61.152.246.207 www.haha168.com
O1 - Hosts: 202.105.31.84 bbs.txaac.com
O1 - Hosts: 202.43.216.252 cn.mail.yahoo.com
O1 - Hosts: 222.90.211.190 disk.zzlygo.com
O1 - Hosts: 61.177.95.155 mail.163.com
O1 - Hosts: 202.103.178.115 bbs.webmoban.com
O1 - Hosts: 222.77.178.193 www.haipan.com
O1 - Hosts: 202.75.221.171 www.chinahtml.com
O1 - Hosts: 59.34.131.53 home.3326.com
O1 - Hosts: 61.128.198.57 www.admin8.net
O1 - Hosts: 221.229.240.229 www.5217.cn
O1 - Hosts: 61.152.188.38 www.bestmoban.com
O1 - Hosts: 61.152.188.38 hgdevil.mb8.cn
O1 - Hosts: 218.104.136.130 www.jaya.cn
O1 - Hosts: 218.30.110.209 xingqba.51.net
O1 - Hosts: 61.141.8.123 bbs.winzheng.com
O1 - Hosts: 61.153.32.84 www.0571e.com
O1 - Hosts: 218.17.247.222 www.cctv.com
O1 - Hosts: 61.135.152.20 bn.sina.com.cn
O1 - Hosts: 61.132.74.126 ettv.27h.com
O1 - Hosts: 202.103.66.63 www.mysee.com
O1 - Hosts: 202.105.81.136 10000.gd.cn
O1 - Hosts: 61.144.255.244 www.guqu.net
O1 - Hosts: 218.16.120.18 www.linkwan.com
O1 - Hosts: 202.108.119.193 www.21softs.com
O1 - Hosts: 202.108.119.193 www3.xinhuanet.com
O1 - Hosts: 219.239.89.53 www.enet.com.cn
O1 - Hosts: 218.30.82.62 bbs.btbbt.com
O1 - Hosts: 222.36.45.33 virtualhost.webplus.com.cn
O1 - Hosts: 61.145.121.115 www.ip138.com
O1 - Hosts: 219.137.2.4 benchmark.avl.com.cn
O1 - Hosts: 211.138.113.63 bbs.hzva.org
O1 - Hosts: 60.191.248.100 www.nofox.com
O1 - Hosts: 218.30.82.62 www.iciba.net
O1 - Hosts: 59.42.253.193 www.pgcw.com.cn
O1 - Hosts: 222.88.88.160 www.qfans.net
O1 - Hosts: 202.101.42.62 www.dreye.com.cn
O1 - Hosts: 220.181.18.114 file.baidu.com
O1 - Hosts: 61.144.192.201 www.diarybooks.com
O1 - Hosts: 60.191.35.120 www.gzc.com.cn
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用 IDM 下载 - D:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: 使用 IDM 下载所有链接 - D:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 用比特精灵下载(&B) - D:\Program Files\BitSpirit\bsurl.htm
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O17 - HKLM\System\CCS\Services\Tcpip\..\{5CE68622-E912-4E5A-92D1-329F9421891A}: NameServer = 192.168.0.1
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\system32\wdfmgr.exe (file missing)

开始→运行→输入services.msc，打开“服务”→查找Windows User Mode Driver Framework  →双击→启动类型→禁止→停止→应用→确定。禁止Windows User Mode Driver Framework 这个服务
重启
关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis，扫描结束后在下列选项前打上勾，然后选"修复""（如果有的话）
所有01项
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll（这项需要你来确认一下，如果你也不知道，建议删除）

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\system32\wdfmgr.exe (file missing)
删除
C:\WINDOWS\system32\wdfmgr.exe
D:\Program Files\Internet Download Manager\IDMIECC.dll

找不到　C:\WINDOWS\system32\wdfmgr.exe

IDM Helper　　我装了个IDM 下载软件可能是它的IE插件吧？

O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\system32\wdfmgr.exe (file missing)
这个文件应该是正常的，之所以会在服务项中出现恰恰是因为它丢失了，所以应该找回这个文件，而不是把它的服务项删掉。

也许是我太武断吧
不过还是事出有因的
我是以两个方面做出这个决定的
一是，我的系统在C:\WINDOWS\system32\并没有wdfmgr.exe
在服务里也没有  Windows User Mode Driver Framework