http://forum.ikaka.com/topic.asp?board=28&artid=8105899
下载HijackThis...把日志帖上来..


SRE 可能无法 快截处理咯 要删的项非常多.

[C:\WINDOWS\System32\xunleibho_v5.dll]  <><4, 3, 3, 30>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\WINDOWS\System32\ssup.dll]  <TENCENT><4, 1, 5, 51>
    [D:\新建文件夹\KUGOO\KuGoo2\KuGoo3DownXControl.ocx]  <N/A><N/A>
    [F:\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll]  <SEIKO EPSON CORPORATION><1, 0, 0, 0>
[PID: 1944][C:\WINDOWS\System32\Rundll32.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
    [F:\msn\messenger\MsgPlusLoader.dll]  <Patchou><3, 63, 4, 0>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
[PID: 684][C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe]  <Intel(R) Corporation><6.2.35.0>
    [C:\Program Files\Intel\NCS\PROSet\CHSPGUIR.dll]  <Intel(R) Corporation><6.2.35.0>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\Program Files\Intel\NCS\PROSet\8023\PNC802_3.dll]  <Intel(R) Corporation><6.2.35.0>
    [C:\Program Files\Intel\NCS\PROSet\8023\CHSPCMRs.dll]  <Intel(R) Corporation><6.2.35.0>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
[PID: 1000][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe]  <ATI Technologies, Inc.><6.14.10.5120>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll]  <ATI Technologies, Inc.><6.14.10.5120>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS]  <ATI Technologies, Inc.><6.14.10.5120>
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll]  <ATI Technologies, Inc.><6.14.10.5120>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
[PID: 1052][C:\WINDOWS\VM_STI.EXE]  <BIGDOG><4, 2, 610, 4>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\WINDOWS\System32\msdmo.dll]  <N/A><N/A>
    [C:\WINDOWS\System32\VM31bPrp.Ax]  <VM><4.2.711.31>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
[PID: 1104][D:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe]  <深圳市三代科技开发有限公司><1, 1, 0, 4>
    [D:\Program Files\Ringz Studio\Storm Downloader\boost_thread-vc6-mt-1_31.dll]  <N/A><N/A>
    [F:\msn\messenger\MsgPlusLoader.dll]  <Patchou><3, 63, 4, 0>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
[PID: 1072][F:\d\daemon.exe]  <DAEMON'S HOME><3.47.0.0>
    [C:\WINDOWS\daemon.dll]  <N/A><3.47.0.0>
    [F:\d\PFCTOC.DLL]  <Padus(R), Inc.><1, 0, 0, 12>
    [F:\d\Plugins\Images\ccdmount.dll]  <GENERIC><1.02.0.0>
    [F:\d\Plugins\Images\mdsmount.dll]  <GENERIC><1.01.0.0>
    [F:\d\Plugins\Images\pdimount.dll]  <GENERIC><1.01.0.0>
    [F:\d\Plugins\Images\nrgmount.dll]  <GENERIC><1.02.0.0>
    [F:\d\Plugins\Images\bw5mount.dll]  <N/A><1.0.2.0>
    [F:\msn\messenger\MsgPlusLoader.dll]  <Patchou><3, 63, 4, 0>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
[PID: 360][F:\msn\messenger\MsgPlus.exe]  <Patchou><3, 63, 0, 148>
    [F:\msn\messenger\MsgPlusLoader.dll]  <Patchou><3, 63, 4, 0>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
[PID: 1184][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3292>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
[PID: 1200][C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3W1.EXE]  <SEIKO EPSON CORPORATION><3.00>
    [F:\msn\messenger\MsgPlusLoader.dll]  <Patchou><3, 63, 4, 0>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
[PID: 1240][C:\WINDOWS\SOUNDMAN.EXE]  <Realtek Semiconductor Corp.><5.1.0.27>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
[PID: 1524][C:\WINDOWS\System32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
[PID: 1552][C:\Program Files\Messenger\MSMSGS.EXE]  <Microsoft Corporation><4.7.2010>
    [F:\msn\messenger\MsgPlusLoader.dll]  <Patchou><3, 63, 4, 0>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
[PID: 1556][C:\Program Files\Thunder Network\ThunderMini\program\ThunderMini.exe]  <Thunder Networking Technologies,LTD><2, 0, 1, 30>
