ijackThis_815汉化版扫描日志 V1.99.1
保存于      20:01:21, 日期 2006-7-1
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
F:\Program Files\Rising\Rav\CCenter.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
E:\WINDOWS\Explorer.EXE
f:\program files\rising\rfw\rfwsrv.exe
E:\WINDOWS\system32\spoolsv.exe
f:\program files\rising\rfw\RfwMain.exe
E:\WINDOWS\System32\rundll32.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Yahoo!\Assistant\yassistse.exe
E:\WINDOWS\system32\igfxtray.exe
E:\WINDOWS\system32\hkcmd.exe
E:\WINDOWS\vsnpstd3.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
F:\Program Files\Rising\Rav\RAVTASK.EXE
F:\Program Files\Rising\Rav\RAV.EXE
F:\Program Files\Rising\Rav\Ravmond.exe
F:\Program Files\Rising\Rav\RAVMON.EXE
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Documents and Settings\a\My Documents\HijackThis1991汉化版\HijackThis1991zww.exe

R3 - URLSearchHook: (no name) - {C7A92730-3E3A-48A7-AC2A-D455C272578A} - E:\WINDOWS\system32\Hgxxf.dll
R3 - URLSearchHook: (no name) - {6CA9C177-5B5F-4677-9645-B8AE5590AA3B} - E:\WINDOWS\system32\Kljx.dll
R3 - URLSearchHook: (no name) - {C4E537DE-6C3A-4616-971B-4C04C62C4430} - E:\WINDOWS\system32\Fuuj.dll
R3 - URLSearchHook: (no name) - {3289DCAA-F79C-41BB-A120-0DE8D112052F} - E:\WINDOWS\system32\Hwkpt.dll
R3 - URLSearchHook: (no name) - {5BE00355-4FF7-402C-831A-DE3895C23869} - E:\WINDOWS\system32\Uxdud.dll
R3 - URLSearchHook: (no name) - {DDBEDF60-A001-4EF4-A6F7-613508840F8C} - E:\WINDOWS\system32\Jbay.dll
R3 - URLSearchHook: (no name) - {4DA35419-E35A-4400-9809-E2FCFA9C84CF} - E:\WINDOWS\system32\Neea.dll
R3 - URLSearchHook: (no name) - {37436745-A2BB-4AB5-8FB8-CA5EB3C4376D} - E:\WINDOWS\system32\Tyvzvg.dll
R3 - URLSearchHook: (no name) - {409DE2FB-1E12-4D80-B471-275C57B1CDB7} - E:\WINDOWS\system32\Magg.dll
R3 - URLSearchHook: (no name) - {8B6A074A-4637-47FA-9524-D5524AEAA00F} - E:\WINDOWS\system32\Wfbs.dll
R3 - URLSearchHook: (no name) - {D3031741-E176-4FF6-9255-23F6EFBE80B2} - E:\WINDOWS\system32\Asaalh.dll
R3 - URLSearchHook: (no name) - {B33D1FE2-4E85-4225-AAEA-7D156158BFC5} - E:\WINDOWS\system32\Ygifyg.dll
R3 - URLSearchHook: (no name) - {2AD6AAA1-800C-4F00-B148-61F08EF4C1B5} - E:\WINDOWS\system32\Mqeoco.dll
R3 - URLSearchHook: (no name) - {CFA6DD37-DE24-4F5D-9FE7-FE354481DAA9} - E:\WINDOWS\system32\Ccdky.dll
R3 - URLSearchHook: (no name) - {84767749-235C-49B7-9AFB-E5543C03A3C3} - E:\WINDOWS\system32\Lnydwd.dll
R3 - URLSearchHook: (no name) - {5EC6B364-5166-4EFE-8BE4-060EDE426BCF} - E:\WINDOWS\system32\Ucijgl.dll
R3 - URLSearchHook: (no name) - {F7AF795A-1D68-4B6D-9D25-62B4D6C18079} - E:\WINDOWS\system32\Awful.dll
R3 - URLSearchHook: (no name) - {2EC9C5C4-948A-4D29-B47C-67FBA8334217} - E:\WINDOWS\system32\Fisix.dll
R3 - URLSearchHook: (no name) - {CD4F62EB-7903-4E2C-91B9-D9A1E00626D2} - E:\WINDOWS\system32\Notr.dll
R3 - URLSearchHook: (no name) - {21FEE489-57B3-49C0-9F30-4999DDC87DD3} - E:\WINDOWS\system32\Jyinx.dll
R3 - URLSearchHook: (no name) - {0BE7C752-73F6-4E15-89A3-7E2947B0C4D7} - E:\WINDOWS\system32\Rckywt.dll
R3 - URLSearchHook: (no name) - {892CF8A8-7D0C-4499-A20D-CF7ACF4575CC} - E:\WINDOWS\system32\Zsecl.dll
R3 - URLSearchHook: (no name) - {7FF5AF07-45B1-4F7E-B8D0-2CE3DD931F31} - E:\WINDOWS\system32\Lcym.dll
R3 - URLSearchHook: (no name) - {AC8DCBA7-7EBC-4265-8278-724704F1FBAD} - E:\WINDOWS\system32\Mheqja.dll
R3 - URLSearchHook: (no name) - {5D1D1FB8-CE41-44DB-8E38-E13106D36507} - E:\WINDOWS\system32\Impr.dll
R3 - URLSearchHook: (no name) - {DA2D293D-CB09-44AA-B1AE-4115CE30A59A} - E:\WINDOWS\system32\Tuljk.dll
R3 - URLSearchHook: (no name) - {22BAED29-BBDB-4D55-AF65-C3C08EEB0D03} - E:\WINDOWS\system32\Bksj.dll
R3 - URLSearchHook: (no name) - {5A744B8F-993C-455D-8295-C49BB69DF02C} - E:\WINDOWS\system32\Evqow.dll
R3 - URLSearchHook: (no name) - {7BDE725E-F1F9-41D6-B1E1-9321436091D8} - E:\WINDOWS\system32\Qfngj.dll
