[C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2208.30007>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.DisplaysColour.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2208.29990>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2208.30001>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.VideoOverlay.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2208.29989>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.PowerPlay3.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2208.29989>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.SmartGart.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2208.29990>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.VPURecover.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2208.29988>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.WorkstationConfig.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2208.29988>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.OverDrive3.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2279.31385>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.OverDrive2.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2279.31374>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2208.29988>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.MultiVPU3.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2302.19274>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.MultiVPU2.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2208.29991>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.Aspect.MultiVPU.Graphics.Shared.dll]  <ATI Technologies Inc.><1.2.2208.30001>
[PID: 2796][C:\WINXP\system32\cidaemon.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 204][C:\WINXP\system32\cidaemon.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 2596][C:\WINXP\system32\cidaemon.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 3748][C:\WINXP\system32\conime.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2092][C:\WINXP\system32\taskmgr.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2996][e:\jtdata\Program Files\Apache Software Foundation\Tomcat 5.5\bin\tomcat5w.exe]  <Apache Software Foundation><1.0.0.0>
    [C:\WINXP\system32\kakatool.dll]  <Beijing Rising Technology Co., Ltd.><2, 0, 0, 9>
    [c:\program files\google\googletoolbar1.dll]  <Google Inc.><4, 0, 1019, 5266>
    [E:\jtdata\Program Files\Java\jre1.6.0\bin\ssv.dll]  <Sun Microsystems, Inc.><6.0.0.97>
    [C:\WINXP\system32\kakatool.dll]  <Beijing Rising Technology Co., Ltd.><2, 0, 0, 9>
    [c:\program files\google\googletoolbar1.dll]  <Google Inc.><4, 0, 1019, 5266>
    [E:\jtdata\Program Files\Java\jre1.6.0\bin\ssv.dll]  <Sun Microsystems, Inc.><6.0.0.97>
[PID: 1788][C:\WINXP\system32\msiexec.exe]  <Microsoft Corporation><3.1.4000.1823>
[PID: 2364][C:\WINXP\System32\wbem\wmiprvse.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 3604][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINXP\system32\kakatool.dll]  <Beijing Rising Technology Co., Ltd.><2, 0, 0, 9>
    [c:\program files\google\googletoolbar1.dll]  <Google Inc.><4, 0, 1019, 5266>
    [E:\jtdata\Program Files\Java\jre1.6.0\bin\ssv.dll]  <Sun Microsystems, Inc.><6.0.0.97>
    [C:\WINXP\system32\secur.dll]  <><4, 1, 0, 0>
    [C:\WINXP\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [C:\WINXP\system32\upengine.dll]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [e:\jtdata\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\WINXP\system32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
[PID: 3224][C:\WINXP\System32\inetsrv\inetinfo.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINXP\system32\secur.dll]  <><4, 1, 0, 0>
[PID: 180][C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe]  <Microsoft Corporation><2.0.50727.42 (RTM.050727-4200)>
[PID: 1088][E:\jtdata\Program Files\Rising\Rav\Rav.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 75>
    [E:\jtdata\Program Files\Rising\Rav\PlugIn\RsPgScan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 17>
    [E:\jtdata\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [E:\jtdata\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\jtdata\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [E:\jtdata\Program Files\Rising\Rav\RavUI.Dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 61>
    [E:\jtdata\Program Files\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [E:\jtdata\Program Files\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [E:\jtdata\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [e:\jtdata\Program Files\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [E:\jtdata\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [E:\jtdata\Program Files\Rising\Rav\RavUIMsg.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 25>
    [C:\WINXP\system32\secur.dll]  <><4, 1, 0, 0>
    [e:\jtdata\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1504][E:\jtdata\Program Files\Rising\Rav\RsAgent.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [E:\jtdata\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
[PID: 624][C:\WINXP\msagent\AgentSvr.exe]  <Microsoft Corporation><2.00.0.3422>
[PID: 2160][\\?\C:\WINXP\system32\WBEM\WMIADAP.EXE]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2344][E:\jtdata\download\System Repair Engineer_sreng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINXP\system32\secur.dll]  <><4, 1, 0, 0>

