HijackThis_815汉化版扫描日志 V1.99.1
保存于      11:59:44, 日期 2006-2-20
操作系统：  Windows XP  (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 (6.00.2600.0000)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Kingsoft\kingplayer2003\cdsprite.exe
C:\KAV6\KpopMon.EXE
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\VM_STI.EXE
C:\KAV2005\KPfwSvc.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\ChinaNet\VnetClient.exe
D:\Program Files\Tencent\TT\TTraveler.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX02.484\HijackThis1991zww.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
R3 - URLSearchHook: (no name) - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - (no file)
O1 - Hosts: 61.152.104.70 www.a3tb.net
O1 - Hosts: 61.152.104.70 a3tb.net
O1 - Hosts: 61.152.104.70 www.99uu.com
O1 - Hosts: 61.152.104.70 99uu.com
O1 - Hosts: 61.152.104.70 www.99987.net
O1 - Hosts: 61.152.104.70 99987.net
O1 - Hosts: 61.152.104.70 www.998778.net
O1 - Hosts: 61.152.104.70 998778.net
O1 - Hosts: 61.152.104.70 www.998778.com
O1 - Hosts: 61.152.104.70 998778.com
O1 - Hosts: 61.152.104.70 www.99718.com
O1 - Hosts: 61.152.104.70 99718.com
O1 - Hosts: 61.152.104.70 www.99181.net
O1 - Hosts: 61.152.104.70 99181.net
O1 - Hosts: 61.152.104.70 www.98tk.net
O1 - Hosts: 61.152.104.70 98tk.net
O1 - Hosts: 61.152.104.70 www.98tk.com
O1 - Hosts: 61.152.104.70 98tk.com
O1 - Hosts: 61.152.104.70 www.95tk.com
O1 - Hosts: 61.152.104.70 95tk.com
O1 - Hosts: 61.152.104.70 www.95599cn.com
O1 - Hosts: 61.152.104.70 95599cn.com
O1 - Hosts: 61.152.104.70 www.8six.com
O1 - Hosts: 61.152.104.70 8six.com
O1 - Hosts: 61.152.104.70 www.8cw.com
O1 - Hosts: 61.152.104.70 8cw.com
O1 - Hosts: 61.152.104.70 www.8bbs.net
O1 - Hosts: 61.152.104.70 8bbs.net
O1 - Hosts: 61.152.104.70 www.8888b.net
O1 - Hosts: 61.152.104.70 8888b.net
O1 - Hosts: 61.152.104.70 www.8888b.com
O1 - Hosts: 61.152.104.70 8888b.com
O1 - Hosts: 61.152.104.70 www.886677.com
O1 - Hosts: 61.152.104.70 886677.com
O1 - Hosts: 61.152.104.70 www.884455.net
O1 - Hosts: 61.152.104.70 884455.net
O1 - Hosts: 61.152.104.70 www.884455.com
O1 - Hosts: 61.152.104.70 884455.com
O1 - Hosts: 61.152.104.70 www.87898.com
O1 - Hosts: 61.152.104.70 87898.com
O1 - Hosts: 61.152.104.70 www.8789.cn
O1 - Hosts: 61.152.104.70 8789.cn
O1 - Hosts: 61.152.104.70 www.87789.com
O1 - Hosts: 61.152.104.70 87789.com
O1 - Hosts: 61.152.104.70 www.858tk.com
O1 - Hosts: 61.152.104.70 858tk.com
O1 - Hosts: 61.152.104.70 www.85789.com
O1 - Hosts: 61.152.104.70 85789.com
O1 - Hosts: 61.152.104.70 www.8567.net
O1 - Hosts: 61.152.104.70 8567.net
O1 - Hosts: 61.152.104.70 www.8565.net
O1 - Hosts: 61.152.104.70 8565.net
O1 - Hosts: 61.152.104.70 www.8565.com
O1 - Hosts: 61.152.104.70 8565.com
O1 - Hosts: 61.152.104.70 www.851212.net
O1 - Hosts: 61.152.104.70 851212.net
O1 - Hosts: 61.152.104.70 www.83263.net
O1 - Hosts: 61.152.104.70 83263.net
O1 - Hosts: 61.152.104.70 www.83263.com
O1 - Hosts: 61.152.104.70 83263.com
O1 - Hosts: 61.152.104.70 www.83188.com
O1 - Hosts: 61.152.104.70 83188.com
O1 - Hosts: 61.152.104.70 www.800008.com
O1 - Hosts: 61.152.104.70 800008.com
O1 - Hosts: 61.152.104.70 www.785678.com
O1 - Hosts: 61.152.104.70 785678.com
O1 - Hosts: 61.152.104.70 www.78123.com
O1 - Hosts: 61.152.104.70 78123.com
O1 - Hosts: 61.152.104.70 www.77689.zj.com
O1 - Hosts: 61.152.104.70 77689.zj.com
O1 - Hosts: 61.152.104.70 www.77689.com
O1 - Hosts: 61.152.104.70 77689.com
O1 - Hosts: 61.152.104.70 www.774567.com
O1 - Hosts: 61.152.104.70 774567.com
O1 - Hosts: 61.152.104.70 www.774455.net
O1 - Hosts: 61.152.104.70 774455.net
O1 - Hosts: 61.152.104.70 www.774455.com
O1 - Hosts: 61.152.104.70 774455.com
O1 - Hosts: 61.152.104.70 www.77234.com
O1 - Hosts: 61.152.104.70 77234.com
O1 - Hosts: 61.152.104.70 www.77234.cn
O1 - Hosts: 61.152.104.70 77234.cn
O1 - Hosts: 61.152.104.70 www.77123.com
O1 - Hosts: 61.152.104.70 77123.com
O1 - Hosts: 61.152.104.70 www.6wo.net
O1 - Hosts: 61.152.104.70 6wo.net
O1 - Hosts: 61.152.104.70 www.6k8k.net
O1 - Hosts: 61.152.104.70 6k8k.net
O1 - Hosts: 61.152.104.70 www.6k8k.com
O1 - Hosts: 61.152.104.70 6k8k.com
O1 - Hosts: 61.152.104.70 www.69tk.com
O1 - Hosts: 61.152.104.70 69tk.com
O1 - Hosts: 61.152.104.70 www.696899.com
O1 - Hosts: 61.152.104.70 696899.com
O1 - Hosts: 61.152.104.70 www.68tu.net
O1 - Hosts: 61.152.104.70 68tu.net
O1 - Hosts: 61.152.104.70 www.68tk.org
O1 - Hosts: 61.152.104.70 68tk.org
O1 - Hosts: 61.152.104.70 www.68tk.net
O1 - Hosts: 61.152.104.70 68tk.net
O1 - Hosts: 61.152.104.70 www.68899.cn

