这是HijackThis扫描的报告
Logfile of HijackThis v1.99.1
Scan saved at 22:32:58, on 2006-9-1
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
F:\新建文件夹 (6)\avp.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\MSDHCP.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
F:\新建文件夹 (6)\avp.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\WINNT\system32\internat.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINNT\system32\conime.exe
C:\WINNT\system32\Rundll32.exe
C:\WINNT\system32\rundll32.exe
C:\Documents and Settings\Administrator\桌面\新建文件夹\HijackThis.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
F2 - REG:system.ini: UserInit=C:\WINNT\system32\Userinit.exe
O1 - Hosts: 61.188.38.64 www.gamezt.com.cn
O1 - Hosts: 61.188.38.64 ert0003.e76.163ns.com
O1 - Hosts: 61.188.38.64 sky001.e11.163ns.com
O1 - Hosts: 61.188.38.64 woool.100888290cs.com
O1 - Hosts: 61.188.38.64 rxjh.100888290cs.com
O1 - Hosts: 61.188.38.64 www.yowoool.com
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL
O2 - BHO: (no name) - {8FA05C9B-5498-4312-957B-BDD73399F94E} - C:\WINNT\system32\drmclient1.dll
O2 - BHO: Internet Explorer helper Objects - {9C9F9B89-B243-4613-9710-87060F137118} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSIEHE~1.DLL
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINNT\downlo~1\CnsHook.dll
O2 - BHO: (no name) - {E730189A-9973-4121-B046-AD1C161EC3AF} - C:\WINNT\system32\37211.dll (file missing)
O2 - BHO: BHelper Class - {F2E37336-BFDB-409B-8D0E-6F013C438B20} - C:\WINNT\system\2b8ob1c0.dll
O2 - BHO: AssistHelper - {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINNT\downlo~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [Hupoo] "C:\WINNT\system32\Hupoo.exe "
O4 - HKLM\..\Run: [kav] "F:\新建文件夹 (6)\avp.exe"
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Realplayer.exe] C:\WINNT\system32\Realplayer.exe
O8 - Extra context menu item: &使用DuDu下载 - res://C:\Program Files\DuDu\Speed\dddmext.dll/202
O8 - Extra context menu item: &使用DuDu下载全部链接 - res://C:\Program Files\DuDu\Speed\dddmext.dll/203
O8 - Extra context menu item: &使用DuDu下载选择链接 - res://C:\Program Files\DuDu\Speed\dddmext.dll/204
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用影音传送带下载 - C:\PROGRA~1\XI\NETTRA~1\NTAddLink.html
O8 - Extra context menu item: 使用影音传送带下载全部链接 - C:\PROGRA~1\XI\NETTRA~1\NTAddList.html
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\qq\AddEmotion.htm
O8 - Extra context menu item: 添加到雅虎订阅(&Y) - res://C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrss.dll/YRSSMENUEXT
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\qq\SendMMS.htm
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll/203
O9 - Extra button: Web反病毒保护 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - F:\新建文件夹 (6)\scieplugin.dll
O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - Extra button: 天心传奇，国内在线人数最多的传奇 - {B44CEFF3-EE81-45F8-ABF7-1DF940AE9C18} - http://www.234567.net/ (file missing)
O9 - Extra button: 泡游戏，给你推荐最新最好玩的游戏 - {E4623A52-D862-4580-A0B7-A525C79423F3} - http://www.paogame.com/ (file missing)
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra button: 中文网址导航 - {FDDED1AA-8156-416D-85F7-94BEA1997739} - http://www.234567.com/ (file missing)
O9 - Extra button: 开心溜溜娱乐门户网，电影、音乐、DJ、相声、小品、FLASH等等应有尽有 - {FDFD318D-E647-458A-918D-E0418559BB9E} - http://www.kx66.com/ (file missing)
O11 - Options group: [!CNS]  网络实名
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{42929C83-88CA-4673-9FC6-20A5FDCB7811}: NameServer = 61.128.128.68 61.128.192.68
O20 - Winlogon Notify: klogon - C:\WINNT\system32\klogon.dll
O21 - SSODL: DelayRun - {5A6F2F95-3191-433B-8533-EB0B596A7BAC} - C:\WINNT\system32\2b8db1c1.dll
O23 - Service: 卡巴斯基反病毒6.0 (AVP) - Kaspersky Lab - F:\新建文件夹 (6)\avp.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: DHCP Service (MSDHCP) - Unknown owner - C:\WINNT\MSDHCP.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe

【回复“jylb123”的帖子】
断网。关闭所有应用程序。
结束这个进程：
C:\WINNT\MSDHCP.exe
用HijackThis修复以下项目：
O1 - Hosts: 61.188.38.64 www.gamezt.com.cn
O1 - Hosts: 61.188.38.64 ert0003.e76.163ns.com
O1 - Hosts: 61.188.38.64 sky001.e11.163ns.com
O1 - Hosts: 61.188.38.64 woool.100888290cs.com
O1 - Hosts: 61.188.38.64 rxjh.100888290cs.com
O1 - Hosts: 61.188.38.64 www.yowoool.com
O2 - BHO: (no name) - {8FA05C9B-5498-4312-957B-BDD73399F94E} - C:\WINNT\system32\drmclient1.dll
O2 - BHO: Internet Explorer helper Objects - {9C9F9B89-B243-4613-9710-87060F137118} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSIEHE~1.DLL
O2 - BHO: (no name) - {E730189A-9973-4121-B046-AD1C161EC3AF} - C:\WINNT\system32\37211.dll (file missing)
O2 - BHO: BHelper Class - {F2E37336-BFDB-409B-8D0E-6F013C438B20} - C:\WINNT\system\2b8ob1c0.dll
O4 - HKLM\..\Run: [Hupoo] "C:\WINNT\system32\Hupoo.exe "
O4 - HKCU\..\Run: [Realplayer.exe] C:\WINNT\system32\Realplayer.exe
O21 - SSODL: DelayRun - {5A6F2F95-3191-433B-8533-EB0B596A7BAC} - C:\WINNT\system32\2b8db1c1.dll
O23 - Service: DHCP Service (MSDHCP) - Unknown owner - C:\WINNT\MSDHCP.exe
重启系统。
显示隐藏文件。
删除上述启动项指向的文件。

谢谢啊。我马上就去弄