R3 - URLSearchHook: (no name) - {CFBDA170-FDDE-466C-8560-A7FFD057F86C} - E:\WINDOWS\system32\Mrqthe.dll
R3 - URLSearchHook: (no name) - {C943BB82-3905-44B9-BE9F-11F255531F49} - E:\WINDOWS\system32\Wrivfp.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - E:\WINDOWS\System32\xunleibho_v8.dll
O2 - BHO: (no name) - {0BE7C752-73F6-4E15-89A3-7E2947B0C4D7} - E:\WINDOWS\system32\Rckywt.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - E:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: SohuDAIEHelper - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - E:\Program Files\P4P\sodaie.dll (file missing)
O2 - BHO: EyeOnBrowser Class - {1272F701-349D-4DB3-BBCD-10CBDCD049FE} - E:\WINDOWS\Downlo~1\_IS_0518\_IS_WEBH.dll (file missing)
O2 - BHO: (no name) - {1FAF55CF-F80E-4047-BEE7-14F91D244770} - E:\WINDOWS\system32\Kaedir.dll
O2 - BHO: (no name) - {21FEE489-57B3-49C0-9F30-4999DDC87DD3} - E:\WINDOWS\system32\Jyinx.dll
O2 - BHO: (no name) - {22BAED29-BBDB-4D55-AF65-C3C08EEB0D03} - E:\WINDOWS\system32\Bksj.dll
O2 - BHO: (no name) - {2AD6AAA1-800C-4F00-B148-61F08EF4C1B5} - E:\WINDOWS\system32\Mqeoco.dll
O2 - BHO: (no name) - {2D12BC27-6F3F-4749-8526-ED77DB69BB6E} - E:\WINDOWS\system32\Wfpfg.dll
O2 - BHO: (no name) - {2EC9C5C4-948A-4D29-B47C-67FBA8334217} - E:\WINDOWS\system32\Fisix.dll
O2 - BHO: (no name) - {2FD05F16-F651-409F-90E1-104DACE0BB23} - E:\WINDOWS\system32\Pzhe.dll
O2 - BHO: (no name) - {3289DCAA-F79C-41BB-A120-0DE8D112052F} - E:\WINDOWS\system32\Hwkpt.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - E:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll
O2 - BHO: (no name) - {34FFBAF0-3CFF-4168-B3C5-8AB4C42C1C6F} - E:\WINDOWS\system32\Fdji.dll
O2 - BHO: (no name) - {37436745-A2BB-4AB5-8FB8-CA5EB3C4376D} - E:\WINDOWS\system32\Tyvzvg.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - E:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - E:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
O2 - BHO: (no name) - {409DE2FB-1E12-4D80-B471-275C57B1CDB7} - E:\WINDOWS\system32\Magg.dll
O2 - BHO: (no name) - {4311D580-E0F1-479B-9063-540CA3E7EEB5} - E:\WINDOWS\system32\Bruhi.dll
O2 - BHO: (no name) - {4DA35419-E35A-4400-9809-E2FCFA9C84CF} - E:\WINDOWS\system32\Neea.dll
O2 - BHO: (no name) - {4EEB53F1-5BF7-4B15-AAF0-49F69EBF0683} - E:\WINDOWS\system32\Imkkot.dll
O2 - BHO: (no name) - {53DE267E-1B26-45CB-B5D8-5025FDE0A507} - E:\WINDOWS\system32\Qpebrt.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\Program Files\飘云IP简装优化版\QQIEHelper.dll
O2 - BHO: (no name) - {59857B25-6CBE-4674-99B2-B4692E43C9B4} - E:\WINDOWS\system32\Qffjrn.dll
O2 - BHO: (no name) - {5A744B8F-993C-455D-8295-C49BB69DF02C} - E:\WINDOWS\system32\Evqow.dll
O2 - BHO: (no name) - {5B10EF32-ECFC-4A9F-87FE-98107103480E} - E:\WINDOWS\system32\Wmvl.dll
O2 - BHO: (no name) - {5BE00355-4FF7-402C-831A-DE3895C23869} - E:\WINDOWS\system32\Uxdud.dll
O2 - BHO: (no name) - {5D1D1FB8-CE41-44DB-8E38-E13106D36507} - E:\WINDOWS\system32\Impr.dll
O2 - BHO: (no name) - {5D3177F5-D697-4986-9248-33AC28FAF059} - E:\WINDOWS\system32\Xcku.dll
O2 - BHO: (no name) - {5EC6B364-5166-4EFE-8BE4-060EDE426BCF} - E:\WINDOWS\system32\Ucijgl.dll
O2 - BHO: (no name) - {61820D14-754B-4C3E-8E3E-2F35F5040E0A} - E:\WINDOWS\system32\Lhxl.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - E:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL
O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - (no file)
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - E:\DOCUME~1\a\LOCALS~1\Temp\SSLive.dll
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - E:\WINDOWS\SYSTEM32\stdup.dll
O2 - BHO: (no name) - {6CA9C177-5B5F-4677-9645-B8AE5590AA3B} - E:\WINDOWS\system32\Kljx.dll
O2 - BHO: (no name) - {6F625336-94C2-470B-98F8-14E7B49FC832} - E:\WINDOWS\system32\Pkzld.dll