O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v6.dll
O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DESKAD~1\deskipn.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\AdPlus\IEHelp1.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll
O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\新建文件夹\SH\QQIEHelper.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL
O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - C:\PROGRA~1\KuGoo2\KUGOO3~1.OCX
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: 珊瑚虫 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll (file missing)
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
O3 - IE工具栏增项: 珊瑚虫 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll (file missing)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [kpcdst] D:\Program Files\Kingsoft\kingplayer2003\cdsprite.exe
O4 - 启动项HKLM\\Run: [Kulansyn] C:\KAV6\Kulansyn.EXE
O4 - 启动项HKLM\\Run: [KpopMon] C:\KAV6\KpopMon.EXE
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [KAVPersonal50] "G:\QQ版本\卡巴斯基\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - 启动项HKLM\\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [AddrPlus3] C:\PROGRA~1\TENCENT\AdPlus\Runner.exe C:\PROGRA~1\TENCENT\AdPlus\QAHook.dll Rundll32
O4 - 启动项HKLM\\Run: [3721] C:\$NtUninstallQ5926809$\3721.bat
O4 - 启动项HKLM\\Run: [CdnCtr] 性?
O4 - 启动项HKLM\\Run: [Desktop] C:\WINDOWS\System32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\Tencent\QQ.exe
O4 - User Startup: 腾讯QQ.lnk = D:\Program Files\Tencent\QQ.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目:  >> 彩信发送 << - res://C:\Program Files\MMSAssist\Mmsass~1.dll/mms.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\Program Files\Tencent\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - C:\PROGRA~1\KUGOO2\KuGoo3DownX.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\Program Files\Tencent\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\Program Files\Tencent\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\Program Files\Tencent\SendMMS.htm
O8 - IE右键菜单中的新增项目: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll/246
O9 - 浏览器额外的按钮: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - 浏览器额外的按钮: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - 浏览器额外的按钮: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\新建文件夹\SH\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\新建文件夹\SH\QQIEHelper.dll
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - 浏览器额外的按钮: 易趣购物 - {EE60714F-AC17-427e-861A-FD60CBDF120B} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=26 (file missing)
O9 - 浏览器额外的按钮: 百万图库 - {6713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www.26-3.com/p (file missing) (HKCU)
O9 - 浏览器额外的按钮: 铃声图片下载 - {7713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www.26-3.com/sms/index.htm (file missing) (HKCU)
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\cdnns.dll
O11 - Options group: [CDNCLIENT]  中文上网
O11 - Options group: [TBH]  QQ地址栏搜索插件
O16 - DPF: {28E0FA88-ABA8-4937-A247-3031F1A11165} - http://pi.51.net/download/diybar2.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://cn.download.yahoo.com/dl/install/yinst0401.cab
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} (天下搜索) - http://iebar.t2t2.com/iebar.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {74447F9C-5691-4A9A-8BE4-564092E40B03} (VnetAnprIns Class) - http://plugin.chinavnet.com/VnetPluginIns.CAB
O16 - DPF: {ACFE8232-03C5-4AEC-AF5E-42B806724096} (KSHScan Control) - http://safe.qq.com/scan/KAllScan.CAB
O16 - DPF: {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} (Kingsoft DUBA OnlineScan) - http://211.152.52.102/duba/antiscan/update/OCX/KAVClean.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{35A66721-BDC6-4F0C-9F02-DB68DD45030D}: NameServer = 202.103.224.68,202.103.225.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{63513410-11B1-4913-85E4-09F2BAAE2AB8}: NameServer = 202.103.224.68 202.103.225.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{35A66721-BDC6-4F0C-9F02-DB68DD45030D}: NameServer = 202.103.224.68,202.103.225.68
O17 - HKLM\System\CS2\Services\Tcpip\..\{35A66721-BDC6-4F0C-9F02-DB68DD45030D}: NameServer = 202.103.224.68,202.103.225.68
O23 - NT 服务: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - NT 服务: kavsvc - Kaspersky Lab - G:\QQ版本\卡巴斯基\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - NT 服务: 卡巴斯基反病毒服务 (KLBLMain) - Unknown owner - (no file)
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - C:\KAV2005\KPfwSvc.EXE
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

