084D49BEEAD4} - E:\WINDOWS\system32\Szjru.dll
R3 - URLSearchHook: (no name) - {6BFCBAEB-497B-49DA-891C-0F34AE492716} - E:\WINDOWS\system32\Xqfn.dll
R3 - URLSearchHook: (no name) - {D9E1C2E3-7E42-4937-92C1-B5A45749AB68} - E:\WINDOWS\system32\Mmim.dll
R3 - URLSearchHook: (no name) - {5FC42D75-37A4-4112-9F53-25CBCBE2649B} - E:\WINDOWS\system32\Lkocq.dll
R3 - URLSearchHook: (no name) - {23B3E7F1-574F-482B-A67F-61F846324C3A} - E:\WINDOWS\system32\Jkon.dll
R3 - URLSearchHook: (no name) - {56408661-9886-468C-A9D9-D6BFF5CB3172} - E:\WINDOWS\system32\Tcmvu.dll
R3 - URLSearchHook: (no name) - {96AE8B12-D11E-4539-ADA5-CF5082EFE727} - E:\WINDOWS\system32\Liqayb.dll
R3 - URLSearchHook: (no name) - {D3C4C730-001F-4AD8-84D7-1FBD69E0F876} - E:\WINDOWS\system32\Nuqeye.dll
R3 - URLSearchHook: (no name) - {C695A8D2-CA67-4BA1-B21D-6F14AF385522} - E:\WINDOWS\system32\Clnwku.dll
R3 - URLSearchHook: (no name) - {7F69221C-155D-46B2-A877-C3EC0D988C00} - E:\WINDOWS\system32\Knhsa.dll
R3 - URLSearchHook: (no name) - {4376069D-490A-4663-8F43-41D132715373} - E:\WINDOWS\system32\Xrpswt.dll
R3 - URLSearchHook: (no name) - {13BC93B6-A154-4DAD-A927-025042908D9A} - E:\WINDOWS\system32\Zpxhuh.dll
R3 - URLSearchHook: (no name) - {BB401CCA-7861-4D87-9C9A-C4EE7E69D259} - E:\WINDOWS\system32\Sqbu.dll
R3 - URLSearchHook: (no name) - {C0D5B691-1FA6-44A2-A430-FB1E3A8D3F4F} - E:\WINDOWS\system32\Ftszpg.dll (file missing)
R3 - URLSearchHook: (no name) - {AE602B45-A74D-41B8-B919-08237881F801} - E:\WINDOWS\system32\Bbzv.dll (file missing)
R3 - URLSearchHook: (no name) - {4EFB0023-CB41-4B44-9DA4-0E30039A5D00} - E:\WINDOWS\system32\Ogsqdc.dll (file missing)
R3 - URLSearchHook: (no name) - {03F73414-FAEF-4AB7-B297-546321F1F316} - E:\WINDOWS\system32\Pyrjqh.dll (file missing)
R3 - URLSearchHook: (no name) - {1382BFCB-FC08-4AA3-A940-9A78497DA86D} - E:\WINDOWS\system32\Pvgbx.dll
R3 - URLSearchHook: (no name) - {9B34B5CB-A552-4D83-AEE1-6694BC8ECCA9} - E:\WINDOWS\system32\Lqhu.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 202.232.140.12 auto.search.msn.com
O2 - BHO: BdSearch - {02496EBD-8455-48db-B3C7-5DAC97D9F5A7} - E:\PROGRA~1\baidu\iexp\BDSrHook.dll (file missing)
O2 - BHO: (no name) - {03F73414-FAEF-4AB7-B297-546321F1F316} - E:\WINDOWS\system32\Pyrjqh.dll (file missing)
O2 - BHO: (no name) - {1382BFCB-FC08-4AA3-A940-9A78497DA86D} - E:\WINDOWS\system32\Pvgbx.dll
O2 - BHO: (no name) - {4EFB0023-CB41-4B44-9DA4-0E30039A5D00} - E:\WINDOWS\system32\Ogsqdc.dll (file missing)
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - E:\PROGRA~1\baidu\bar\baidubar.dll (file missing)
O2 - BHO: (no name) - {9B34B5CB-A552-4D83-AEE1-6694BC8ECCA9} - E:\WINDOWS\system32\Lqhu.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {AE602B45-A74D-41B8-B919-08237881F801} - E:\WINDOWS\system32\Bbzv.dll (file missing)
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - E:\PROGRA~1\baidu\bar\baidubar.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: 全能助手[资源管理器]伴侣 - {939802BD-EDC8-4EE3-9997-A65BE4657FFD} - E:\Program Files\TweakAssist\ExBar.dll (file missing)
O3 - Toolbar: (no name) - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - (no file)
O4 - HKLM\..\Run: [EM_EXEC] k:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [stup.exe] E:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [Internat.exe] Internat.exe
O4 - HKCU\..\Run: [MSNShell] E:\Program Files\MSNShell\BIN\MSNShell.exe autorun
