昨天电脑突然变得异常缓慢，打开任务管理器一看，出现n多“verclsid.exe”进程。
在windows文件夹找到这个文件，把其删除。
重启，依旧很慢，打开任务管理器一看，出现n多“zhxh.exe”进程。
再删除。
但还是不行，这个会自动更名成莫名其妙的exe文件
并且我已经卸载了KB908531补丁。
还是如此，已经扫描，结果如下，忘高人指点，谢谢！！！！

Logfile of HijackThis v1.99.1
Scan saved at 11:03:19 AM, on 2006-8-9
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
d:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
d:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
D:\Program Files\Rising\Rav\RavTask.exe
D:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
D:\Program Files\jj4\jjsvr4.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
D:\Program Files\KeyText\KeyText.exe
C:\Documents and Settings\All Users\Documents\ha_hijackthis_1991\HijackThis.exe

R3 - URLSearchHook: (no name) - {68FC0F8F-31E3-454B-8D0A-70078765EC75} - C:\WINDOWS\system32\Rlmeid.dll
R3 - URLSearchHook: (no name) - {393F4FD5-5353-4085-9100-F334508643CF} - C:\WINDOWS\system32\Oidek.dll
R3 - URLSearchHook: (no name) - {C71F0064-2532-4EF6-B048-965C33655F96} - C:\WINDOWS\system32\Mwfpw.dll
R3 - URLSearchHook: (no name) - {7E19BFB9-E0D5-4AB2-84B9-C0AB0D5DF244} - C:\WINDOWS\system32\Sflap.dll
R3 - URLSearchHook: (no name) - {7A64D8F5-A785-44A7-9948-A2B634511B0B} - C:\WINDOWS\system32\Anwfa.dll
R3 - URLSearchHook: (no name) - {456AD92F-6F8F-4F31-887E-D9EA7952517A} - C:\WINDOWS\system32\Asxvr.dll
R3 - URLSearchHook: (no name) - {D42B9206-14CE-4C79-9A85-2526619FE5CA} - C:\WINDOWS\system32\Dohx.dll
R3 - URLSearchHook: (no name) - {5380B0ED-4826-4484-97FE-4F2E1594CA7D} - C:\WINDOWS\system32\Rydo.dll
R3 - URLSearchHook: (no name) - {A766FA43-3C5F-4070-ADC5-3FA1C69D477F} - C:\WINDOWS\system32\Aswhc.dll
R3 - URLSearchHook: (no name) - {3200F8C9-CB30-438B-8686-9CE6810A2622} - C:\WINDOWS\system32\Hdju.dll
R3 - URLSearchHook: (no name) - {362058DD-B57B-4628-974B-19BE9A99A5B9} - C:\WINDOWS\system32\Fdcl.dll
R3 - URLSearchHook: (no name) - {B8597588-BDCB-408F-984F-1FADF659337A} - C:\WINDOWS\system32\Jpjf.dll
R3 - URLSearchHook: (no name) - {D69840E5-D38F-43B7-B187-6A3237688B23} - C:\WINDOWS\system32\Qifu.dll
R3 - URLSearchHook: (no name) - {CCD9C5F6-75F5-4008-81D9-488262EE705A} - C:\WINDOWS\system32\Thnn.dll
R3 - URLSearchHook: (no name) - {E49C4827-686A-46A6-BB17-638529E81B2A} - C:\WINDOWS\system32\Iwqoe.dll
R3 - URLSearchHook: (no name) - {0083B256-DC89-4887-8984-4A69DC2F9535} - C:\WINDOWS\system32\Nyojgk.dll
R3 - URLSearchHook: (no name) - {9F12A7FA-1731-40F9-B0EC-BB1FCA557B92} - C:\WINDOWS\system32\Fxea.dll
R3 - URLSearchHook: (no name) - {DC9C4B64-87BE-4075-BA1E-B12EF14145AC} - C:\WINDOWS\system32\Exvp.dll
R3 - URLSearchHook: (no name) - {203E68A1-448E-458B-BD50-9D9FE7724075} - C:\WINDOWS\system32\Eunh.dll
R3 - URLSearchHook: (no name) - {CC5D0840-4867-42FD-9EE3-83D00B3A04DA} - C:\WINDOWS\system32\Pbhptf.dll
R3 - URLSearchHook: (no name) - {0BC144B1-6722-4525-85B6-DE8B2BA13EC9} - C:\WINDOWS\system32\Nfmcdt.dll