登陆不良网站了吧


修复
R3 - URLSearchHook: (no name) - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - (no file)
O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DESKAD~1\deskipn.dll
O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: 珊瑚虫 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll (file missing)
O3 - IE工具栏增项: 珊瑚虫 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll (file missing)
O4 - 启动项HKLM\\Run: [3721] C:\$NtUninstallQ5926809$\3721.bat
O4 - 启动项HKLM\\Run: [CdnCtr] 性?
O4 - 启动项HKLM\\Run: [Desktop] C:\WINDOWS\System32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: >> 彩信发送 << - res://C:\Program Files\MMSAssist\Mmsass~1.dll/mms.htm
以及所有的01项

卸载
C:\Program Files\MMSAssist
C:\Program Files\Infofo Bar
C:\Program Files\DeskAdTop

删除
C:\$NtUninstallQ5926809$文件夹
C:\Program Files\MMSAssist文件夹
C:\Program Files\Infofo Bar文件夹
C:\Program Files\DeskAdTop文件夹

55555555我也不想开不良网站啊 都是朋友玩我的电脑多 麻烦斑竹你在帮看看还有没有什么问题  怎么那些  01那些修复后就不显示了 怎么我现在一扫又看见那么多的01???
卸载
C:\Program Files\Infofo Bar
删除
C:\$NtUninstallQ5926809$文件夹
C:\Program Files\Infofo Bar文件夹(怎么找不到这些文件???那个WINDOWS桌面划词搜索是系统带有的还是流氓软件?>?)

还有 我刚才进入了安全模式删了东西 现在回到原来的系统上 怎么那些桌面上的图标包括下面的开始菜单拦上都是跟2000系统那些东西都变得小小的 怎么改回原来的XP系统原来大小?? 下面是我扫的LOG 麻烦斑竹帮看看有没有问题还有哪些垃圾的东西要删的...