    [F:\msn\messenger\MsgPlusLoader.dll]  <Patchou><3, 63, 4, 0>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\Program Files\Thunder Network\ThunderMini\program\download_interface.dll]  <N/A><N/A>
    [C:\Program Files\Thunder Network\ThunderMini\program\UpdateDownload.dll]  <Thunder Networking Technologies,LTD><1, 0, 1, 6>
    [C:\Program Files\Thunder Network\ThunderMini\Components\InMedia\iEmbedShell.dll]  <　><1, 0, 0, 6>
    [C:\Program Files\Thunder Network\ThunderMini\Components\InMedia\iEmbed.dll]  <　><2, 1, 0, 30>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
[PID: 1956][C:\Program Files\MSN Messenger\msnmsgr.exe]  <Microsoft Corporation><7.5.0322>
    [F:\msn\messenger\MsgPlusLoader.dll]  <Patchou><3, 63, 4, 0>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [F:\msn\messenger\MsgPlusH.dll]  <Patchou><3, 63, 0, 148>
    [F:\msn\messenger\Detoured.dll]  <N/A><N/A>
    [F:\msn\messenger\Resources\MsgPlusRes.dll]  <Patchou><3, 63, 4, 0>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>
    [C:\WINDOWS\System32\msdmo.dll]  <N/A><N/A>
    [F:\msn\messenger\RichEdHook.dll]  <N/A><N/A>
[PID: 1088][E:\Program Files\Tencent\TT\TTraveler.exe]  <腾讯公司><3.0.0.250>
    [F:\msn\messenger\MsgPlusLoader.dll]  <Patchou><3, 63, 4, 0>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [F:\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll]  <SEIKO EPSON CORPORATION><1, 0, 0, 0>
    [C:\Program Files\TENCENT\Sosobar\sosobar.dll]  <TENCENT><1, 1, 2, 32>
    [E:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll]  <腾讯公司><1, 1, 0, 5>
    [E:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll]  <><1, 0, 0, 3>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>

[E:\Program Files\Tencent\TT\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 4>
    [C:\WINDOWS\Downloaded Program Files\OL2005.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\RavWeb\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\RavWeb\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\RavWeb\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\RavWeb\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\RavWeb\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [C:\Program Files\Rising\RavWeb\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\RavWeb\MVEngine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
    [C:\Program Files\Rising\RavWeb\Engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [C:\Program Files\Rising\RavWeb\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\RavWeb\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\Program Files\Rising\RavWeb\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\RavWeb\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\RavWeb\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [C:\Program Files\Rising\RavWeb\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [C:\Program Files\Rising\RavWeb\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
    [C:\Program Files\Rising\RavWeb\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 17>
    [C:\Program Files\Rising\RavWeb\ExtMail.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [C:\Program Files\Rising\RavWeb\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\RavWeb\ExtFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\Program Files\Rising\RavWeb\RsStore.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\RavWeb\ScanNet.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
    [C:\WINDOWS\System32\Macromed\Common\SwSupport.dll]  <Macromedia, Inc.><10.0.1r4>
[PID: 1152][F:\1123\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [F:\msn\messenger\MsgPlusLoader.dll]  <Patchou><3, 63, 4, 0>
    [C:\WINDOWS\downlo~1\Nohxhy.dll]  <Tencent><4, 1, 7, 72>
