HijackThis_zww汉化版扫描日志 V1.99.1
保存于      18:40:06, 日期 2006-7-31
操作系统：  Windows XP  (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 (6.00.2600.0000)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\TEZG\command.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\CNNIC\Cdn\cdnup.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\COMM\Network.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Maxthon\Maxthon.exe
D:\软件工具\新建文件夹\HijackThis1[1].99.1\HijackThis1[1].99.1\HijackThis1991zww.exe

R3 - URLSearchHook: (no name) - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - (no file)
R3 - URLSearchHook: (no name) - {2BFD657D-254D-463D-9A73-DC3FAC6E1460} - C:\WINDOWS\System32\Ucfuih.dll
R3 - URLSearchHook: (no name) - {DD4A81C7-A915-4AF3-B20C-142CAC689BEE} - C:\WINDOWS\System32\Nsgbo.dll
R3 - URLSearchHook: (no name) - {43A92925-CFA1-4E79-8875-33230AF56A8C} - C:\WINDOWS\System32\Toeska.dll
R3 - URLSearchHook: (no name) - {0A04045C-89C8-485A-AADF-4E948D6883FC} - C:\WINDOWS\System32\Ivgc.dll
R3 - URLSearchHook: (no name) - {81B59515-19B7-4320-89E8-648A211F1D71} - C:\WINDOWS\System32\Ojzhed.dll
R3 - URLSearchHook: (no name) - {618C1A45-A7AB-4516-88F0-76244E9D4DAF} - C:\WINDOWS\System32\Bdliul.dll
R3 - URLSearchHook: (no name) - {2BA6AFAD-EFC2-4AC3-AA2D-574B1FDBFA4A} - C:\WINDOWS\System32\Usghqz.dll
R3 - URLSearchHook: (no name) - {3B87034D-2973-425A-8897-B85C24D2E37A} - C:\WINDOWS\System32\Uowem.dll
R3 - URLSearchHook: (no name) - {DC0FF9BF-3B17-48DD-B59B-69C349CD28FB} - C:\WINDOWS\System32\Pxqswe.dll
R3 - URLSearchHook: (no name) - {23C10677-7B3D-4302-B49D-A6EA2D8A78A6} - C:\WINDOWS\System32\Orlb.dll
R3 - URLSearchHook: (no name) - {F3BD6536-BF94-4EB3-9F7C-BF9791CBBE41} - C:\WINDOWS\System32\Qyjt.dll
R3 - URLSearchHook: (no name) - {1CAF1C54-64EA-4F4F-9048-40F183B7990C} - C:\WINDOWS\System32\Nkzm.dll
R3 - URLSearchHook: (no name) - {473E7684-86CB-4AEC-BFFF-B21C1F2BFBA2} - C:\WINDOWS\System32\Aband.dll
R3 - URLSearchHook: (no name) - {F9668DAC-E9F8-41D2-A558-24929379EB15} - C:\WINDOWS\System32\Lxdhjs.dll
R3 - URLSearchHook: (no name) - {59AA8E6D-05DC-457C-8447-0E88C6D89259} - C:\WINDOWS\System32\Vgbrcd.dll
R3 - URLSearchHook: (no name) - {3C3160B4-AA3F-4CE0-8F88-7B1279AD0796} - C:\WINDOWS\System32\Elkhcz.dll
R3 - URLSearchHook: (no name) - {FB507859-41D0-4490-A29F-84ED7796BB97} - C:\WINDOWS\System32\Hadx.dll
R3 - URLSearchHook: (no name) - {8A6C1616-B1EA-43A4-8902-09D52B112D81} - C:\WINDOWS\System32\Srahvv.dll
R3 - URLSearchHook: (no name) - {0ECFE4B8-F7CB-49FA-985B-D3E6722ADCCB} - C:\WINDOWS\System32\Effjz.dll
R3 - URLSearchHook: (no name) - {7C98F87C-63AF-4064-BA5B-84AA94E0B42C} - C:\WINDOWS\System32\Sbcnc.dll
R3 - URLSearchHook: (no name) - {C8E533AF-D9D4-467E-8EB7-9EDC7B92A82B} - C:\WINDOWS\System32\Qjerkx.dll
R3 - URLSearchHook: (no name) - {69F771EB-CD2B-45A3-93EC-7ADB1043B79E} - C:\WINDOWS\System32\Ywmy.dll
R3 - URLSearchHook: (no name) - {43FB329F-61CF-44A6-86D2-2F8F2463B192} - C:\WINDOWS\System32\Jivz.dll
R3 - URLSearchHook: (no name) - {1436C171-F8F7-4D47-99E8-06A3CDF3BD00} - C:\WINDOWS\System32\Blfccj.dll
R3 - URLSearchHook: (no name) - {964B88A6-D74A-448B-A2FA-D5DF654C64D5} - C:\WINDOWS\System32\Rixrim.dll
R3 - URLSearchHook: (no name) - {3BA5C514-A0D1-436B-93F7-5513E548B23D} - C:\WINDOWS\System32\Ynwiao.dll
R3 - URLSearchHook: (no name) - {E90632EA-C194-425C-8B2B-09930932CD63} - C:\WINDOWS\System32\Vjsd.dll
R3 - URLSearchHook: (no name) - {A39252F5-7B13-495C-B32D-648F9ADB8161} - C:\WINDOWS\System32\Mtixpq.dll
R3 - URLSearchHook: (no name) - {AF18B1BD-3C85-41AF-B1EE-AEFA6F7FB190} - C:\WINDOWS\System32\Uiixr.dll
R3 - URLSearchHook: (no name) - {314ACB9C-7F04-4742-B1C4-00141D0EA289} - C:\WINDOWS\System32\Zwna.dll
R3 - URLSearchHook: (no name) - {0862B9C9-E0B3-4EC8-8BB2-A6EDF9F47F39} - C:\WINDOWS\System32\Gamb.dll