HijackThis_815汉化版扫描日志 V1.99.1
保存于      13:38:04, 日期 2006-2-20
操作系统：  Windows XP  (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 (6.00.2600.0000)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Kingsoft\kingplayer2003\cdsprite.exe
C:\KAV6\KpopMon.EXE
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\VM_STI.EXE
C:\KAV2005\KPfwSvc.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\ChinaNet\VnetClient.exe
D:\Program Files\Tencent\TT\TTraveler.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.391\HijackThis1991zww.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
O1 - Hosts: 61.152.104.70 www.a3tb.net
O1 - Hosts: 61.152.104.70 a3tb.net
O1 - Hosts: 61.152.104.70 www.99uu.com
O1 - Hosts: 61.152.104.70 99uu.com
O1 - Hosts: 61.152.104.70 www.99987.net
O1 - Hosts: 61.152.104.70 99987.net
O1 - Hosts: 61.152.104.70 www.998778.net
O1 - Hosts: 61.152.104.70 998778.net
O1 - Hosts: 61.152.104.70 www.998778.com
O1 - Hosts: 61.152.104.70 998778.com
O1 - Hosts: 61.152.104.70 www.99718.com
O1 - Hosts: 61.152.104.70 99718.com
O1 - Hosts: 61.152.104.70 www.99181.net
O1 - Hosts: 61.152.104.70 99181.net
O1 - Hosts: 61.152.104.70 www.98tk.net
O1 - Hosts: 61.152.104.70 98tk.net
O1 - Hosts: 61.152.104.70 www.98tk.com
O1 - Hosts: 61.152.104.70 98tk.com
O1 - Hosts: 61.152.104.70 www.95tk.com
O1 - Hosts: 61.152.104.70 95tk.com
O1 - Hosts: 61.152.104.70 www.95599cn.com
O1 - Hosts: 61.152.104.70 95599cn.com
O1 - Hosts: 61.152.104.70 www.8six.com
O1 - Hosts: 61.152.104.70 8six.com
O1 - Hosts: 61.152.104.70 www.8cw.com
O1 - Hosts: 61.152.104.70 8cw.com
O1 - Hosts: 61.152.104.70 www.8bbs.net
O1 - Hosts: 61.152.104.70 8bbs.net
O1 - Hosts: 61.152.104.70 www.8888b.net
O1 - Hosts: 61.152.104.70 8888b.net
O1 - Hosts: 61.152.104.70 www.8888b.com
O1 - Hosts: 61.152.104.70 8888b.com
O1 - Hosts: 61.152.104.70 www.886677.com
O1 - Hosts: 61.152.104.70 886677.com
O1 - Hosts: 61.152.104.70 www.884455.net
O1 - Hosts: 61.152.104.70 884455.net
O1 - Hosts: 61.152.104.70 www.884455.com
O1 - Hosts: 61.152.104.70 884455.com
O1 - Hosts: 61.152.104.70 www.87898.com
O1 - Hosts: 61.152.104.70 87898.com
O1 - Hosts: 61.152.104.70 www.8789.cn
O1 - Hosts: 61.152.104.70 8789.cn
O1 - Hosts: 61.152.104.70 www.87789.com
O1 - Hosts: 61.152.104.70 87789.com
O1 - Hosts: 61.152.104.70 www.858tk.com
O1 - Hosts: 61.152.104.70 858tk.com
O1 - Hosts: 61.152.104.70 www.85789.com
O1 - Hosts: 61.152.104.70 85789.com
O1 - Hosts: 61.152.104.70 www.8567.net
O1 - Hosts: 61.152.104.70 8567.net
O1 - Hosts: 61.152.104.70 www.8565.net
O1 - Hosts: 61.152.104.70 8565.net
O1 - Hosts: 61.152.104.70 www.8565.com
O1 - Hosts: 61.152.104.70 8565.com
O1 - Hosts: 61.152.104.70 www.851212.net
O1 - Hosts: 61.152.104.70 851212.net
O1 - Hosts: 61.152.104.70 www.83263.net
O1 - Hosts: 61.152.104.70 83263.net
O1 - Hosts: 61.152.104.70 www.83263.com
O1 - Hosts: 61.152.104.70 83263.com
O1 - Hosts: 61.152.104.70 www.83188.com
O1 - Hosts: 61.152.104.70 83188.com
O1 - Hosts: 61.152.104.70 www.800008.com
O1 - Hosts: 61.152.104.70 800008.com
O1 - Hosts: 61.152.104.70 www.785678.com
O1 - Hosts: 61.152.104.70 785678.com
O1 - Hosts: 61.152.104.70 www.78123.com
O1 - Hosts: 61.152.104.70 78123.com
O1 - Hosts: 61.152.104.70 www.77689.zj.com
O1 - Hosts: 61.152.104.70 77689.zj.com
O1 - Hosts: 61.152.104.70 www.77689.com
O1 - Hosts: 61.152.104.70 77689.com
O1 - Hosts: 61.152.104.70 www.774567.com
O1 - Hosts: 61.152.104.70 774567.com
O1 - Hosts: 61.152.104.70 www.774455.net
O1 - Hosts: 61.152.104.70 774455.net
O1 - Hosts: 61.152.104.70 www.774455.com
O1 - Hosts: 61.152.104.70 774455.com
O1 - Hosts: 61.152.104.70 www.77234.com
O1 - Hosts: 61.152.104.70 77234.com
O1 - Hosts: 61.152.104.70 www.77234.cn
O1 - Hosts: 61.152.104.70 77234.cn
O1 - Hosts: 61.152.104.70 www.77123.com
O1 - Hosts: 61.152.104.70 77123.com
O1 - Hosts: 61.152.104.70 www.6wo.net