O2 - BHO: (no name) - {74B0BE98-73F9-4CA1-B164-94B81D197D6B} - E:\WINDOWS\system32\Vjgo.dll
O2 - BHO: (no name) - {74E8EFAD-3DEA-41C7-81A6-4C0E6C752B0B} - E:\WINDOWS\system32\Mejr.dll
O2 - BHO: (no name) - {7BDE725E-F1F9-41D6-B1E1-9321436091D8} - E:\WINDOWS\system32\Qfngj.dll
O2 - BHO: (no name) - {7FF5AF07-45B1-4F7E-B8D0-2CE3DD931F31} - E:\WINDOWS\system32\Lcym.dll
O2 - BHO: (no name) - {84767749-235C-49B7-9AFB-E5543C03A3C3} - E:\WINDOWS\system32\Lnydwd.dll
O2 - BHO: (no name) - {892CF8A8-7D0C-4499-A20D-CF7ACF4575CC} - E:\WINDOWS\system32\Zsecl.dll
O2 - BHO: (no name) - {89924BDF-DCEE-456F-AC8D-0CBF2BB59F6E} - E:\WINDOWS\system32\Efout.dll
O2 - BHO: (no name) - {8B6A074A-4637-47FA-9524-D5524AEAA00F} - E:\WINDOWS\system32\Wfbs.dll
O2 - BHO: (no name) - {AAA35CB7-AA04-4B6C-8BB9-C3517E08375E} - E:\WINDOWS\system32\Kfttnz.dll
O2 - BHO: (no name) - {AC8DCBA7-7EBC-4265-8278-724704F1FBAD} - E:\WINDOWS\system32\Mheqja.dll
O2 - BHO: (no name) - {B2BCB0C0-E17F-4838-BF9C-EAC49E7A9C27} - E:\WINDOWS\system32\Wzugdk.dll
O2 - BHO: (no name) - {B33D1FE2-4E85-4225-AAEA-7D156158BFC5} - E:\WINDOWS\system32\Ygifyg.dll
O2 - BHO: (no name) - {B8964BC1-DBA4-4D73-A861-086FF0EBF3B3} - E:\WINDOWS\system32\Omvj.dll
O2 - BHO: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO: (no name) - {C05979D4-EB33-4D9C-85E2-E2ADC454B48D} - E:\WINDOWS\system32\Jyargq.dll
O2 - BHO: (no name) - {C4E537DE-6C3A-4616-971B-4C04C62C4430} - E:\WINDOWS\system32\Fuuj.dll
O2 - BHO: (no name) - {C7A92730-3E3A-48A7-AC2A-D455C272578A} - E:\WINDOWS\system32\Hgxxf.dll
O2 - BHO: (no name) - {C943BB82-3905-44B9-BE9F-11F255531F49} - E:\WINDOWS\system32\Wrivfp.dll
O2 - BHO: (no name) - {CD4F62EB-7903-4E2C-91B9-D9A1E00626D2} - E:\WINDOWS\system32\Notr.dll
O2 - BHO: (no name) - {CFA6DD37-DE24-4F5D-9FE7-FE354481DAA9} - E:\WINDOWS\system32\Ccdky.dll
O2 - BHO: (no name) - {CFBDA170-FDDE-466C-8560-A7FFD057F86C} - E:\WINDOWS\system32\Mrqthe.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O2 - BHO: (no name) - {D3031741-E176-4FF6-9255-23F6EFBE80B2} - E:\WINDOWS\system32\Asaalh.dll
O2 - BHO: (no name) - {DA2D293D-CB09-44AA-B1AE-4115CE30A59A} - E:\WINDOWS\system32\Tuljk.dll
O2 - BHO: (no name) - {DDBEDF60-A001-4EF4-A6F7-613508840F8C} - E:\WINDOWS\system32\Jbay.dll
O2 - BHO: (no name) - {F08B31AE-B911-4745-855A-4648660DA50B} - E:\WINDOWS\system32\Vhlofg.dll
O2 - BHO: (no name) - {F1A5427F-205D-4AEA-AE6A-2D0A11C0C94B} - E:\WINDOWS\system32\Ssrbhv.dll
O2 - BHO: (no name) - {F7AF795A-1D68-4B6D-9D25-62B4D6C18079} - E:\WINDOWS\system32\Awful.dll
O3 - IE工具栏增项: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - E:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll
O3 - IE工具栏增项: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O3 - IE工具栏增项: 完美网译通 - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - E:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - E:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll

O4 - 启动项HKLM\\Run: [PHIME2002ASync] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [WindowsUpdate] E:\WINDOWS\System32\WindowsUpdate.exe
O4 - 启动项HKLM\\Run: [RavTask] "F:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [RfwMain] "F:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [yassistse] "E:\Program Files\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [MSPY2002] E:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 启动项HKLM\\Run: [IgfxTray] E:\WINDOWS\system32\igfxtray.exe
O4 - 启动项HKLM\\Run: [HotKeysCmds] E:\WINDOWS\system32\hkcmd.exe
O4 - 启动项HKLM\\Run: [advapi32] RUNDLL32 E:\WINDOWS\Downlo~1\_IS_0518\_IS_ISC.DLL,isc
O4 - 启动项HKLM\\Run: [snpstd3] E:\WINDOWS\vsnpstd3.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [spoolsv] E:\WINDOWS\system32\spoolsv\spoolsv.exe -printer
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [stup.exe] E:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: 腾讯QQ.lnk = ?
