HijackThis@Qoo的扫描日志  V1.97.7
Scan saved at 11:26:39, on 2006-8-8
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\KV2005\KVMonXP.kxp
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\CTFMON.EXE
C:\PROGRA~1\KV2005\KVSrvXP.exe
C:\Program Files\KV2005\kvwsc.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\KV2005\TrojDie.kxp
C:\Program Files\KV2005\KRegEx.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe
C:\Documents and Settings\Administrator\桌面\hijackthis1.97_qoo\HijackThis.exe

R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v14.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yAngling.dll
O2 - BHO: (no name) - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: (no name) - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\Program Files\KV2005\KvShell_1.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll
O2 - BHO: update wnwb - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll
O2 - BHO: (no name) - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll
O3 - Toolbar: ????? - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - Toolbar: ????? - {B5A34A93-D538-43A7-8371-864CB6148D12} - C:\Program Files\KV2005\KvShell_1.dll
O3 - Toolbar: ????? - {40987A5C-6AB8-4977-8BE9-A8889DE2EDCC} - C:\Program Files\Copyso\CopysoIE-2006-03-04-08-53-57.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Alitalk] C:\PROGRA~1\
O4 - HKLM\..\Run: [KvMonXP] "C:\Program Files\KV2005\KVMonXP.kxp" /auto
O4 - HKLM\..\Run: [Install Alitalk] C:\WINDOWS\temp\alitalk\alitalk.exe -hideframe
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [Netpise] C:\Program Files\Netpise Software\Netpise V1.2\Netpise.exe
O4 - HKLM\..\Run: [Thunder] C:\Program Files\Thunder Network\Thunder\Thunder.exe /s
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\download\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - HKLM\..\Run: [CnsMHlp.exe] C:\WINDOWS\Downloaded Program files\CnsMHlp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KvXP] "C:\Program Files\KV2005\KvXP.kxp" /ScanBoot /ScanSys
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: NTUSER.DAT
O4 - Startup: dotNetFx.log
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O4 - Startup: Motorola_Driver_Log.txt
O4 - Startup: USBMOT2000.INF
O4 - Startup: usbsermpt.sys
O4 - Startup: USB_CMCS_2000.INF
O4 - Startup: usbsermptxp.sys
O4 - Startup: USBMOT2000XP.INF
O4 - Startup: 1147245180-oem4.inf
O4 - Startup: 1147245180-oem4.PNF
O4 - Startup: 1147245180-oem5.inf
O4 - Startup: 1147245180-oem5.PNF
O4 - Startup: 1147245180-oem6.inf
O4 - Startup: 1147245180-oem6.PNF
O4 - Startup: 1147345392-oem4.inf
O4 - Startup: 1147345392-oem4.PNF
O4 - Startup: 1147345392-oem5.inf
O4 - Startup: 1147345392-oem5.PNF
O4 - Startup: 1147345392-oem6.inf
O4 - Startup: 1147345392-oem6.PNF
O4 - Startup: 1147345433-oem4.inf
O4 - Startup: 1147345433-oem4.PNF
O4 - Startup: 1147345433-oem5.inf
O4 - Startup: 1147345433-oem5.PNF
O4 - Startup: 1147345433-oem6.inf
O4 - Startup: 1147345433-oem6.PNF
O4 - Startup: 1147345690-oem4.inf
O4 - Startup: 1147345690-oem4.PNF
O4 - Startup: 1147345690-oem5.inf
O4 - Startup: 1147345690-oem5.PNF
O4 - Startup: 1147345690-oem6.inf
O4 - Startup: 1147345690-oem6.PNF
O4 - Startup: 1147345725-oem4.inf
O4 - Startup: 1147345725-oem4.PNF
O4 - Startup: 1147345725-oem5.inf
O4 - Startup: 1147345725-oem5.PNF
O4 - Startup: 1147345725-oem6.inf
O4 - Startup: 1147345725-oem6.PNF
O4 - Startup: 1147346219-oem4.inf
O4 - Startup: 1147346219-oem4.PNF
O4 - Startup: 1147346219-oem5.inf
O4 - Startup: 1147346219-oem5.PNF
O4 - Startup: 1147346224-oem6.inf
O4 - Startup: 1147346224-oem6.PNF
O4 - Global Startup: ntuser.dat
O4 - Global Startup: ntuser.dat.LOG
O4 - Global Startup: ntuser.pol
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 添加到雅虎订阅(&Y) - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/203
O9 - Extra button: QQ (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\kvwspxp_1.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\kvwspxp_1.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\kvwspxp_1.dll
O11 - Options group: [!CNS] 
O11 - Options group: [CDNCLIENT] 
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} (LiveMediaOcx Control) - http://dl_dir.qq.com/qqtv/QQLiveOcxSetup.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{DF7BFD7F-1238-4DDF-A7B8-3B68A5312795}: NameServer = 202.102.128.68,202.102.134.68

R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O2 - BHO: (no name) - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\Program Files\KV2005\KvShell_1.dll
O3 - Toolbar: ????? - {40987A5C-6AB8-4977-8BE9-A8889DE2EDCC} - C:\Program Files\Copyso\CopysoIE-2006-03-04-08-53-57.dll
直接修复

O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll
到我的E盘下载：恶意软件清理助手
http://free5.ys168.com/?ufwihgu168

卸掉这两项
O11 - Options group: [!CNS]
O11 - Options group: [CDNCLIENT]

重启后删除
C:\Program Files\Copyso

启动项太多，

请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。