==================================
文件关联
.TXT  Error. [notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /s]
.CHM  Error. [hh.exe %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [notepad.exe %1]
.INF  Error. [notepad.exe %1]
.VBS  Error. [wscript.exe "%1" %*]
.JS  Error. ["e:\jtdata\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

我今天下载了卡卡上网助手，使用了“彻底修复”功能，到目前位置那Local Settings\Temp目录里面还没有发现那个垃圾网站temp.exe等文件。不知道是不是真的修好了。

请下载Hijackthis1.99.1汉化版扫描将日志粘贴上来
下载地址：http://free5.ys168.com/?ufwihgu168

Logfile of HijackThis v1.99.1
Scan saved at 0:47:39, on 2006-08-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\Ati2evxx.exe
C:\WINXP\system32\svchost.exe
e:\jtdata\Program Files\Rising\Rav\CCenter.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\Ati2evxx.exe
e:\jtdata\Program Files\Rising\Rav\Ravmond.exe
e:\jtdata\program files\rising\rfw\rfwsrv.exe
C:\WINXP\system32\spoolsv.exe
e:\jtdata\Program Files\Rising\Rav\RavStub.exe
C:\WINXP\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINXP\VM_STI.EXE
C:\WINXP\SOUNDMAN.EXE
C:\Program Files\Razer\razerhid.exe
C:\WINXP\system32\SafeSignCertReg.exe
E:\jtdata\Program Files\Rising\Rav\RavTask.exe
E:\jtdata\Program Files\Rising\Rav\Ravmon.exe
e:\jtdata\program files\rising\rfw\RfwMain.exe
E:\jtdata\Borland\JBuilder2005\jdk1.4\jre\bin\jusched.exe
C:\WINXP\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\PerSono\PersTray.exe
C:\Program Files\Razer\razertra.exe
C:\Program Files\Razer\razerofa.exe
C:\WINXP\system32\cisvc.exe
C:\WINXP\system32\JWPEN.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINXP\System32\svchost.exe
E:\jtdata\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\WINXP\System32\vmnat.exe
C:\WINXP\System32\svchost.exe
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\cli.exe
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\cli.exe
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\cli.exe
C:\WINXP\system32\cidaemon.exe
C:\WINXP\system32\cidaemon.exe
C:\WINXP\system32\cidaemon.exe
C:\WINXP\system32\conime.exe
C:\WINXP\system32\taskmgr.exe
C:\program files\Internet Explorer\Connection Wizard\icwx25b.dun
C:\program files\Internet Explorer\Connection Wizard\icwx25b.dun
C:\WINXP\System32\inetsrv\inetinfo.exe
C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\jtdata\Program Files\Rising\Rav\Rav.exe
E:\jtdata\Program Files\Rising\Rav\RsAgent.exe
C:\WINXP\msagent\AgentSvr.exe
E:\jtdata\download\HijackThis V1[1].99.1汉化版\HijackThis.exe