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  <><2, 0, 1, 2>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

Logfile of HijackThis v1.99.1
Scan saved at 23:29:35, on 2006-7-23
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\VM_STI.EXE
D:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe
F:\d\daemon.exe
F:\msn\messenger\MsgPlus.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\Tencent\TT\TTraveler.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3W1.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Thunder Network\ThunderMini\program\ThunderMini.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\DOCUME~1\BLUEWA~1\LOCALS~1\Temp\Rar$EX02.714\HijackThis.exe

R3 - URLSearchHook: BDSrchHook Class - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v5.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {07814022-CF9B-4F39-889C-5D7E677B7F54} - C:\WINDOWS\System32\Lzhky.dll
O2 - BHO: (no name) - {07E9738D-153D-43C8-BC4D-E8A1F26D513D} - C:\WINDOWS\System32\Pwwi.dll
O2 - BHO: (no name) - {08880D23-6FEF-418E-98CE-B9DF0BD2F0BA} - C:\WINDOWS\System32\Avazre.dll (file missing)
O2 - BHO: 搜搜地址栏搜索 - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: (no name) - {0CCA28AC-3307-413B-AB97-745F800FB78F} - C:\WINDOWS\System32\Zmpsui.dll (file missing)
O2 - BHO: (no name) - {12C8ED4A-3633-4A07-AD2C-F57543C5A2A8} - C:\WINDOWS\System32\Tmksu.dll
O2 - BHO: (no name) - {13D2BF2A-4DDE-48DA-89DE-4C77FAB814A3} - C:\WINDOWS\System32\Biby.dll (file missing)
O2 - BHO: (no name) - {1A4323E3-F92A-4382-BE1A-9ECE12FEBB25} - C:\WINDOWS\System32\Dxeirk.dll
O2 - BHO: (no name) - {1A792ACF-C865-4ED0-8CBA-9DEF725E34F0} - C:\WINDOWS\System32\Ywdmd.dll (file missing)
O2 - BHO: (no name) - {1BFA083B-45C7-4393-AE14-6A3F20282890} - C:\WINDOWS\System32\Reji.dll
O2 - BHO: (no name) - {24FA371C-DF21-44D1-B02F-079E0EF1F8D3} - C:\WINDOWS\System32\Tyky.dll (file missing)
O2 - BHO: (no name) - {2E0CE26D-FF19-4C49-82F6-75F40956CF29} - C:\WINDOWS\System32\Hrokh.dll (file missing)
O2 - BHO: (no name) - {2FEE45CB-B0C0-424C-AEDA-7E905B8FC4D9} - C:\WINDOWS\System32\Zdsd.dll (file missing)
O2 - BHO: (no name) - {30AB1CD3-D3EB-457B-A2E8-D1D7235488FF} - C:\WINDOWS\System32\Pvwyh.dll (file missing)
O2 - BHO: (no name) - {32F7D54E-AB09-4D0D-BF23-2E6C2302283B} - C:\WINDOWS\System32\Zemj.dll (file missing)
O2 - BHO: (no name) - {3411C7EC-FF6E-4FDC-BD8B-4F81B865BDC8} - C:\WINDOWS\System32\Bkpy.dll
O2 - BHO: (no name) - {34C8CD49-2B93-4900-991F-F1A355258AF0} - C:\WINDOWS\System32\Idqhue.dll
O2 - BHO: (no name) - {35F810D9-A9ED-48ED-AB1E-DB273A4BED0B} - C:\WINDOWS\System32\Iddwxi.dll (file missing)
O2 - BHO: (no name) - {39C92D38-5BE5-451F-ABDA-B9817DA4FC86} - C:\WINDOWS\System32\Hfthjg.dll (file missing)
O2 - BHO: (no name) - {3F14219F-5BF4-42E2-9476-C2D4D068CA3F} - C:\WINDOWS\System32\Dkqpom.dll (file missing)
O2 - BHO: (no name) - {400ACBEB-2752-4682-A048-750F0B47DD66} - C:\WINDOWS\System32\Qjoa.dll (file missing)
O2 - BHO: (no name) - {462848FA-E201-4D1E-AEC6-414293805F49} - C:\WINDOWS\System32\Cfgktz.dll (file missing)
O2 - BHO: (no name) - {48E2D96A-336A-40CC-8BD0-EEEAD5811367} - C:\WINDOWS\System32\Mikhfq.dll (file missing)
O2 - BHO: (no name) - {4D6376E3-004A-4F51-AD9F-378F7FE69F76} - C:\WINDOWS\System32\Nekkfi.dll (file missing)
O2 - BHO: (no name) - {4DB6A1C3-F773-49E0-B1D8-F3818FF85BAF} - C:\WINDOWS\System32\Txrb.dll
O2 - BHO: (no name) - {4DDAD6C0-21D1-450C-9041-D6FAA1E75E14} - C:\WINDOWS\System32\Inqqh.dll (file missing)
O2 - BHO: (no name) - {51E415B3-AC85-45C7-84D4-9B298A6DDD48} - C:\WINDOWS\System32\Ymnc.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: (no name) - {574A8282-D728-4C1A-9A20-F0EB55AA2522} - C:\WINDOWS\System32\Fdokkk.dll
O2 - BHO: (no name) - {5A00A36B-1108-4838-A4DA-3B00AA713A82} - C:\WINDOWS\System32\Plhi.dll (file missing)