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\E26Start.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\nkagk.exe,C:\WINDOWS\System32\inituser.exe
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v4.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0862B9C9-E0B3-4EC8-8BB2-A6EDF9F47F39} - C:\WINDOWS\System32\Gamb.dll
O2 - BHO: (no name) - {0A04045C-89C8-485A-AADF-4E948D6883FC} - C:\WINDOWS\System32\Ivgc.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - (no file)
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS\System32\wmpdrm.dll (file missing)
O2 - BHO: (no name) - {0ECFE4B8-F7CB-49FA-985B-D3E6722ADCCB} - C:\WINDOWS\System32\Effjz.dll
O2 - BHO: (no name) - {1436C171-F8F7-4D47-99E8-06A3CDF3BD00} - C:\WINDOWS\System32\Blfccj.dll
O2 - BHO: MyIEHelper Class - {16A770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4644.dll
O2 - BHO: (no name) - {1CAF1C54-64EA-4F4F-9048-40F183B7990C} - C:\WINDOWS\System32\Nkzm.dll
O2 - BHO: FltSetUp Class - {1D49D58D-5C84-4B50-8359-D9809BEB2B32} - C:\Program Files\Internet Explorer\Connection Wizard\icwnet.dll
O2 - BHO: (no name) - {23C10677-7B3D-4302-B49D-A6EA2D8A78A6} - C:\WINDOWS\System32\Orlb.dll
O2 - BHO: (no name) - {2BA6AFAD-EFC2-4AC3-AA2D-574B1FDBFA4A} - C:\WINDOWS\System32\Usghqz.dll
O2 - BHO: (no name) - {2BFD657D-254D-463D-9A73-DC3FAC6E1460} - C:\WINDOWS\System32\Ucfuih.dll
O2 - BHO: (no name) - {314ACB9C-7F04-4742-B1C4-00141D0EA289} - C:\WINDOWS\System32\Zwna.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll
O2 - BHO: (no name) - {3B87034D-2973-425A-8897-B85C24D2E37A} - C:\WINDOWS\System32\Uowem.dll
O2 - BHO: (no name) - {3BA5C514-A0D1-436B-93F7-5513E548B23D} - C:\WINDOWS\System32\Ynwiao.dll
O2 - BHO: (no name) - {3C3160B4-AA3F-4CE0-8F88-7B1279AD0796} - C:\WINDOWS\System32\Elkhcz.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: NetEASE Blocker - {4106B474-4C59-4911-83BA-2053AFEC8F72} - (no file)
O2 - BHO: (no name) - {43A92925-CFA1-4E79-8875-33230AF56A8C} - C:\WINDOWS\System32\Toeska.dll
O2 - BHO: (no name) - {43FB329F-61CF-44A6-86D2-2F8F2463B192} - C:\WINDOWS\System32\Jivz.dll
O2 - BHO: (no name) - {473E7684-86CB-4AEC-BFFF-B21C1F2BFBA2} - C:\WINDOWS\System32\Aband.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - (no file)
O2 - BHO: Macrosoft Class - {58DB541D-F15A-4e95-A5D9-5DF5EE13920C} - c:\windows\system32\winlogin.dll
O2 - BHO: (no name) - {59AA8E6D-05DC-457C-8447-0E88C6D89259} - C:\WINDOWS\System32\Vgbrcd.dll
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O2 - BHO: (no name) - {618C1A45-A7AB-4516-88F0-76244E9D4DAF} - C:\WINDOWS\System32\Bdliul.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: ActiveBHO Class - {63C55A7F-6E29-8D4F-5C76-4F850F28D13A} - C:\Progra~1\DoDoorRSSFinder\ActiveBandObject.dll
O2 - BHO: (no name) - {69F771EB-CD2B-45A3-93EC-7ADB1043B79E} - C:\WINDOWS\System32\Ywmy.dll
O2 - BHO: EyeOnIE Class - {6E28339B-7A2A-47B6-AEB2-46BA53782379} - C:\PROGRA~1\IS\BhoPlugin.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: (no name) - {7C98F87C-63AF-4064-BA5B-84AA94E0B42C} - C:\WINDOWS\System32\Sbcnc.dll
O2 - BHO: (no name) - {81B59515-19B7-4320-89E8-648A211F1D71} - C:\WINDOWS\System32\Ojzhed.dll
O2 - BHO: (no name) - {8A6C1616-B1EA-43A4-8902-09D52B112D81} - C:\WINDOWS\System32\Srahvv.dll
O2 - BHO: (no name) - {964B88A6-D74A-448B-A2FA-D5DF654C64D5} - C:\WINDOWS\System32\Rixrim.dll
O2 - BHO: IEHlprObj Class - {999ADFA2-8AD1-47ff-97FC-69FB847458F4} - C:\Progra~1\NetMeeting\nmview.dll
O2 - BHO: estAliveObj Class - {A2B7A0F0-B697-4A71-8D91-43443F57D7BB} - C:\WINDOWS\estAlive.dll
O2 - BHO: (no name) - {A39252F5-7B13-495C-B32D-648F9ADB8161} - C:\WINDOWS\System32\Mtixpq.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: (no name) - {AF18B1BD-3C85-41AF-B1EE-AEFA6F7FB190} - C:\WINDOWS\System32\Uiixr.dll
O2 - BHO: EawMtfoc Class - {BE1C6D45-E46F-C118-3198-420796FD2C6D} - C:\WINDOWS\DOWNLO~1\lcdbtu.dll
O2 - BHO: (no name) - {C8E533AF-D9D4-467E-8EB7-9EDC7B92A82B} - C:\WINDOWS\System32\Qjerkx.dll
O2 - BHO: (no name) - {DC0FF9BF-3B17-48DD-B59B-69C349CD28FB} - C:\WINDOWS\System32\Pxqswe.dll
O2 - BHO: (no name) - {DD4A81C7-A915-4AF3-B20C-142CAC689BEE} - C:\WINDOWS\System32\Nsgbo.dll
O2 - BHO: (no name) - {E90632EA-C194-425C-8B2B-09930932CD63} - C:\WINDOWS\System32\Vjsd.dll
O2 - BHO: Letscool System Helper - {F0C15012-7DBD-4068-95A2-0A82DB03AC35} - C:\WINDOWS\System32\CoolBho.dll
O2 - BHO: BHelper Class - {F2E37336-BFDB-409B-8D0E-6F013C438B20} - C:\WINDOWS\system\49do8d80.dll
O2 - BHO: (no name) - {F3BD6536-BF94-4EB3-9F7C-BF9791CBBE41} - C:\WINDOWS\System32\Qyjt.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll
O2 - BHO: IEHlprObj Class - {F5B3ECED-9BF3-4f7e-882B-A6E75343C499} - C:\Progra~1\NetMeeting\netinit.dll
O2 - BHO: (no name) - {F9668DAC-E9F8-41D2-A558-24929379EB15} - C:\WINDOWS\System32\Lxdhjs.dll
O2 - BHO: (no name) - {FB507859-41D0-4490-A29F-84ED7796BB97} - C:\WINDOWS\System32\Hadx.dll