O8 - IE右键菜单中的新增项目:  >> 彩信发送 << - res://E:\PROGRA~1\MMSASS~1\MMSASS~1.DLL/mms.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - E:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - E:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - E:\Program Files\飘云IP简装优化版\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用影音传送带下载 - E:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - IE右键菜单中的新增项目: 使用影音传送带下载全部链接 - E:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\Program Files\飘云IP简装优化版\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\Program Files\飘云IP简装优化版\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\Program Files\飘云IP简装优化版\SendMMS.htm
O8 - IE右键菜单中的新增项目: 百度-搜索MP3 - res://E:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUMP3.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索图片 - res://E:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUIMG.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索新闻 - res://E:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUNEWS.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索歌词 - res://E:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDULYRIC.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索网页 - res://E:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUSEARCH.HTM
O8 - IE右键菜单中的新增项目: 百度-搜索贴吧 - res://E:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUPOST.HTM
O8 - IE右键菜单中的新增项目: 百度-词典搜索 - res://E:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDU_DIC.HTM
O8 - IE右键菜单中的新增项目: 雅虎搜索 - res://E:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll/246
O9 - 浏览器额外的按钮: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm?pid=U_flashget_62580 (file missing)
O9 - 浏览器额外的按钮: 红心游戏 - {00000000-DAEB-480d-867B-D746D955765B} - E:\PROGRA~1\bdgame\RedHeart\GameHall.exe
O9 - 浏览器额外的“工具”菜单项: 红心游戏世界 - {00000000-DAEB-480d-867B-D746D955765B} - E:\PROGRA~1\bdgame\RedHeart\GameHall.exe
O9 - 浏览器额外的按钮: 免费精彩视频超流畅在线观看 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - 浏览器额外的“工具”菜单项: 播霸电视 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - 浏览器额外的按钮: pp点点通 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - E:\Program Files\PP25\Pp.exe (file missing)
O9 - 浏览器额外的按钮: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - 浏览器额外的“工具”菜单项: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - 浏览器额外的按钮: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - 浏览器额外的按钮: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing)
O9 - 浏览器额外的按钮: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - E:\WINDOWS\system32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - E:\WINDOWS\system32\shdocvw.dll
O9 - 浏览器额外的按钮: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - 浏览器额外的“工具”菜单项: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\飘云IP简装优化版\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\飘云IP简装优化版\QQ.EXE
O9 - 浏览器额外的按钮: 易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://adfarm.mediaplex.com/ad/ck/4080-23171-9517-219?cn=song;icon;hp&mpro=http://www.ebay.com.cn (file missing)
O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://adfarm.mediaplex.com/ad/ck/4080-23171-9517-219?cn=song;icon;hp&mpro=http://www.ebay.com.cn (file missing)
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\飘云IP简装优化版\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\飘云IP简装优化版\QQIEHelper.dll
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O11 - Options group: [!CNS]  网络实名
O11 - Options group: [TBH]  搜搜地址栏搜索
O16 - DPF: {11010101-1001-1111-1000-110112345678} - ms-its:mhtml:file://C:\foo.mht!http://85.255.113.242//adv//024//targ.chm::/win32.exe
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab
O16 - DPF: {43331111-1111-1111-1111-611111195622} - file://c:\ex.cab
O16 - DPF: {64311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {797D8CBA-2570-4507-9C04-8244C3EBE434} (AutoRun Control) - http://222.77.178.82/script/autorun.ocx
O16 - DPF: {87CCFDB0-C4BE-4BC2-A78C-9EAA7CF96667} (pcastup Class) - http://ps.itv.mop.com/dn/files/vodupdate_1.0.0.8_20051009.cab
O16 - DPF: {98A62E3F-A8C5-4EF0-8A00-C70CF9D18A89} (LoaderCore Class) - http://tb.sogou.com/DLLoader.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.80_20060123.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E9E5C33-ACB1-4AE2-B9DF-4FC5BADC2E1C}: NameServer = 202.102.128.68 202.102.134.68