O2 - BHO: (no name) - {5BEC0952-F84D-41A9-83D3-E169A2968A99} - C:\WINDOWS\System32\Gtbk.dll (file missing)
O2 - BHO: (no name) - {63AB0BA6-C6A8-4902-B401-F34B4506713C} - C:\WINDOWS\System32\Bysz.dll
O2 - BHO: (no name) - {667A891C-5C41-4AFC-B941-A4C4CE63564A} - C:\WINDOWS\System32\Zjhs.dll (file missing)
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\WINDOWS\System32\ssup.dll
O2 - BHO: (no name) - {691C9250-5AF1-4DCD-96F9-CB781FDD961B} - C:\WINDOWS\System32\Bfymj.dll (file missing)
O2 - BHO: (no name) - {6D124DC5-05CC-473F-9DE7-EA8DCA820D36} - C:\WINDOWS\System32\Joae.dll (file missing)
O2 - BHO: (no name) - {6ED88564-08CE-44FA-B625-BEBF77CE7905} - C:\WINDOWS\System32\Fqlpa.dll
O2 - BHO: (no name) - {75B1CC5E-D531-4149-9977-C72253D4D845} - C:\WINDOWS\System32\Jltq.dll
O2 - BHO: (no name) - {77445AF3-0FF4-4F96-92A7-BFA7C8D6C312} - C:\WINDOWS\System32\Cgai.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: (no name) - {85B1CA25-2550-4854-87D4-57AC4190EFDE} - C:\WINDOWS\System32\Oepnlb.dll
O2 - BHO: (no name) - {8BB322F2-19FF-4487-9326-90707D7E5D76} - C:\WINDOWS\System32\Mjcgzn.dll (file missing)
O2 - BHO: ThunderMiniBHO - {8E6C1C49-F9CE-4311-9FB4-D70E8B0AEAEB} - C:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll
O2 - BHO: (no name) - {966E39B7-4CA1-4ADB-9C7A-10F2680F0FAA} - C:\WINDOWS\System32\Cbvw.dll (file missing)
O2 - BHO: (no name) - {9B31BAFB-3FF0-490B-8DEA-36F2EDBB5B68} - C:\WINDOWS\System32\Mtgd.dll (file missing)
O2 - BHO: (no name) - {9C5E545A-371F-42DB-972F-A1AE2D49561E} - C:\WINDOWS\System32\Fcjpab.dll (file missing)
O2 - BHO: (no name) - {9DCB3CF3-6374-46D1-9B13-9F3C83F67FB3} - C:\WINDOWS\System32\Qyqvlh.dll (file missing)
O2 - BHO: (no name) - {A16BE341-4988-4E04-8678-72A4CB4EAABB} - C:\WINDOWS\System32\Utnvq.dll (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - D:\新建文件夹\KUGOO\KuGoo2\KuGoo3DownXControl.ocx
O2 - BHO: (no name) - {A9AEB049-2CAD-4D11-A1CE-D2115BEDE0E9} - C:\WINDOWS\System32\Onqu.dll
O2 - BHO: (no name) - {A9CD0DD7-9990-4EEC-8A29-B607D99F2294} - C:\WINDOWS\System32\Effgez.dll
O2 - BHO: (no name) - {ABB367AC-9AD8-4CB3-9488-447203AF7E6F} - C:\WINDOWS\System32\Ipxyve.dll (file missing)
O2 - BHO: (no name) - {B601DF73-90B1-4146-90DA-8449C46368DC} - C:\WINDOWS\System32\Cvmygo.dll (file missing)
O2 - BHO: (no name) - {B86E8C1C-70B1-4A17-B593-6702155D07FC} - C:\WINDOWS\System32\Syap.dll (file missing)
O2 - BHO: (no name) - {BAD69EC6-2248-42A4-98DC-2B1BFD5DCDCE} - C:\WINDOWS\System32\Acjl.dll (file missing)
O2 - BHO: BDSrchHook Class - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
O2 - BHO: MSN 搜索工具栏 Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll
O2 - BHO: (no name) - {C08B57BC-5555-49FB-A936-9526EFE53F75} - C:\WINDOWS\System32\Qbtlqz.dll (file missing)
O2 - BHO: (no name) - {C497FC97-B7EA-4292-B100-A3B9EC41361E} - C:\WINDOWS\System32\Mjdc.dll (file missing)
O2 - BHO: (no name) - {C823E38E-B42C-4219-BDB9-36255B2A4B35} - C:\WINDOWS\System32\Tgwolu.dll
O2 - BHO: (no name) - {C92298BB-082F-415C-BD0A-2D2B4666A80B} - C:\WINDOWS\System32\Ngjrip.dll (file missing)
O2 - BHO: (no name) - {C93DDD79-4186-4DA6-AB0B-28CA20FEDDE5} - C:\WINDOWS\System32\Rakc.dll
O2 - BHO: (no name) - {C970C022-6C9F-4BB3-AC7B-C55F268F0E7F} - C:\WINDOWS\System32\Jzpme.dll (file missing)
O2 - BHO: (no name) - {CC54520B-985B-4BDB-840B-93F8CD7B9D49} - C:\WINDOWS\System32\Xyxv.dll (file missing)
O2 - BHO: (no name) - {CCDF3044-50B6-4FFB-AF7A-6FB06D386777} - C:\WINDOWS\System32\Hrnps.dll (file missing)
O2 - BHO: (no name) - {CD4DD638-0D8C-4B6B-AB3C-02E995AFD3A5} - C:\WINDOWS\System32\Ckfj.dll (file missing)