O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - IE工具栏增项: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Program Files\BitComet\BitCometBar\BitCometBar0.3.dll
O3 - IE工具栏增项: 网易搜霸 - {F7B26F28-5BB9-48A1-A7A3-6A6B82B92A45} - (no file)
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file)
O3 - IE工具栏增项: (no name) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - (no file)
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - 启动项HKLM\\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - 启动项HKLM\\Run: [] C:\WINDOWS\System32\E26Start.exe
O4 - 启动项HKLM\\Run: [LetsCool] C:\Program Files\LetsCool\LetsCool.exe
O4 - 启动项HKLM\\Run: [KAVPersonal50] "d:\Program Files\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: IE-Bar.lnk = C:\Program Files\Common Files\IE-Bar\iebar.exe
O8 - IE右键菜单中的新增项目: &使用屁屁狗[PPGou]加速下载 - C:\PROGRA~1\PPGOU\geturl.htm
O8 - IE右键菜单中的新增项目: &使用暴风下载器下载 - D:\Program Files\Storm Downloader\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder\getallurl.htm
O8 - IE右键菜单中的新增项目: >>彩信发送<< - res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\软件集合\应用软件\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用IS下载 - C:\PROGRA~1\IS\IS.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Excel(&x) - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 导出当前页到超星阅览器(&A) - D:\SSREADER36\ss_all.htm
O8 - IE右键菜单中的新增项目: 导出选中部分到超星阅览器(&S) - D:\SSREADER36\ss_select.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\软件集合\应用软件\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\软件集合\应用软件\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 添加到雅虎订阅(&Y) - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\软件集合\应用软件\SendMMS.htm
O8 - IE右键菜单中的新增项目: 百度--MP3搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUMP3.HTM
O8 - IE右键菜单中的新增项目: 百度--图片搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUIMG.HTM
O8 - IE右键菜单中的新增项目: 百度--地图搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_MAP.HTM
O8 - IE右键菜单中的新增项目: 百度--新闻搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUNEWS.HTM
O8 - IE右键菜单中的新增项目: 百度--歌词搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDULYRIC.HTM
O8 - IE右键菜单中的新增项目: 百度--知道搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_ZHIDAO.HTM
O8 - IE右键菜单中的新增项目: 百度--硬盘搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_DISK.HTM
O8 - IE右键菜单中的新增项目: 百度--站内搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_SITE.HTM
O8 - IE右键菜单中的新增项目: 百度--网页搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM
O8 - IE右键菜单中的新增项目: 百度--词典搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_DIC.HTM
O8 - IE右键菜单中的新增项目: 百度--贴吧搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUPOST.HTM
O8 - IE右键菜单中的新增项目: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246