R3 - URLSearchHook: (no name) - {F2286A65-1DC8-430C-B089-29845D032C53} - C:\WINDOWS\system32\Nxeg.dll
R3 - URLSearchHook: (no name) - {5DC6696D-D37E-41CF-822D-83ECF3B80F3B} - C:\WINDOWS\system32\Cwefwn.dll
R3 - URLSearchHook: (no name) - {70B3562F-B955-482A-A140-CDB91D8BCDC4} - C:\WINDOWS\system32\Lvvcf.dll
R3 - URLSearchHook: (no name) - {5A421BD8-7EBB-4418-B2CC-9493915F77D1} - C:\WINDOWS\system32\Qkratu.dll
R3 - URLSearchHook: (no name) - {4D92C19F-489C-466A-BEE2-0FAAA7974503} - C:\WINDOWS\system32\Mandr.dll
R3 - URLSearchHook: (no name) - {E3E526E4-565F-47F5-BCA2-46C8923FD0D6} - C:\WINDOWS\system32\Qwzk.dll
R3 - URLSearchHook: (no name) - {18C05125-6ABD-43F5-9495-D34AB91FC01A} - C:\WINDOWS\system32\Yhmlkf.dll (file missing)
R3 - URLSearchHook: (no name) - {50FFCDFF-4779-4AA2-A7D7-712BEBC70182} - C:\WINDOWS\system32\Gzhm.dll (file missing)
R3 - URLSearchHook: (no name) - {C503FE56-1889-4B99-94BD-6D598BB2CF62} - C:\WINDOWS\system32\Fxym.dll (file missing)
R3 - URLSearchHook: (no name) - {FF0833D5-DF35-4B69-B042-49B124E1F43A} - C:\WINDOWS\system32\Lrtsc.dll
R3 - URLSearchHook: (no name) - {733FFC0B-4397-464B-9475-4943A03C1069} - C:\WINDOWS\system32\Soker.dll
R3 - URLSearchHook: (no name) - {C61A8007-B2F0-4866-BE2D-229EE2E9E646} - C:\WINDOWS\system32\Xcyhlq.dll
R3 - URLSearchHook: (no name) - {8E233A5D-366D-44A8-AF51-B1732B84B6AE} - C:\WINDOWS\system32\Ccjaun.dll
R3 - URLSearchHook: (no name) - {DAB18BFC-9627-4132-BA1C-B5E61FB53F0E} - C:\WINDOWS\system32\Zdvbfx.dll
R3 - URLSearchHook: (no name) - {BC6409BC-DF58-4F79-93C2-8E578E33E109} - C:\WINDOWS\system32\Brgz.dll
R3 - URLSearchHook: (no name) - {95879AB4-550D-463A-9070-DE5EC1ADA4D8} - C:\WINDOWS\system32\Ndnt.dll
R3 - URLSearchHook: (no name) - {ED2D2D68-6388-4B74-84E8-93DB567C89EA} - C:\WINDOWS\system32\Nzyzz.dll
R3 - URLSearchHook: (no name) - {F58EF24F-2D73-414C-A5B8-B82DD92B6A24} - C:\WINDOWS\system32\Rqpv.dll
R3 - URLSearchHook: (no name) - {AE7A1EEA-37BF-42F0-A96F-024414B771A9} - C:\WINDOWS\system32\Tbekl.dll
R3 - URLSearchHook: (no name) - {FD45E972-F200-43EB-9983-A1DA98931144} - C:\WINDOWS\system32\Qigq.dll
R3 - URLSearchHook: (no name) - {E9E307DD-469D-49E6-8B4B-C347101D4E9C} - C:\WINDOWS\system32\Deeoyh.dll
R3 - URLSearchHook: (no name) - {E2553733-364D-497A-8703-20F4F054C0B4} - C:\WINDOWS\system32\Gtbb.dll
R3 - URLSearchHook: (no name) - {BFE7C30F-C14F-4E63-9B24-969ABCDD666E} - C:\WINDOWS\system32\Avqsp.dll
R3 - URLSearchHook: (no name) - {073340EE-278C-4194-8391-579AD0AD7EA4} - C:\WINDOWS\system32\Znjewp.dll
R3 - URLSearchHook: (no name) - {80AA38FB-7E62-4848-86D5-1D6EDF763E97} - C:\WINDOWS\system32\Jcexfw.dll
R3 - URLSearchHook: (no name) - {CA74816A-D9C0-4D69-A30E-12304149FF11} - C:\WINDOWS\system32\Sdksd.dll
R3 - URLSearchHook: (no name) - {A624C4E1-6CCE-4902-85A4-D3B8BB3C5B72} - C:\WINDOWS\system32\Kiqgum.dll