O2 - BHO: (no name) - {E05530DF-582C-4DD7-ABE9-B420FA0D798A} - C:\WINDOWS\System32\Woufd.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - F:\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {EE49D69A-EE78-4539-B2EF-77ED6CE8E7A2} - C:\WINDOWS\System32\Xxiejd.dll
O2 - BHO: (no name) - {EFC874A7-4160-4F79-9D26-39092AF904C7} - C:\WINDOWS\System32\Rnzyo.dll (file missing)
O2 - BHO: (no name) - {F27C8883-6CB2-466F-AF26-D48AEE1DBDB8} - C:\WINDOWS\System32\Xuqw.dll (file missing)
O2 - BHO: (no name) - {F2AD14D6-71D3-45F0-862A-F71C3C864B8B} - C:\WINDOWS\System32\Ajdnby.dll (file missing)
O2 - BHO: (no name) - {F382D56A-C0B7-4CDC-8E96-F498732A2CE7} - C:\WINDOWS\System32\Dppbg.dll
O2 - BHO: (no name) - {F765C6E1-0D66-4247-9F6D-6E674DE7A549} - C:\WINDOWS\System32\Nhqm.dll (file missing)
O2 - BHO: 搜搜工具条 - {F776AD93-F51B-412E-82B2-A8B389546C61} - C:\Program Files\TENCENT\Sosobar\sosobar1.dll

-7132212A8329} - C:\WINDOWS\System32\Vottt.dll
O2 - BHO: (no name) - {FA2B7A94-4852-42B8-8EF1-02012ABD0FE8} - C:\WINDOWS\System32\Oascux.dll (file missing)
O2 - BHO: (no name) - {FD91465B-0426-438E-9579-727586E5775F} - C:\WINDOWS\System32\Tcyub.dll
O2 - BHO: (no name) - {FF808CDC-81AF-4E9E-B376-C52F46C165AC} - C:\WINDOWS\System32\Ianjo.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing)
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - F:\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN 搜索工具栏 - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll
O3 - Toolbar: 搜搜工具条 - {11FD2946-180B-4545-981C-07C2FBB27F9D} - C:\Program Files\TENCENT\Sosobar\sosobar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Win2 USB PC Camera
O4 - HKLM\..\Run: [BIE] RUNDLL32.exe C:\WINDOWS\DOWNLO~1\BDSrHook.dll,Rundll32
O4 - HKLM\..\Run: [popo2004] E:\pao\start.exe
O4 - HKLM\..\Run: [MINI_BFYY] D:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [DAEMON Tools-1033] "F:\d\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [MessengerPlus3] "F:\msn\messenger\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [迅雷4] E:\Program Files\Sandai Technologies Inc\Thunder\MediaIssue\TDUpdate.exe
O4 - HKLM\..\Run: [EPSON ME 1] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3W1.EXE /P10 "EPSON ME 1" /O6 "USB002" /M "ME 1"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ThunderMini] C:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe
O4 - HKLM\..\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "D:\新建文件夹\BitComet\BitComet.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [MessengerPlus3] "F:\msn\messenger\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &使用暴风下载器下载 - D:\Program Files\Ringz Studio\Storm Downloader\geturl.htm
O8 - Extra context menu item: &使用迷你迅雷下载 - C:\Program Files\Thunder Network\ThunderMini\Program\GetUrl.htm
O8 - Extra context menu item: MSN 搜索(&M) - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll/search.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - D:\新建文~1\KUGOO\KUGOO2\KuGoo3DownX.htm
O8 - Extra context menu item: 在新的前台选项卡中打开 - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\zh-cn\msntabres.dll/230?529d58444dde4be988d52576ff6d560
O8 - Extra context menu item: 在新的后台选项卡中打开 - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\zh-cn\msntabres.dll/229?529d58444dde4be988d52576ff6d560
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: 解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\HEROSOFT\Hero3000\MPLAYER.EXE
O9 - Extra 'Tools' menuitem: 超级解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\HEROSOFT\Hero3000\MPLAYER.EXE
O9 - Extra button: 百度搜索伴侣 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: 易趣购物 - {DE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra 'Tools' menuitem: 易趣购物 - {DE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [!IESearch] !IESearch
O11 - Options group: [TBH] 搜搜地址栏搜索