O9 - 浏览器额外的按钮: 免费精彩视频超流畅在线观看 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - 浏览器额外的“工具”菜单项: 播霸电视 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - 浏览器额外的按钮: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\软件集合\应用软件\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\软件集合\应用软件\QQ.EXE
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的按钮: 易趣购物 - {DE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {DE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\WINDOWS\System32\shdocvw.dll
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\cdnns.dll
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\msplus1.dll
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\msplus1.dll
O11 - Options group: [CDNCLIENT]  中文上网
O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} (PowerPlayer Control) - http://download.ppstream.com/bin/powerplayer.cab
O16 - DPF: {A984ED9F-E8DA-44E5-BC18-C14B9ABEF79D} (photo_uploader Control) - http://upload.photo.163.com/photoup.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://itv.5qzone.net/pCastCtl_1.0.0.82_20060329.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1DFF8274-A785-4EC4-A106-682472B5B492}: NameServer = 202.120.127.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{1DFF8274-A785-4EC4-A106-682472B5B492}: NameServer = 202.120.127.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{1DFF8274-A785-4EC4-A106-682472B5B492}: NameServer = 202.120.127.220
O17 - HKLM\System\CS3\Services\Tcpip\..\{1DFF8274-A785-4EC4-A106-682472B5B492}: NameServer = 202.120.127.220
O18 - Filter: text/html - {E7009873-0D40-45B1-8D59-5B9AE98C7D38} - C:\Program Files\Internet Explorer\Connection Wizard\icwnet.dll
O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\kt4ql7h51.dll
O21 - SSODL: DelayRun - {5A6F2F95-3191-433B-8533-EB0B596A7BAC} - C:\WINDOWS\System32\49dd8d80.dll
O23 - NT 服务: AolSoftware (aolsoftware) - Unknown owner - C:\WINDOWS\spoolsv.exe (file missing)
O23 - NT 服务: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TEZG\command.exe
O23 - NT 服务: kavsvc - Kaspersky Lab - d:\Program Files\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - NT 服务: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - NT 服务: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - NT 服务: Remote ATI System - Unknown owner - C:\WINDOWS\system32\lsays.exe (file missing)
O23 - NT 服务: SQLDGM - Unknown owner - C:\WINDOWS\sql-dgm.exe (file missing)
O23 - NT 服务: Supplicant Service - Unknown owner - C:\WINDOWS\System32\SuService.exe (file missing)
O23 - NT 服务: Te1net - Unknown owner - C:\WINDOWS\System32\VIPTray.exe (file missing)
O23 - NT 服务: Network System (Universal Disk Manager) - COMENET TECHNOLOGY - C:\Program Files\Common Files\COMM\Network.exe
O23 - NT 服务: Win32 Kernel Update (Win32Kernel) - Unknown owner - C:\WINDOWS\win32host.exe (file missing)
O23 - NT 服务: WmDmPsp - Unknown owner - C:\WINDOWS\system32\sysdtc32.exe (file missing)