R3 - URLSearchHook: SrchHook Class - {EED92A43-CFCE-4548-BD73-B0A405470ED5} - C:\PROGRA~1\CNNIC\Cdn\iesrch.dll (file missing)
O2 - BHO: (no name) - RsAutorunsDisabled - (no file)
O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\jtdata\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINXP\system32\kakatool.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINXP\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINXP\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINXP\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINXP\VM_STI.EXE ZSMC USB PC Camera
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe"  -osboot
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\razerhid.exe
O4 - HKLM\..\Run: [CertificateRegistration] SafeSignCertReg.exe
O4 - HKLM\..\Run: [JdsEnglishSpirit] E:\jtdata\Program Files\jdssoftware\wabdc7share\flyenglishspirit.exe
O4 - HKLM\..\Run: [RavTask] "e:\jtdata\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "e:\jtdata\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\jtdata\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [ApacheTomcatMonitor] "e:\jtdata\Program Files\Apache Software Foundation\Tomcat 5.5\bin\tomcat5w.exe" //MS//Tomcat5
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office OneNote 2003 快速启动.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Perstray.lnk = C:\Program Files\PerSono\PersTray.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\jtdata\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - E:\jtdata\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\jtdata\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\jtdata\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\jtdata\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\jtdata\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\jtdata\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\jtdata\Program Files\Java\jre1.6.0\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\winxp\system32\secur.dll
O10 - Unknown file in Winsock LSP: c:\winxp\system32\secur.dll
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} - http://zs.kingsoft.com/KOSInit.cab
O16 - DPF: {52FF336D-A05D-4A14-A3A1-7B6B4B427F88} (UploadControl Control) - http://www.blog.163.com/bin/UploadControl.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {A984ED9F-E8DA-44E5-BC18-C14B9ABEF79D} (photo_uploader Control) - http://upload.photo.163.com/photoup.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D9306BD1-2325-4C28-8632-B02330C1BB02} (PhotoUploadCtrlMini Control) - http://www.blog.163.com/bin/PhotoUploadCtrlMini.cab
O16 - DPF: {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} (PBActiveX40 Control) - http://njcmbchina.nj-enterprise.com/pb42.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3A4630B0-A49B-446D-B525-9A14CA1BABE2}: NameServer = 202.102.200.101,202.96.64.68,202.90.88.129,218.5.77.19,61.151.248.236
O17 - HKLM\System\CCS\Services\Tcpip\..\{4FE4A695-D841-4186-B6EB-C4B2403939D5}: NameServer = 218.108.248.245 218.108.245.157
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: qrev - {9DE24BAC-FC3C-42C4-9FC4-76B3FAFDBD90} - E:\jtdata\PROGRA~1\QUESTS~1\TOAD\RNetPin.dll
O23 - Service: Apache2 - Unknown owner - E:\jtdata\Program Files\Apache Group\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINXP\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINXP\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: HanWangTablet - Unknown owner - C:\WINXP\system32\JWPEN.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - E:/jtdata/mysql/bin/mysqld-nt.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - e:\jtdata\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - e:\jtdata\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - e:\jtdata\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - e:\jtdata\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: Apache Tomcat (Tomcat5) - Unknown owner - e:\jtdata\Program Files\Apache Software Foundation\Tomcat 5.5\bin\tomcat5.exe" //RS//Tomcat5 (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\jtdata\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINXP\System32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINXP\System32\vmnat.exe

运行Hijackthis，把下面的选中打上钩，修复
R3 - URLSearchHook: SrchHook Class - {EED92A43-CFCE-4548-BD73-B0A405470ED5} - C:\PROGRA~1\CNNIC\Cdn\iesrch.dll (file missing)
O2 - BHO: (no name) - RsAutorunsDisabled - (no file)
O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\jtdata\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O23 - Service: Apache2 - Unknown owner - E:\jtdata\Program Files\Apache Group\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\winxp\system32\secur.dll
O10 - Unknown file in Winsock LSP: c:\winxp\system32\secur.dll

请下载LSPFix和WinsockXPFix这两个软件，
小软件下载
http://free5.ys168.com/?ufwihgu168
　　重新启动电脑, 进入安全模式。运行LSPFix.exe，删除：
secur.dll
说明：
LSPFix这个软件主要用来辅助修复HijackThis扫描发现的O10项。
使用时，请关闭所有IE界面和文件夹界面后运行LSPFix。运行后，
把要修复的那一个O10项从左边转到右边，点“Finish”即可。
修复后重启计算机，如果无法上网，请运行WinsockXPFix，
让它修复一下。

控制面板－－管理工具－－服务－－查找 HanWangTablet禁止这个服务
运行Hijackthis，把下面的选中打上钩，修复
O23 - Service: HanWangTablet - Unknown owner - C:\WINXP\system32\JWPEN.exe

修复后请重新扫描上来，023再出现请参考：
http://forum.ikaka.com/topic.asp?board=28&artid=7795226&page=4