O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\MSN Messenger\msnmsgr.exe" /background
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: 上传到QQ网络硬盘 - G:\Program Files\Tencent\qq2005b2\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 在Foxmail中添加该RSS频道/频道组 - res://E:\WINDOWS\system32\fmrsslink.dll/201
O8 - Extra context menu item: 添加到QQ自定义面板 - G:\Program Files\Tencent\qq2005b2\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - G:\Program Files\Tencent\qq2005b2\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - G:\Program Files\Tencent\qq2005b2\SendMMS.htm
O9 - Extra button: 百度首页 - {02496EBD-8455-48db-B3C7-5DAC97D9F5A7} - http://baidu.com/index.php?tn=txwb_dg (file missing)
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - K:\Program Files\浩方对战平台\GameClient.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\Program Files\Tencent\qq2005b2\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\Program Files\Tencent\qq2005b2\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - G:\Program Files\Tencent\qq2005b2\QQIEHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - G:\Program Files\Tencent\qq2005b2\QQIEHelper.dll (file missing)
O11 - Options group: [!IESearch] 百度搜索伴侣
O14 - IERESET.INF: START_PAGE_URL=
about:blank
O14 - IERESET.INF: MS_START_PAGE_URL=
about:blank
O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} (MMCPlayer Class) - http://p3p.sogou.com/MMCShell.cab
O16 - DPF: {1B5B9C65-14D6-44D4-819D-345EA4527641} (menu858a Control) - http://ad.ku8.91858.com/Plug-ins/menuAc8.inf
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl
Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {4C42600C-4C65-412E-8A3A-FB0271AECCA0} (ActiveFormX Control) - http://admin.ku8.91858.com/NetbarUser/ActiveFormProj.cab
O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} (PowerPlayer Control) - http://download.ppstream.com/bin/powerplayer.cab
O16 - DPF: {88734439-46D0-42C0-A13F-7E881EE550CF} (Filetran Control) - http://www.bluesky.cn/download/filetran.cab
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {98A62E3F-A8C5-4EF0-8A00-C70CF9D18A89} (LoaderCore Class) - http://tb.sogou.com/DLLoader.cab
O16 - DPF: {9E265649-6E0E-4EEA-9F49-DAE0801440CF} (WebDigiNet Control) - http://222.76.244.219/WebDiginet.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C661F36D-DF85-4EF4-83C7-E107B83D04B1} (WebActivater Control) - http://dl_dir.qq.com/3dshow/3DShowVM.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl
Object) - https://www.tenpay.com/download/qqedit.cab
O16 - DPF: {EC53936E-6D4A-4307-9092-A2FC48EAFC56} (Web800 Control) - http://heyyohgc.com.hk/web800.exe
O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) - http://218.85.138.27/vqqsdl1009.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.80_20060123.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C997916E-2D9B-43AA-9561-5618576E0B94}: NameServer = 202.101.98.55
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - E:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - E:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: PCANotify - E:\WINDOWS\SYSTEM32\PCANotify.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - E:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel PDS - LANDesk Software Ltd. - E:\WINDOWS\system32\CBA\pds.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - E:\Program Files\Symantec AntiVirus\Rtvscan.exe