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} (BDSrchHook Class) - http://bar.baidu.com/update/IESearch.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://www.mydrivers.com/swflash.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74820813-E1F4-4F14-8056-E9AFD1D9C2DF}: NameServer = 202.101.98.55,202.101.98.54
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BD3C040-BF7D-4C2E-95D5-B1A41CA40833}: NameServer = 202.101.98.55,202.101.98.54
O18 - Protocol: mp3 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

O2 - BHO: (no name) - {F844FCA3-0B76-4DAE-993C-7132212A8329} - C:\WINDOWS\System32\Vottt.dll
O2 - BHO: (no name) - {FA2B7A94-4852-42B8-8EF1-02012ABD0FE8} - C:\WINDOWS\System32\Oascux.dll (file missing)
O2 - BHO: (no name) - {FD91465B-0426-438E-9579-727586E5775F} - C:\WINDOWS\System32\Tcyub.dll
O2 - BHO: (no name) - {FF808CDC-81AF-4E9E-B376-C52F46C165AC} - C:\WINDOWS\System32\Ianjo.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing)
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - F:\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN 搜索工具栏 - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll
O3 - Toolbar: 搜搜工具条 - {11FD2946-180B-4545-981C-07C2FBB27F9D} - C:\Program Files\TENCENT\Sosobar\sosobar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Win2 USB PC Camera
O4 - HKLM\..\Run: [BIE] RUNDLL32.exe C:\WINDOWS\DOWNLO~1\BDSrHook.dll,Rundll32
O4 - HKLM\..\Run: [popo2004] E:\pao\start.exe
O4 - HKLM\..\Run: [MINI_BFYY] D:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [DAEMON Tools-1033] "F:\d\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [MessengerPlus3] "F:\msn\messenger\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [迅雷4] E:\Program Files\Sandai Technologies Inc\Thunder\MediaIssue\TDUpdate.exe
O4 - HKLM\..\Run: [EPSON ME 1] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3W1.EXE /P10 "EPSON ME 1" /O6 "USB002" /M "ME 1"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ThunderMini] C:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe
O4 - HKLM\..\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "D:\新建文件夹\BitComet\BitComet.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [MessengerPlus3] "F:\msn\messenger\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &使用暴风下载器下载 - D:\Program Files\Ringz Studio\Storm Downloader\geturl.htm
O8 - Extra context menu item: &使用迷你迅雷下载 - C:\Program Files\Thunder Network\ThunderMini\Program\GetUrl.htm
O8 - Extra context menu item: MSN 搜索(&M) - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll/search.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - D:\新建文~1\KUGOO\KUGOO2\KuGoo3DownX.htm
O8 - Extra context menu item: 在新的前台选项卡中打开 - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\zh-cn\msntabres.dll/230?529d58444dde4be988d52576ff6d560
O8 - Extra context menu item: 在新的后台选项卡中打开 - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\zh-cn\msntabres.dll/229?529d58444dde4be988d52576ff6d560
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: 解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\HEROSOFT\Hero3000\MPLAYER.EXE
O9 - Extra 'Tools' menuitem: 超级解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\HEROSOFT\Hero3000\MPLAYER.EXE
O9 - Extra button: 百度搜索伴侣 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: 易趣购物 - {DE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra 'Tools' menuitem: 易趣购物 - {DE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [!IESearch] !IESearch
O11 - Options group: [TBH] 搜搜地址栏搜索
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} (BDSrchHook Class) - http://bar.baidu.com/update/IESearch.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://www.mydrivers.com/swflash.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74820813-E1F4-4F14-8056-E9AFD1D9C2DF}: NameServer = 202.101.98.55,202.101.98.54