O18 - 列举现有的协议: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - E:\WINDOWS\System32\mbprot.dll
O20 - Winlogon Notify: igfxcui - E:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: System Safety Monitor - E:\WINDOWS\SYSTEM32\SSMWinlogonEx.dll
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34546} - E:\WINDOWS\System32\vbsys2.dll (file missing)
O21 - SSODL: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - E:\WINDOWS\SYSTEM32\stdup.dll
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - E:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - f:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - f:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

俺啥都不懂,俺家是双系统,98和XP,XP刚有了病毒,98里又有了,Rootkit.Vanti.gen
这是98里的病毒名字,帮忙看看怎么会事啊!~

下载超级兔子。
http://www.pctutu.com/srmsdown.asp
安装好后，打开“超级兔子优化王”“专业卸载,卸载所有提示的垃圾软件，卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载。
卸载完后，重启。
关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis，扫描结束后在下列选项前打上勾，然后选"修复""（如果有的话）
R3 - URLSearchHook: (no name) - {C7A92730-3E3A-48A7-AC2A-D455C272578A} - E:\WINDOWS\system32\Hgxxf.dll
R3 - URLSearchHook: (no name) - {6CA9C177-5B5F-4677-9645-B8AE5590AA3B} - E:\WINDOWS\system32\Kljx.dll
R3 - URLSearchHook: (no name) - {C4E537DE-6C3A-4616-971B-4C04C62C4430} - E:\WINDOWS\system32\Fuuj.dll
R3 - URLSearchHook: (no name) - {3289DCAA-F79C-41BB-A120-0DE8D112052F} - E:\WINDOWS\system32\Hwkpt.dll
R3 - URLSearchHook: (no name) - {5BE00355-4FF7-402C-831A-DE3895C23869} - E:\WINDOWS\system32\Uxdud.dll
R3 - URLSearchHook: (no name) - {DDBEDF60-A001-4EF4-A6F7-613508840F8C} - E:\WINDOWS\system32\Jbay.dll
R3 - URLSearchHook: (no name) - {4DA35419-E35A-4400-9809-E2FCFA9C84CF} - E:\WINDOWS\system32\Neea.dll
R3 - URLSearchHook: (no name) - {37436745-A2BB-4AB5-8FB8-CA5EB3C4376D} - E:\WINDOWS\system32\Tyvzvg.dll
R3 - URLSearchHook: (no name) - {409DE2FB-1E12-4D80-B471-275C57B1CDB7} - E:\WINDOWS\system32\Magg.dll
R3 - URLSearchHook: (no name) - {8B6A074A-4637-47FA-9524-D5524AEAA00F} - E:\WINDOWS\system32\Wfbs.dll
R3 - URLSearchHook: (no name) - {D3031741-E176-4FF6-9255-23F6EFBE80B2} - E:\WINDOWS\system32\Asaalh.dll
R3 - URLSearchHook: (no name) - {B33D1FE2-4E85-4225-AAEA-7D156158BFC5} - E:\WINDOWS\system32\Ygifyg.dll
R3 - URLSearchHook: (no name) - {2AD6AAA1-800C-4F00-B148-61F08EF4C1B5} - E:\WINDOWS\system32\Mqeoco.dll
R3 - URLSearchHook: (no name) - {CFA6DD37-DE24-4F5D-9FE7-FE354481DAA9} - E:\WINDOWS\system32\Ccdky.dll
R3 - URLSearchHook: (no name) - {84767749-235C-49B7-9AFB-E5543C03A3C3} - E:\WINDOWS\system32\Lnydwd.dll
R3 - URLSearchHook: (no name) - {5EC6B364-5166-4EFE-8BE4-060EDE426BCF} - E:\WINDOWS\system32\Ucijgl.dll
R3 - URLSearchHook: (no name) - {F7AF795A-1D68-4B6D-9D25-62B4D6C18079} - E:\WINDOWS\system32\Awful.dll
R3 - URLSearchHook: (no name) - {2EC9C5C4-948A-4D29-B47C-67FBA8334217} - E:\WINDOWS\system32\Fisix.dll
R3 - URLSearchHook: (no name) - {CD4F62EB-7903-4E2C-91B9-D9A1E00626D2} - E:\WINDOWS\system32\Notr.dll
R3 - URLSearchHook: (no name) - {21FEE489-57B3-49C0-9F30-4999DDC87DD3} - E:\WINDOWS\system32\Jyinx.dll
R3 - URLSearchHook: (no name) - {0BE7C752-73F6-4E15-89A3-7E2947B0C4D7} - E:\WINDOWS\system32\Rckywt.dll
R3 - URLSearchHook: (no name) - {892CF8A8-7D0C-4499-A20D-CF7ACF4575CC} - E:\WINDOWS\system32\Zsecl.dll
R3 - URLSearchHook: (no name) - {7FF5AF07-45B1-4F7E-B8D0-2CE3DD931F31} - E:\WINDOWS\system32\Lcym.dll
R3 - URLSearchHook: (no name) - {AC8DCBA7-7EBC-4265-8278-724704F1FBAD} - E:\WINDOWS\system32\Mheqja.dll
R3 - URLSearchHook: (no name) - {5D1D1FB8-CE41-44DB-8E38-E13106D36507} - E:\WINDOWS\system32\Impr.dll
R3 - URLSearchHook: (no name) - {DA2D293D-CB09-44AA-B1AE-4115CE30A59A} - E:\WINDOWS\system32\Tuljk.dll
R3 - URLSearchHook: (no name) - {22BAED29-BBDB-4D55-AF65-C3C08EEB0D03} - E:\WINDOWS\system32\Bksj.dll
R3 - URLSearchHook: (no name) - {5A744B8F-993C-455D-8295-C49BB69DF02C} - E:\WINDOWS\system32\Evqow.dll
R3 - URLSearchHook: (no name) - {7BDE725E-F1F9-41D6-B1E1-9321436091D8} - E:\WINDOWS\system32\Qfngj.dll
R3 - URLSearchHook: (no name) - {CFBDA170-FDDE-466C-8560-A7FFD057F86C} - E:\WINDOWS\system32\Mrqthe.dll