R3 - URLSearchHook: (no name) - {ACD224AF-62AC-4CB1-A5A0-C52EBBE19417} - C:\WINDOWS\system32\Xaer.dll
R3 - URLSearchHook: (no name) - {609B4838-9FCC-47F3-BA6C-0A823A970024} - C:\WINDOWS\system32\Jppl.dll
R3 - URLSearchHook: (no name) - {48E87479-F328-4B2F-96CE-929E168D6CC2} - C:\WINDOWS\system32\Jnraki.dll
R3 - URLSearchHook: (no name) - {E334EB89-47BD-4040-8E8D-E45851C921F6} - C:\WINDOWS\system32\Tfeebh.dll
R3 - URLSearchHook: (no name) - {7E162DFC-794B-468E-A6F9-C52B6A496A7C} - C:\WINDOWS\system32\Uvodn.dll
R3 - URLSearchHook: (no name) - {685DEA5D-B91C-48C5-97C9-936403BE0C8D} - C:\WINDOWS\system32\Mdpv.dll
R3 - URLSearchHook: (no name) - {3C59C44D-540F-4400-984E-C7ABDE5326D3} - C:\WINDOWS\system32\Fcdar.dll
R3 - URLSearchHook: (no name) - {7CFA86F2-8462-4A01-95E8-E283399751A7} - C:\WINDOWS\system32\Inxgr.dll
R3 - URLSearchHook: (no name) - {0748B522-F67A-4691-A170-5035CD51D8E8} - C:\WINDOWS\system32\Wjhyoy.dll
R3 - URLSearchHook: (no name) - {8020D46E-1B7F-4A0A-A3B0-AC83F12B40DE} - C:\WINDOWS\system32\Ghers.dll
R3 - URLSearchHook: (no name) - {94BE0CD4-1313-4085-B61F-193BB64C3E8F} - C:\WINDOWS\system32\Tdaoxn.dll
R3 - URLSearchHook: (no name) - {0B3A4E86-AFC1-4410-AC52-6C52839734BB} - C:\WINDOWS\system32\Dyhopu.dll
R3 - URLSearchHook: (no name) - {EFB970F4-5987-489A-BBB3-419F1BA0D6F2} - C:\WINDOWS\system32\Pmhcvp.dll
R3 - URLSearchHook: (no name) - {986DE8EE-46D5-44B1-B402-6E3BA06002E5} - C:\WINDOWS\system32\Rsiuke.dll
R3 - URLSearchHook: (no name) - {9D9247B9-C7DE-480B-90FE-EE73F01BBB0C} - C:\WINDOWS\system32\Pxefg.dll
R3 - URLSearchHook: (no name) - {3C184AD4-8399-4E2D-B3A9-F4CBF9CE8C60} - C:\WINDOWS\system32\Jwywm.dll
R3 - URLSearchHook: (no name) - {10FD91AD-F2E4-4FB2-AC3A-00BB8055F47B} - C:\WINDOWS\system32\Hrzlw.dll
R3 - URLSearchHook: (no name) - {3CE9C654-0ABD-4153-A39B-F2E3D39C4975} - C:\WINDOWS\system32\Uyerbt.dll
R3 - URLSearchHook: (no name) - {E9E30D27-5006-437E-8860-FD132DDD51EB} - C:\WINDOWS\system32\Aimidl.dll
R3 - URLSearchHook: (no name) - {A3B30B36-8B56-4EE0-AD66-8E65E18AA2EC} - C:\WINDOWS\system32\Wyaqoq.dll
R3 - URLSearchHook: (no name) - {C3EA6AFD-4ACF-405A-B5DA-48F90C63B9C4} - C:\WINDOWS\system32\Laeu.dll
R3 - URLSearchHook: (no name) - {3CA57B58-50E7-4B2E-A249-A7FE4B03D418} - C:\WINDOWS\system32\Kbvprd.dll
R3 - URLSearchHook: (no name) - {8D4675A3-59A8-4DC1-971A-BEC1D29D2F0B} - C:\WINDOWS\system32\Lretrv.dll
R3 - URLSearchHook: (no name) - {A53270A3-D94B-44E7-85EB-DBF5FB17B18D} - C:\WINDOWS\system32\Xcpwk.dll
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,"d:\Program Files\HFEE\SVOHOST.EXE" un userinit.exe

O2 - BHO: (no name) - {0083B256-DC89-4887-8984-4A69DC2F9535} - C:\WINDOWS\system32\Nyojgk.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {073340EE-278C-4194-8391-579AD0AD7EA4} - C:\WINDOWS\system32\Znjewp.dll
O2 - BHO: (no name) - {0748B522-F67A-4691-A170-5035CD51D8E8} - C:\WINDOWS\system32\Wjhyoy.dll