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BD3C040-BF7D-4C2E-95D5-B1A41CA40833}: NameServer = 202.101.98.55,202.101.98.54
O18 - Protocol: mp3 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis，扫描结束后在下列选项前打上勾，然后选"修复""
O2 - BHO: (no name) - {07814022-CF9B-4F39-889C-5D7E677B7F54} - C:\WINDOWS\System32\Lzhky.dll
O2 - BHO: (no name) - {07E9738D-153D-43C8-BC4D-E8A1F26D513D} - C:\WINDOWS\System32\Pwwi.dll
O2 - BHO: (no name) - {08880D23-6FEF-418E-98CE-B9DF0BD2F0BA} - C:\WINDOWS\System32\Avazre.dll (file missing)
O2 - BHO: 搜搜地址栏搜索 - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: (no name) - {0CCA28AC-3307-413B-AB97-745F800FB78F} - C:\WINDOWS\System32\Zmpsui.dll (file missing)
O2 - BHO: (no name) - {12C8ED4A-3633-4A07-AD2C-F57543C5A2A8} - C:\WINDOWS\System32\Tmksu.dll
O2 - BHO: (no name) - {13D2BF2A-4DDE-48DA-89DE-4C77FAB814A3} - C:\WINDOWS\System32\Biby.dll (file missing)
O2 - BHO: (no name) - {1A4323E3-F92A-4382-BE1A-9ECE12FEBB25} - C:\WINDOWS\System32\Dxeirk.dll
O2 - BHO: (no name) - {1A792ACF-C865-4ED0-8CBA-9DEF725E34F0} - C:\WINDOWS\System32\Ywdmd.dll (file missing)
O2 - BHO: (no name) - {1BFA083B-45C7-4393-AE14-6A3F20282890} - C:\WINDOWS\System32\Reji.dll
O2 - BHO: (no name) - {24FA371C-DF21-44D1-B02F-079E0EF1F8D3} - C:\WINDOWS\System32\Tyky.dll (file missing)
O2 - BHO: (no name) - {2E0CE26D-FF19-4C49-82F6-75F40956CF29} - C:\WINDOWS\System32\Hrokh.dll (file missing)
O2 - BHO: (no name) - {2FEE45CB-B0C0-424C-AEDA-7E905B8FC4D9} - C:\WINDOWS\System32\Zdsd.dll (file missing)
O2 - BHO: (no name) - {30AB1CD3-D3EB-457B-A2E8-D1D7235488FF} - C:\WINDOWS\System32\Pvwyh.dll (file missing)
O2 - BHO: (no name) - {32F7D54E-AB09-4D0D-BF23-2E6C2302283B} - C:\WINDOWS\System32\Zemj.dll (file missing)
O2 - BHO: (no name) - {3411C7EC-FF6E-4FDC-BD8B-4F81B865BDC8} - C:\WINDOWS\System32\Bkpy.dll
O2 - BHO: (no name) - {34C8CD49-2B93-4900-991F-F1A355258AF0} - C:\WINDOWS\System32\Idqhue.dll
O2 - BHO: (no name) - {35F810D9-A9ED-48ED-AB1E-DB273A4BED0B} - C:\WINDOWS\System32\Iddwxi.dll (file missing)
O2 - BHO: (no name) - {39C92D38-5BE5-451F-ABDA-B9817DA4FC86} - C:\WINDOWS\System32\Hfthjg.dll (file missing)
O2 - BHO: (no name) - {3F14219F-5BF4-42E2-9476-C2D4D068CA3F} - C:\WINDOWS\System32\Dkqpom.dll (file missing)
O2 - BHO: (no name) - {400ACBEB-2752-4682-A048-750F0B47DD66} - C:\WINDOWS\System32\Qjoa.dll (file missing)
O2 - BHO: (no name) - {462848FA-E201-4D1E-AEC6-414293805F49} - C:\WINDOWS\System32\Cfgktz.dll (file missing)
O2 - BHO: (no name) - {48E2D96A-336A-40CC-8BD0-EEEAD5811367} - C:\WINDOWS\System32\Mikhfq.dll (file missing)
O2 - BHO: (no name) - {4D6376E3-004A-4F51-AD9F-378F7FE69F76} - C:\WINDOWS\System32\Nekkfi.dll (file missing)
O2 - BHO: (no name) - {4DB6A1C3-F773-49E0-B1D8-F3818FF85BAF} - C:\WINDOWS\System32\Txrb.dll
O2 - BHO: (no name) - {4DDAD6C0-21D1-450C-9041-D6FAA1E75E14} - C:\WINDOWS\System32\Inqqh.dll (file missing)
O2 - BHO: (no name) - {51E415B3-AC85-45C7-84D4-9B298A6DDD48} - C:\WINDOWS\System32\Ymnc.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: (no name) - {574A8282-D728-4C1A-9A20-F0EB55AA2522} - C:\WINDOWS\System32\Fdokkk.dll
O2 - BHO: (no name) - {5A00A36B-1108-4838-A4DA-3B00AA713A82} - C:\WINDOWS\System32\Plhi.dll (file missing)
O2 - BHO: (no name) - {5BEC0952-F84D-41A9-83D3-E169A2968A99} - C:\WINDOWS\System32\Gtbk.dll (file missing)
O2 - BHO: (no name) - {63AB0BA6-C6A8-4902-B401-F34B4506713C} - C:\WINDOWS\System32\Bysz.dll
O2 - BHO: (no name) - {667A891C-5C41-4AFC-B941-A4C4CE63564A} - C:\WINDOWS\System32\Zjhs.dll (file missing)
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\WINDOWS\System32\ssup.dll
O2 - BHO: (no name) - {691C9250-5AF1-4DCD-96F9-CB781FDD961B} - C:\WINDOWS\System32\Bfymj.dll (file missing)
O2 - BHO: (no name) - {6D124DC5-05CC-473F-9DE7-EA8DCA820D36} - C:\WINDOWS\System32\Joae.dll (file missing)