R3 - URLSearchHook: (no name) - {C943BB82-3905-44B9-BE9F-11F255531F49} - E:\WINDOWS\system32\Wrivfp.dll
O2 - BHO: (no name) - {0BE7C752-73F6-4E15-89A3-7E2947B0C4D7} - E:\WINDOWS\system32\Rckywt.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - E:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: EyeOnBrowser Class - {1272F701-349D-4DB3-BBCD-10CBDCD049FE} - E:\WINDOWS\Downlo~1\_IS_0518\_IS_WEBH.dll (file missing)
O2 - BHO: (no name) - {1FAF55CF-F80E-4047-BEE7-14F91D244770} - E:\WINDOWS\system32\Kaedir.dll
O2 - BHO: (no name) - {21FEE489-57B3-49C0-9F30-4999DDC87DD3} - E:\WINDOWS\system32\Jyinx.dll
O2 - BHO: (no name) - {22BAED29-BBDB-4D55-AF65-C3C08EEB0D03} - E:\WINDOWS\system32\Bksj.dll
O2 - BHO: (no name) - {2AD6AAA1-800C-4F00-B148-61F08EF4C1B5} - E:\WINDOWS\system32\Mqeoco.dll
O2 - BHO: (no name) - {2D12BC27-6F3F-4749-8526-ED77DB69BB6E} - E:\WINDOWS\system32\Wfpfg.dll
O2 - BHO: (no name) - {2EC9C5C4-948A-4D29-B47C-67FBA8334217} - E:\WINDOWS\system32\Fisix.dll
O2 - BHO: (no name) - {2FD05F16-F651-409F-90E1-104DACE0BB23} - E:\WINDOWS\system32\Pzhe.dll
O2 - BHO: (no name) - {3289DCAA-F79C-41BB-A120-0DE8D112052F} - E:\WINDOWS\system32\Hwkpt.dll
O2 - BHO: (no name) - {34FFBAF0-3CFF-4168-B3C5-8AB4C42C1C6F} - E:\WINDOWS\system32\Fdji.dll
O2 - BHO: (no name) - {37436745-A2BB-4AB5-8FB8-CA5EB3C4376D} - E:\WINDOWS\system32\Tyvzvg.dll
O2 - BHO: (no name) - {409DE2FB-1E12-4D80-B471-275C57B1CDB7} - E:\WINDOWS\system32\Magg.dll
O2 - BHO: (no name) - {4311D580-E0F1-479B-9063-540CA3E7EEB5} - E:\WINDOWS\system32\Bruhi.dll
O2 - BHO: (no name) - {4DA35419-E35A-4400-9809-E2FCFA9C84CF} - E:\WINDOWS\system32\Neea.dll
O2 - BHO: (no name) - {4EEB53F1-5BF7-4B15-AAF0-49F69EBF0683} - E:\WINDOWS\system32\Imkkot.dll
O2 - BHO: (no name) - {53DE267E-1B26-45CB-B5D8-5025FDE0A507} - E:\WINDOWS\system32\Qpebrt.dll
O2 - BHO: (no name) - {59857B25-6CBE-4674-99B2-B4692E43C9B4} - E:\WINDOWS\system32\Qffjrn.dll
O2 - BHO: (no name) - {5A744B8F-993C-455D-8295-C49BB69DF02C} - E:\WINDOWS\system32\Evqow.dll
O2 - BHO: (no name) - {5B10EF32-ECFC-4A9F-87FE-98107103480E} - E:\WINDOWS\system32\Wmvl.dll
O2 - BHO: (no name) - {5BE00355-4FF7-402C-831A-DE3895C23869} - E:\WINDOWS\system32\Uxdud.dll
O2 - BHO: (no name) - {5D1D1FB8-CE41-44DB-8E38-E13106D36507} - E:\WINDOWS\system32\Impr.dll
O2 - BHO: (no name) - {5D3177F5-D697-4986-9248-33AC28FAF059} - E:\WINDOWS\system32\Xcku.dll
O2 - BHO: (no name) - {5EC6B364-5166-4EFE-8BE4-060EDE426BCF} - E:\WINDOWS\system32\Ucijgl.dll
O2 - BHO: (no name) - {61820D14-754B-4C3E-8E3E-2F35F5040E0A} - E:\WINDOWS\system32\Lhxl.dll
O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - (no file)
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - E:\DOCUME~1\a\LOCALS~1\Temp\SSLive.dll
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - E:\WINDOWS\SYSTEM32\stdup.dll
O2 - BHO: (no name) - {6CA9C177-5B5F-4677-9645-B8AE5590AA3B} - E:\WINDOWS\system32\Kljx.dll
O2 - BHO: (no name) - {6F625336-94C2-470B-98F8-14E7B49FC832} - E:\WINDOWS\system32\Pkzld.dll
O2 - BHO: (no name) - {74B0BE98-73F9-4CA1-B164-94B81D197D6B} - E:\WINDOWS\system32\Vjgo.dll
O2 - BHO: (no name) - {74E8EFAD-3DEA-41C7-81A6-4C0E6C752B0B} - E:\WINDOWS\system32\Mejr.dll
O2 - BHO: (no name) - {7BDE725E-F1F9-41D6-B1E1-9321436091D8} - E:\WINDOWS\system32\Qfngj.dll
O2 - BHO: (no name) - {7FF5AF07-45B1-4F7E-B8D0-2CE3DD931F31} - E:\WINDOWS\system32\Lcym.dll
O2 - BHO: (no name) - {84767749-235C-49B7-9AFB-E5543C03A3C3} - E:\WINDOWS\system32\Lnydwd.dll
O2 - BHO: (no name) - {892CF8A8-7D0C-4499-A20D-CF7ACF4575CC} - E:\WINDOWS\system32\Zsecl.dll
O2 - BHO: (no name) - {89924BDF-DCEE-456F-AC8D-0CBF2BB59F6E} - E:\WINDOWS\system32\Efout.dll
O2 - BHO: (no name) - {8B6A074A-4637-47FA-9524-D5524AEAA00F} - E:\WINDOWS\system32\Wfbs.dll
O2 - BHO: (no name) - {AAA35CB7-AA04-4B6C-8BB9-C3517E08375E} - E:\WINDOWS\system32\Kfttnz.dll
O2 - BHO: (no name) - {AC8DCBA7-7EBC-4265-8278-724704F1FBAD} - E:\WINDOWS\system32\Mheqja.dll
O2 - BHO: (no name) - {B2BCB0C0-E17F-4838-BF9C-EAC49E7A9C27} - E:\WINDOWS\system32\Wzugdk.dll
O2 - BHO: (no name) - {B33D1FE2-4E85-4225-AAEA-7D156158BFC5} - E:\WINDOWS\system32\Ygifyg.dll
O2 - BHO: (no name) - {B8964BC1-DBA4-4D73-A861-086FF0EBF3B3} - E:\WINDOWS\system32\Omvj.dll