O2 - BHO: (no name) - {0B3A4E86-AFC1-4410-AC52-6C52839734BB} - C:\WINDOWS\system32\Dyhopu.dll
O2 - BHO: (no name) - {0BC144B1-6722-4525-85B6-DE8B2BA13EC9} - C:\WINDOWS\system32\Nfmcdt.dll
O2 - BHO: 搜搜地址栏搜索 - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: CPub Object - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - C:\Program Files\P4P\sodaie.dll (file missing)
O2 - BHO: (no name) - {10FD91AD-F2E4-4FB2-AC3A-00BB8055F47B} - C:\WINDOWS\system32\Hrzlw.dll
O2 - BHO: (no name) - {18C05125-6ABD-43F5-9495-D34AB91FC01A} - C:\WINDOWS\system32\Yhmlkf.dll (file missing)
O2 - BHO: (no name) - {203E68A1-448E-458B-BD50-9D9FE7724075} - C:\WINDOWS\system32\Eunh.dll
O2 - BHO: (no name) - {3200F8C9-CB30-438B-8686-9CE6810A2622} - C:\WINDOWS\system32\Hdju.dll
O2 - BHO: Yahoo!Photo - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\Program Files\Yahoo!\Assistant\Assist\yphtb.dll (file missing)
O2 - BHO: (no name) - {362058DD-B57B-4628-974B-19BE9A99A5B9} - C:\WINDOWS\system32\Fdcl.dll
O2 - BHO: (no name) - {393F4FD5-5353-4085-9100-F334508643CF} - C:\WINDOWS\system32\Oidek.dll
O2 - BHO: (no name) - {3C184AD4-8399-4E2D-B3A9-F4CBF9CE8C60} - C:\WINDOWS\system32\Jwywm.dll
O2 - BHO: (no name) - {3C59C44D-540F-4400-984E-C7ABDE5326D3} - C:\WINDOWS\system32\Fcdar.dll
O2 - BHO: (no name) - {3CA57B58-50E7-4B2E-A249-A7FE4B03D418} - C:\WINDOWS\system32\Kbvprd.dll
O2 - BHO: (no name) - {3CE9C654-0ABD-4153-A39B-F2E3D39C4975} - C:\WINDOWS\system32\Uyerbt.dll
O2 - BHO: (no name) - {456AD92F-6F8F-4F31-887E-D9EA7952517A} - C:\WINDOWS\system32\Asxvr.dll
O2 - BHO: (no name) - {48E87479-F328-4B2F-96CE-929E168D6CC2} - C:\WINDOWS\system32\Jnraki.dll
O2 - BHO: (no name) - {4D92C19F-489C-466A-BEE2-0FAAA7974503} - C:\WINDOWS\system32\Mandr.dll
O2 - BHO: (no name) - {50FFCDFF-4779-4AA2-A7D7-712BEBC70182} - C:\WINDOWS\system32\Gzhm.dll (file missing)
O2 - BHO: (no name) - {5380B0ED-4826-4484-97FE-4F2E1594CA7D} - C:\WINDOWS\system32\Rydo.dll
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\Tencent\qq\QQIEHelper.dll
O2 - BHO: (no name) - {5A421BD8-7EBB-4418-B2CC-9493915F77D1} - C:\WINDOWS\system32\Qkratu.dll
O2 - BHO: (no name) - {5DC6696D-D37E-41CF-822D-83ECF3B80F3B} - C:\WINDOWS\system32\Cwefwn.dll
O2 - BHO: (no name) - {609B4838-9FCC-47F3-BA6C-0A823A970024} - C:\WINDOWS\system32\Jppl.dll
O2 - BHO: DragSearch BHO - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL (file missing)
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\WINDOWS\system32\ssup.dll
O2 - BHO: (no name) - {685DEA5D-B91C-48C5-97C9-936403BE0C8D} - C:\WINDOWS\system32\Mdpv.dll
O2 - BHO: (no name) - {68FC0F8F-31E3-454B-8D0A-70078765EC75} - C:\WINDOWS\system32\Rlmeid.dll
O2 - BHO: (no name) - {70B3562F-B955-482A-A140-CDB91D8BCDC4} - C:\WINDOWS\system32\Lvvcf.dll