O2 - BHO: (no name) - {6ED88564-08CE-44FA-B625-BEBF77CE7905} - C:\WINDOWS\System32\Fqlpa.dll
O2 - BHO: (no name) - {75B1CC5E-D531-4149-9977-C72253D4D845} - C:\WINDOWS\System32\Jltq.dll
O2 - BHO: (no name) - {77445AF3-0FF4-4F96-92A7-BFA7C8D6C312} - C:\WINDOWS\System32\Cgai.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: (no name) - {85B1CA25-2550-4854-87D4-57AC4190EFDE} - C:\WINDOWS\System32\Oepnlb.dll
O2 - BHO: (no name) - {8BB322F2-19FF-4487-9326-90707D7E5D76} - C:\WINDOWS\System32\Mjcgzn.dll (file missing
O2 - BHO: (no name) - {966E39B7-4CA1-4ADB-9C7A-10F2680F0FAA} - C:\WINDOWS\System32\Cbvw.dll (file missing)
O2 - BHO: (no name) - {9B31BAFB-3FF0-490B-8DEA-36F2EDBB5B68} - C:\WINDOWS\System32\Mtgd.dll (file missing)
O2 - BHO: (no name) - {9C5E545A-371F-42DB-972F-A1AE2D49561E} - C:\WINDOWS\System32\Fcjpab.dll (file missing)
O2 - BHO: (no name) - {9DCB3CF3-6374-46D1-9B13-9F3C83F67FB3} - C:\WINDOWS\System32\Qyqvlh.dll (file missing)
O2 - BHO: (no name) - {A16BE341-4988-4E04-8678-72A4CB4EAABB} - C:\WINDOWS\System32\Utnvq.dll (file missing)
O2 - BHO: (no name) - {A9AEB049-2CAD-4D11-A1CE-D2115BEDE0E9} - C:\WINDOWS\System32\Onqu.dll
O2 - BHO: (no name) - {A9CD0DD7-9990-4EEC-8A29-B607D99F2294} - C:\WINDOWS\System32\Effgez.dll
O2 - BHO: (no name) - {ABB367AC-9AD8-4CB3-9488-447203AF7E6F} - C:\WINDOWS\System32\Ipxyve.dll (file missing)
O2 - BHO: (no name) - {B601DF73-90B1-4146-90DA-8449C46368DC} - C:\WINDOWS\System32\Cvmygo.dll (file missing)
O2 - BHO: (no name) - {B86E8C1C-70B1-4A17-B593-6702155D07FC} - C:\WINDOWS\System32\Syap.dll (file missing)
O2 - BHO: (no name) - {BAD69EC6-2248-42A4-98DC-2B1BFD5DCDCE} - C:\WINDOWS\System32\Acjl.dll (file missing)
O2 - BHO: (no name) - {C08B57BC-5555-49FB-A936-9526EFE53F75} - C:\WINDOWS\System32\Qbtlqz.dll (file missing)
O2 - BHO: (no name) - {C497FC97-B7EA-4292-B100-A3B9EC41361E} - C:\WINDOWS\System32\Mjdc.dll (file missing)
O2 - BHO: (no name) - {C823E38E-B42C-4219-BDB9-36255B2A4B35} - C:\WINDOWS\System32\Tgwolu.dll
O2 - BHO: (no name) - {C92298BB-082F-415C-BD0A-2D2B4666A80B} - C:\WINDOWS\System32\Ngjrip.dll (file missing)
O2 - BHO: (no name) - {C93DDD79-4186-4DA6-AB0B-28CA20FEDDE5} - C:\WINDOWS\System32\Rakc.dll
O2 - BHO: (no name) - {C970C022-6C9F-4BB3-AC7B-C55F268F0E7F} - C:\WINDOWS\System32\Jzpme.dll (file missing)
O2 - BHO: (no name) - {CC54520B-985B-4BDB-840B-93F8CD7B9D49} - C:\WINDOWS\System32\Xyxv.dll (file missing)
O2 - BHO: (no name) - {CCDF3044-50B6-4FFB-AF7A-6FB06D386777} - C:\WINDOWS\System32\Hrnps.dll (file missing)
O2 - BHO: (no name) - {CD4DD638-0D8C-4B6B-AB3C-02E995AFD3A5} - C:\WINDOWS\System32\Ckfj.dll (file missing)
O2 - BHO: (no name) - {E05530DF-582C-4DD7-ABE9-B420FA0D798A} - C:\WINDOWS\System32\Woufd.dll
O2 - BHO: (no name) - {EE49D69A-EE78-4539-B2EF-77ED6CE8E7A2} - C:\WINDOWS\System32\Xxiejd.dll
O2 - BHO: (no name) - {EFC874A7-4160-4F79-9D26-39092AF904C7} - C:\WINDOWS\System32\Rnzyo.dll (file missing)
O2 - BHO: (no name) - {F27C8883-6CB2-466F-AF26-D48AEE1DBDB8} - C:\WINDOWS\System32\Xuqw.dll (file missing)
O2 - BHO: (no name) - {F2AD14D6-71D3-45F0-862A-F71C3C864B8B} - C:\WINDOWS\System32\Ajdnby.dll (file missing)
O2 - BHO: (no name) - {F382D56A-C0B7-4CDC-8E96-F498732A2CE7} - C:\WINDOWS\System32\Dppbg.dll
O2 - BHO: (no name) - {F765C6E1-0D66-4247-9F6D-6E674DE7A549} - C:\WINDOWS\System32\Nhqm.dll (file missing)
O2 - BHO: 搜搜工具条 - {F776AD93-F51B-412E-82B2-A8B389546C61} - C:\Program Files\TENCENT\Sosobar\sosobar1.dl
O2 - BHO: (no name) - {FA2B7A94-4852-42B8-8EF1-02012ABD0FE8} - C:\WINDOWS\System32\Oascux.dll (file missing)
O2 - BHO: (no name) - {FD91465B-0426-438E-9579-727586E5775F} - C:\WINDOWS\System32\Tcyub.dll
O2 - BHO: (no name) - {FF808CDC-81AF-4E9E-B376-C52F46C165AC} - C:\WINDOWS\System32\Ianjo.dll
重启后，再扫份日志粘上来。

你安装的流氓软件太多了，用超级兔子清理以下