O2 - BHO: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO: (no name) - {C05979D4-EB33-4D9C-85E2-E2ADC454B48D} - E:\WINDOWS\system32\Jyargq.dll
O2 - BHO: (no name) - {C4E537DE-6C3A-4616-971B-4C04C62C4430} - E:\WINDOWS\system32\Fuuj.dll
O2 - BHO: (no name) - {C7A92730-3E3A-48A7-AC2A-D455C272578A} - E:\WINDOWS\system32\Hgxxf.dll
O2 - BHO: (no name) - {C943BB82-3905-44B9-BE9F-11F255531F49} - E:\WINDOWS\system32\Wrivfp.dll
O2 - BHO: (no name) - {CD4F62EB-7903-4E2C-91B9-D9A1E00626D2} - E:\WINDOWS\system32\Notr.dll
O2 - BHO: (no name) - {CFA6DD37-DE24-4F5D-9FE7-FE354481DAA9} - E:\WINDOWS\system32\Ccdky.dll
O2 - BHO: (no name) - {CFBDA170-FDDE-466C-8560-A7FFD057F86C} - E:\WINDOWS\system32\Mrqthe.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O2 - BHO: (no name) - {D3031741-E176-4FF6-9255-23F6EFBE80B2} - E:\WINDOWS\system32\Asaalh.dll
O2 - BHO: (no name) - {DA2D293D-CB09-44AA-B1AE-4115CE30A59A} - E:\WINDOWS\system32\Tuljk.dll
O2 - BHO: (no name) - {DDBEDF60-A001-4EF4-A6F7-613508840F8C} - E:\WINDOWS\system32\Jbay.dll
O2 - BHO: (no name) - {F08B31AE-B911-4745-855A-4648660DA50B} - E:\WINDOWS\system32\Vhlofg.dll
O2 - BHO: (no name) - {F1A5427F-205D-4AEA-AE6A-2D0A11C0C94B} - E:\WINDOWS\system32\Ssrbhv.dll
O2 - BHO: (no name) - {F7AF795A-1D68-4B6D-9D25-62B4D6C18079} - E:\WINDOWS\system32\Awful.dll
O3 - IE工具栏增项: 完美网译通 - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - E:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll
O4 - 启动项HKLM\\Run: [spoolsv] E:\WINDOWS\system32\spoolsv\spoolsv.exe -printer
O16 - DPF: {11010101-1001-1111-1000-110112345678} - ms-its:mhtml:file://C:\foo.mht!http://85.255.113.242//adv//024//targ.chm::/win32.exe
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab
O16 - DPF: {43331111-1111-1111-1111-611111195622} - file://c:\ex.cab
O16 - DPF: {64311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {797D8CBA-2570-4507-9C04-8244C3EBE434} (AutoRun Control) - http://222.77.178.82/script/autorun.ocx
O16 - DPF: {87CCFDB0-C4BE-4BC2-A78C-9EAA7CF96667} (pcastup Class) - http://ps.itv.mop.com/dn/files/vodupdate_1.0.0.8_20051009.cab
O16 - DPF: {98A62E3F-A8C5-4EF0-8A00-C70CF9D18A89} (LoaderCore Class) - http://tb.sogou.com/DLLoader.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.80_20060123.cab
O18 - 列举现有的协议: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - E:\WINDOWS\System32\mbprot.dll
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34546} - E:\WINDOWS\System32\vbsys2.dll (file missing)
O21 - SSODL: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - E:\WINDOWS\SYSTEM32\stdup.dll
O9 - 浏览器额外的按钮: 红心游戏 - {00000000-DAEB-480d-867B-D746D955765B} - E:\PROGRA~1\bdgame\RedHeart\GameHall.exe
O9 - 浏览器额外的“工具”菜单项: 红心游戏世界 - {00000000-DAEB-480d-867B-D746D955765B} - E:\PROGRA~1\bdgame\RedHeart\GameHall.exe
O9 - 浏览器额外的按钮: 免费精彩视频超流畅在线观看 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - 浏览器额外的“工具”菜单项: 播霸电视 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - 浏览器额外的按钮: pp点点通 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - E:\Program Files\PP25\Pp.exe (file missing)
O9 - 浏览器额外的按钮: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
，再重启，请再扫份日志粘上来。

好,虽然不太明白,先谢谢了啊!~我在用瑞星杀毒,杀完毒立刻重起

ijackThis_815汉化版扫描日志 V1.99.1
保存于      20:57:06, 日期 2006-7-1
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
F:\Program Files\Rising\Rav\CCenter.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
f:\program files\rising\rfw\rfwsrv.exe
E:\WINDOWS\system32\spoolsv.exe
f:\program files\rising\rfw\RfwMain.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\igfxtray.exe
E:\WINDOWS\system32\hkcmd.exe
E:\WINDOWS\vsnpstd3.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
F:\Program Files\Rising\Rav\RAVTASK.EXE
F:\Program Files\Rising\Rav\RAV.EXE
F:\Program Files\Rising\Rav\Ravmond.exe
F:\Program Files\Rising\Rav\RAVMON.EXE
E:\WINDOWS\system32\conime.exe
E:\WINDOWS\explorer.exe
E:\Documents and Settings\a\My Documents\HijackThis1991汉化版\HijackThis1991zww.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O3 - IE工具栏增项: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - E:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll
O3 - IE工具栏增项: (no name) - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - (no file)