O2 - BHO: (no name) - {733FFC0B-4397-464B-9475-4943A03C1069} - C:\WINDOWS\system32\Soker.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Progra~1\Baidu\bar\BaiDuBar.dll
O2 - BHO: (no name) - {7A64D8F5-A785-44A7-9948-A2B634511B0B} - C:\WINDOWS\system32\Anwfa.dll
O2 - BHO: (no name) - {7CFA86F2-8462-4A01-95E8-E283399751A7} - C:\WINDOWS\system32\Inxgr.dll
O2 - BHO: (no name) - {7E162DFC-794B-468E-A6F9-C52B6A496A7C} - C:\WINDOWS\system32\Uvodn.dll
O2 - BHO: (no name) - {7E19BFB9-E0D5-4AB2-84B9-C0AB0D5DF244} - C:\WINDOWS\system32\Sflap.dll
O2 - BHO: (no name) - {8020D46E-1B7F-4A0A-A3B0-AC83F12B40DE} - C:\WINDOWS\system32\Ghers.dll
O2 - BHO: (no name) - {80AA38FB-7E62-4848-86D5-1D6EDF763E97} - C:\WINDOWS\system32\Jcexfw.dll
O2 - BHO: (no name) - {8D4675A3-59A8-4DC1-971A-BEC1D29D2F0B} - C:\WINDOWS\system32\Lretrv.dll
O2 - BHO: (no name) - {8E233A5D-366D-44A8-AF51-B1732B84B6AE} - C:\WINDOWS\system32\Ccjaun.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {94BE0CD4-1313-4085-B61F-193BB64C3E8F} - C:\WINDOWS\system32\Tdaoxn.dll
O2 - BHO: (no name) - {95879AB4-550D-463A-9070-DE5EC1ADA4D8} - C:\WINDOWS\system32\Ndnt.dll
O2 - BHO: (no name) - {986DE8EE-46D5-44B1-B402-6E3BA06002E5} - C:\WINDOWS\system32\Rsiuke.dll
O2 - BHO: (no name) - {9D9247B9-C7DE-480B-90FE-EE73F01BBB0C} - C:\WINDOWS\system32\Pxefg.dll
O2 - BHO: (no name) - {9F12A7FA-1731-40F9-B0EC-BB1FCA557B92} - C:\WINDOWS\system32\Fxea.dll
O2 - BHO: (no name) - {A3B30B36-8B56-4EE0-AD66-8E65E18AA2EC} - C:\WINDOWS\system32\Wyaqoq.dll
O2 - BHO: (no name) - {A53270A3-D94B-44E7-85EB-DBF5FB17B18D} - C:\WINDOWS\system32\Xcpwk.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {A624C4E1-6CCE-4902-85A4-D3B8BB3C5B72} - C:\WINDOWS\system32\Kiqgum.dll
O2 - BHO: (no name) - {A766FA43-3C5F-4070-ADC5-3FA1C69D477F} - C:\WINDOWS\system32\Aswhc.dll
O2 - BHO: (no name) - {ACD224AF-62AC-4CB1-A5A0-C52EBBE19417} - C:\WINDOWS\system32\Xaer.dll
O2 - BHO: (no name) - {AD58D9BE-B23C-4186-AC37-A28DE6B11C0B} - C:\WINDOWS\system32\Abbr.dll
O2 - BHO: (no name) - {AE7A1EEA-37BF-42F0-A96F-024414B771A9} - C:\WINDOWS\system32\Tbekl.dll
O2 - BHO: (no name) - {B8597588-BDCB-408F-984F-1FADF659337A} - C:\WINDOWS\system32\Jpjf.dll
O2 - BHO: (no name) - {BC6409BC-DF58-4F79-93C2-8E578E33E109} - C:\WINDOWS\system32\Brgz.dll
O2 - BHO: (no name) - {BFE7C30F-C14F-4E63-9B24-969ABCDD666E} - C:\WINDOWS\system32\Avqsp.dll
O2 - BHO: (no name) - {C3EA6AFD-4ACF-405A-B5DA-48F90C63B9C4} - C:\WINDOWS\system32\Laeu.dll
O2 - BHO: (no name) - {C503FE56-1889-4B99-94BD-6D598BB2CF62} - C:\WINDOWS\system32\Fxym.dll (file missing)
O2 - BHO: (no name) - {C61A8007-B2F0-4866-BE2D-229EE2E9E646} - C:\WINDOWS\system32\Xcyhlq.dll
O2 - BHO: (no name) - {C71F0064-2532-4EF6-B048-965C33655F96} - C:\WINDOWS\system32\Mwfpw.dll
O2 - BHO: (no name) - {CA74816A-D9C0-4D69-A30E-12304149FF11} - C:\WINDOWS\system32\Sdksd.dll
O2 - BHO: (no name) - {CC5D0840-4867-42FD-9EE3-83D00B3A04DA} - C:\WINDOWS\system32\Pbhptf.dll