病毒进程
C:\WINDOWS\TEZG\command.exe
C:\Program Files\Network Monitor\netmon.exe



修复以下
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - (no file)
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS\System32\wmpdrm.dll (file missing)
O2 - BHO: MyIEHelper Class - {16A770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4644.dll
O2 - BHO: NetEASE Blocker - {4106B474-4C59-4911-83BA-2053AFEC8F72} - (no file
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - (no file)
O2 - BHO: EyeOnIE Class - {6E28339B-7A2A-47B6-AEB2-46BA53782379} - C:\PROGRA~1\IS\BhoPlugin.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - IE工具栏增项: 网易搜霸 - {F7B26F28-5BB9-48A1-A7A3-6A6B82B92A45} - (no file)
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file)
O8 - IE右键菜单中的新增项௤ 6;: 百度--网页搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM
O9 - 浏览器额外的按钮: 免费精彩视频超流畅在 线观看 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - 浏览器额外的“工具”菜ࡕ 3;项: 播霸电视 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\cdnns.dll
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\msplus1.dll
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\msplus1.dll
O23 - NT 服务: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TEZG\command.exe
O23 - NT 服务: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe



010项用以下方法：
请到http://forum.ikaka.com/topic.asp?board=67&artid=5188931，下载，LSPFix.exe，WinsockXPFix这两个软件
重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows

运行LSPFix.exe
附说明一份
LSPFix.exe这个软件主要用来辅助修复HijackThis扫描发现的O10项。
使用时，请关闭所有IE界面和文件夹界面后运行LSPFix，运行后，把quartz32.dll从左边转到右边，点“Finish”即可。（不过这之前，需要在“I know what I`m doing”前面打勾。）

修复后重启，如果无法上网，请运行WinsockXPFix，让它修复一下。



删除文件
C:\PROGRA~1\baidu\bar\baidubar.dll
C:\PROGRA~1\IS\BhoPlugin.dll
C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4644.dll
C:\WINDOWS\TEZG\command.exe
C:\Program Files\Network Monitor\netmon.exe


下载超级兔子`把系统清理一下。还有百度插件一定要清干净。