O1 - Hosts: 61.152.104.70 6wo.net
O1 - Hosts: 61.152.104.70 www.6k8k.net
O1 - Hosts: 61.152.104.70 6k8k.net
O1 - Hosts: 61.152.104.70 www.6k8k.com
O1 - Hosts: 61.152.104.70 6k8k.com
O1 - Hosts: 61.152.104.70 www.69tk.com
O1 - Hosts: 61.152.104.70 69tk.com
O1 - Hosts: 61.152.104.70 www.696899.com
O1 - Hosts: 61.152.104.70 696899.com
O1 - Hosts: 61.152.104.70 www.68tu.net
O1 - Hosts: 61.152.104.70 68tu.net
O1 - Hosts: 61.152.104.70 www.68tk.org
O1 - Hosts: 61.152.104.70 68tk.org
O1 - Hosts: 61.152.104.70 www.68tk.net
O1 - Hosts: 61.152.104.70 68tk.net
O1 - Hosts: 61.152.104.70 www.68899.cn
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v6.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\AdPlus\IEHelp1.dll (file missing)
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\新建文件夹\SH\QQIEHelper.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - C:\PROGRA~1\KuGoo2\KUGOO3~1.OCX
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [kpcdst] D:\Program Files\Kingsoft\kingplayer2003\cdsprite.exe
O4 - 启动项HKLM\\Run: [Kulansyn] C:\KAV6\Kulansyn.EXE
O4 - 启动项HKLM\\Run: [KpopMon] C:\KAV6\KpopMon.EXE
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [KAVPersonal50] "G:\QQ版本\卡巴斯基\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - 启动项HKLM\\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [ExFilter] Rundll32.exe "C:\PROGRA~1\CNNIC\Cdn\cdnspie.dll,ExecFilter solo"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\Tencent\QQ.exe
O4 - User Startup: 腾讯QQ.lnk = D:\Program Files\Tencent\QQ.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\Program Files\Tencent\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - C:\PROGRA~1\KUGOO2\KuGoo3DownX.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\Program Files\Tencent\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\Program Files\Tencent\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\Program Files\Tencent\SendMMS.htm
O8 - IE右键菜单中的新增项目: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll/246
O9 - 浏览器额外的按钮: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - 浏览器额外的按钮: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\新建文件夹\SH\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\新建文件夹\SH\QQIEHelper.dll
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - 浏览器额外的按钮: 易趣购物 - {EE60714F-AC17-427e-861A-FD60CBDF120B} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=26 (file missing)
O9 - 浏览器额外的按钮: 百万图库 - {6713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www.26-3.com/p (file missing) (HKCU)
O9 - 浏览器额外的按钮: 铃声图片下载 - {7713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www.26-3.com/sms/index.htm (file missing) (HKCU)
O11 - Options group: [TBH]  QQ地址栏搜索插件
O16 - DPF: {28E0FA88-ABA8-4937-A247-3031F1A11165} - http://pi.51.net/download/diybar2.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://cn.download.yahoo.com/dl/install/yinst0401.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {74447F9C-5691-4A9A-8BE4-564092E40B03} (VnetAnprIns Class) - http://plugin.chinavnet.com/VnetPluginIns.CAB
O16 - DPF: {ACFE8232-03C5-4AEC-AF5E-42B806724096} (KSHScan Control) - http://safe.qq.com/scan/KAllScan.CAB
O16 - DPF: {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} (Kingsoft DUBA OnlineScan) - http://211.152.52.102/duba/antiscan/update/OCX/KAVClean.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{63513410-11B1-4913-85E4-09F2BAAE2AB8}: NameServer = 202.103.224.68 202.103.225.68
O23 - NT 服务: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - NT 服务: kavsvc - Kaspersky Lab - G:\QQ版本\卡巴斯基\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - NT 服务: 卡巴斯基反病毒服务 (KLBLMain) - Unknown owner - (no file)
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - C:\KAV2005\KPfwSvc.EXE
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

麻烦了 斑竹

还有鸽子在么??

修复所有01项