O2 - BHO: (no name) - {CCD9C5F6-75F5-4008-81D9-488262EE705A} - C:\WINDOWS\system32\Thnn.dll
O2 - BHO: (no name) - {D42B9206-14CE-4C79-9A85-2526619FE5CA} - C:\WINDOWS\system32\Dohx.dll
O2 - BHO: (no name) - {D69840E5-D38F-43B7-B187-6A3237688B23} - C:\WINDOWS\system32\Qifu.dll
O2 - BHO: (no name) - {DAB18BFC-9627-4132-BA1C-B5E61FB53F0E} - C:\WINDOWS\system32\Zdvbfx.dll
O2 - BHO: (no name) - {DC9C4B64-87BE-4075-BA1E-B12EF14145AC} - C:\WINDOWS\system32\Exvp.dll
O2 - BHO: (no name) - {E2553733-364D-497A-8703-20F4F054C0B4} - C:\WINDOWS\system32\Gtbb.dll
O2 - BHO: (no name) - {E334EB89-47BD-4040-8E8D-E45851C921F6} - C:\WINDOWS\system32\Tfeebh.dll
O2 - BHO: (no name) - {E3E526E4-565F-47F5-BCA2-46C8923FD0D6} - C:\WINDOWS\system32\Qwzk.dll
O2 - BHO: (no name) - {E49C4827-686A-46A6-BB17-638529E81B2A} - C:\WINDOWS\system32\Iwqoe.dll
O2 - BHO: (no name) - {E9E307DD-469D-49E6-8B4B-C347101D4E9C} - C:\WINDOWS\system32\Deeoyh.dll
O2 - BHO: (no name) - {E9E30D27-5006-437E-8860-FD132DDD51EB} - C:\WINDOWS\system32\Aimidl.dll
O2 - BHO: (no name) - {ED2D2D68-6388-4B74-84E8-93DB567C89EA} - C:\WINDOWS\system32\Nzyzz.dll
O2 - BHO: (no name) - {EFB970F4-5987-489A-BBB3-419F1BA0D6F2} - C:\WINDOWS\system32\Pmhcvp.dll
O2 - BHO: (no name) - {F2286A65-1DC8-430C-B089-29845D032C53} - C:\WINDOWS\system32\Nxeg.dll
O2 - BHO: (no name) - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - (no file)
O2 - BHO: (no name) - {F58EF24F-2D73-414C-A5B8-B82DD92B6A24} - C:\WINDOWS\system32\Rqpv.dll
O2 - BHO: (no name) - {FD45E972-F200-43EB-9983-A1DA98931144} - C:\WINDOWS\system32\Qigq.dll
O2 - BHO: (no name) - {FF0833D5-DF35-4B69-B042-49B124E1F43A} - C:\WINDOWS\system32\Lrtsc.dll
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Progra~1\Baidu\bar\BaiDuBar.dll

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [RavTask] "d:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - HKLM\..\RunOnce: [RavStub] "d:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [pyjj] D:\Program Files\jj4\jjsvr4.exe
O4 - Startup: KeyText.lnk = D:\Program Files\KeyText\KeyText.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &使用暴风下载器下载 - D:\Program Files\Ringz Studio\Storm Downloader\geturl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra button: 创建移动收藏 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - d:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - d:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: 创建移动收藏... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - d:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll
O11 - Options group: [TBH] 搜搜地址栏搜索
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/aliedit.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

把第一樓的全部修復..

http://www.pctutu.com/srmsdown.asp
下载超级兔子..用超级兔子清理王在（安全模式下）卸载提示流氓软件..

我 看不下去了```好多!!!!你先下載超級兔子`用超級兔子查一下流氓,,查到都删除掉 ..

完了加我QQ 407660517再發一次日志給我 .QQ``

顶

谢谢谢谢 我先去试试