O4 - 启动项HKLM\\Run: [PHIME2002ASync] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [RavTask] "F:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [RfwMain] "F:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [MSPY2002] E:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 启动项HKLM\\Run: [IgfxTray] E:\WINDOWS\system32\igfxtray.exe
O4 - 启动项HKLM\\Run: [HotKeysCmds] E:\WINDOWS\system32\hkcmd.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: 腾讯QQ.lnk = ?
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - E:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - E:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - E:\Program Files\飘云IP简装优化版\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用影音传送带下载 - E:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - IE右键菜单中的新增项目: 使用影音传送带下载全部链接 - E:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\Program Files\飘云IP简装优化版\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\Program Files\飘云IP简装优化版\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\Program Files\飘云IP简装优化版\SendMMS.htm
O9 - 浏览器额外的按钮: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm?pid=U_flashget_62580 (file missing)
O9 - 浏览器额外的按钮: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - 浏览器额外的按钮: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing)
O9 - 浏览器额外的按钮: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - 浏览器额外的“工具”菜单项: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\飘云IP简装优化版\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\飘云IP简装优化版\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\飘云IP简装优化版\QQIEHelper.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\飘云IP简装优化版\QQIEHelper.dll (file missing)
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E9E5C33-ACB1-4AE2-B9DF-4FC5BADC2E1C}: NameServer = 202.102.128.68 202.102.134.68

O18 - 列举现有的协议: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll
O18 - 列举现有的协议: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - E:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - E:\WINDOWS\system32\msvidctl.dll
O18 - 列举现有的协议: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - E:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - E:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - E:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - E:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - E:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: ipp - (no CLSID) - (no file)
O18 - 列举现有的协议: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - E:\WINDOWS\system32\itss.dll
O18 - 列举现有的协议: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll
O18 - 列举现有的协议: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - E:\WINDOWS\System32\msvidctl.dll
O18 - 列举现有的协议: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - E:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll
O18 - 列举现有的协议: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - E:\WINDOWS\system32\inetcomm.dll
O18 - 列举现有的协议: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - E:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - E:\WINDOWS\system32\itss.dll
O18 - 列举现有的协议: msdaipp - (no CLSID) - (no file)
O18 - 列举现有的协议: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll
O18 - 列举现有的协议: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - E:\WINDOWS\system32\mshtml.dll
O18 - 列举现有的协议: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - E:\WINDOWS\system32\msvidctl.dll
O18 - 列举现有的协议: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll
O18 - 列举现有的协议: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - E:\WINDOWS\System32\msdxm.ocx
O18 - 列举现有的协议: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - E:\WINDOWS\system32\wiascr.dll
O20 - Winlogon Notify: igfxcui - E:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: System Safety Monitor - E:\WINDOWS\SYSTEM32\SSMWinlogonEx.dll
O21 - SSODL: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - (no file)
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - E:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - f:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - f:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: StyleXPService - Unknown owner - E:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

又粘上去了啊!~

看不出问题了
如果有异常请描述一下。