HijackThis_zww汉化版扫描日志 V1.99.1
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\Program Files\Rising\Rav\RavStub.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\wincup\wincup.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\aukld\aukld.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\On Screen Display\Hotkey.exe
C:\Program Files\Battery miser\batterymiser.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\VM303_STI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\桌面\2535952005811174944\2535952005811174944\HijackThis1991zww.exe

R3 - URLSearchHook: (no name) - {A2A75B3E-AE79-4B5A-B186-C36D55E0A135} - C:\WINDOWS\system32\Wdgmk.dll (file missing)
R3 - URLSearchHook: (no name) - {CE992542-B84B-40E2-B85B-CC800A2AC8B3} - C:\WINDOWS\system32\Owgapf.dll (file missing)
R3 - URLSearchHook: (no name) - {4119B63E-DE08-475E-8EFE-2C5E943B3B8A} - C:\WINDOWS\system32\Jvpb.dll
R3 - URLSearchHook: (no name) - {A6642ABD-50D2-44AB-8DCC-15BE5765BBB1} - C:\WINDOWS\system32\Mbuow.dll
R3 - URLSearchHook: (no name) - {962B0248-EAF9-4480-9AC8-117F68351E23} - C:\WINDOWS\system32\Sczw.dll
R3 - URLSearchHook: (no name) - {955D3E06-7194-4BCB-85D0-BD0C244DE4C2} - C:\WINDOWS\system32\Cmgog.dll
R3 - URLSearchHook: (no name) - {33B6167A-79CC-4DA9-A692-D11C309047D1} - C:\WINDOWS\system32\Vasm.dll
R3 - URLSearchHook: (no name) - {CDCC2DB2-968A-4757-8F73-C06E8C5E71BF} - C:\WINDOWS\system32\Icdaew.dll
R3 - URLSearchHook: (no name) - {B0FE26D9-3D31-4E1A-AE0E-6959CF280185} - C:\WINDOWS\system32\Zixzh.dll
R3 - URLSearchHook: (no name) - {C0F67F80-CFA2-4691-A8AA-0DAF930E0D8E} - C:\WINDOWS\system32\Zwltn.dll
R3 - URLSearchHook: (no name) - {6DFBC2AE-0DF4-477A-B5F9-B1AF3A528D44} - C:\WINDOWS\system32\Asajns.dll
R3 - URLSearchHook: (no name) - {7DF85946-D1FA-45BA-8351-CFD1D4D0DBF2} - C:\WINDOWS\system32\Bvbuh.dll
R3 - URLSearchHook: (no name) - {82BF785B-01CB-47F5-9EB2-8FB73951F10C} - C:\WINDOWS\system32\Khrb.dll
R3 - URLSearchHook: (no name) - {AA4F0A89-2912-4169-9DA9-ED17731E80D7} - C:\WINDOWS\system32\Iuey.dll
R3 - URLSearchHook: (no name) - {3773ADDA-F1A4-4078-9A35-F290BA3A80AE} - C:\WINDOWS\system32\Zteuxg.dll
R3 - URLSearchHook: (no name) - {5399D4D1-DB50-4B5C-9BBF-E24DE563430D} - C:\WINDOWS\system32\Illr.dll
R3 - URLSearchHook: (no name) - {65AC6DA7-B87A-498C-9769-10BA7B80BBD7} - C:\WINDOWS\system32\Acvcnk.dll
R3 - URLSearchHook: (no name) - {88B192DB-CB79-497A-B53A-0F7F29ABAF97} - C:\WINDOWS\system32\Bfnfie.dll
R3 - URLSearchHook: (no name) - {2DC40024-A5A0-4E30-BDD8-E8E11723FF91} - C:\WINDOWS\system32\Mpkxu.dll
R3 - URLSearchHook: (no name) - {DCC0911D-5E69-467D-9CF5-CB4837E0D850} - C:\WINDOWS\system32\Kskd.dll
R3 - URLSearchHook: (no name) - {2D72C060-A25E-4A49-8191-9E8B15B7F5D6} - C:\WINDOWS\system32\Kalwzo.dll
R3 - URLSearchHook: (no name) - {919EF953-E318-419C-8F6B-0263D492AA63} - C:\WINDOWS\system32\Tjmih.dll
R3 - URLSearchHook: (no name) - {7BB4F0B9-6840-4999-99F3-37B102AA6C00} - C:\WINDOWS\system32\Yfjbx.dll
R3 - URLSearchHook: (no name) - {38A77079-3FA0-49EC-9E1D-C645D5CBA895} - C:\WINDOWS\system32\Sjpna.dll (file missing)
R3 - URLSearchHook: (no name) - {819B97A8-510B-4842-9D57-90721A7FDD30} - C:\WINDOWS\system32\Ojsv.dll
R3 - URLSearchHook: (no name) - {B4665FFA-B7EF-4FA7-B029-EBC0C7B3CBFE} - C:\WINDOWS\system32\Izfr.dll
R3 - URLSearchHook: (no name) - {013D4574-D441-4664-8EDD-36D0D6445643} - C:\WINDOWS\system32\Wvoku.dll
R3 - URLSearchHook: (no name) - {DB0420D3-A4FB-4EDA-9C74-4A5448F0562D} - C:\WINDOWS\system32\Pjga.dll
R3 - URLSearchHook: (no name) - {C5933E25-6A6E-4F56-BFFE-E5CD0DB87D31} - C:\WINDOWS\system32\Qgppr.dll
R3 - URLSearchHook: (no name) - {CB955D03-68A9-4110-92C6-34C2D10A3BC9} - C:\WINDOWS\system32\Atpbt.dll
R3 - URLSearchHook: (no name) - {53742AE8-1960-4A32-91A0-569D7447F1AE} - C:\WINDOWS\system32\Mwvcnx.dll
R3 - URLSearchHook: (no name) - {4C6784CE-2957-4DF0-81B6-78ABF07BA67F} - C:\WINDOWS\system32\Pvgmaq.dll
R3 - URLSearchHook: (no name) - {3CA1DE5A-1045-4B50-AAF7-E25936D12344} - C:\WINDOWS\system32\Qmvnwc.dll
R3 - URLSearchHook: (no name) - {55C4B544-8515-4124-8DD1-4A34148BC61C} - C:\WINDOWS\system32\Jhuzel.dll
R3 - URLSearchHook: (no name) - {B78E694A-2FBD-4CA1-861B-589C05729E02} - C:\WINDOWS\system32\Htlgnc.dll
R3 - URLSearchHook: (no name) - {9BB46326-7A1E-490A-BA75-4D2FD0811420} - C:\WINDOWS\system32\Ktdqe.dll
R3 - URLSearchHook: (no name) - {994AC898-9792-463D-A9A4-9F44D1B50299} - C:\WINDOWS\system32\Hlkll.dll
R3 - URLSearchHook: (no name) - {EC19582D-E73B-4A48-B21B-906AC0A77B02} - C:\WINDOWS\system32\Cclmc.dll
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: (no name) - {013D4574-D441-4664-8EDD-36D0D6445643} - C:\WINDOWS\system32\Wvoku.dll
O2 - BHO: 搜搜地址栏搜索 - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: (no name) - {2D72C060-A25E-4A49-8191-9E8B15B7F5D6} - C:\WINDOWS\system32\Kalwzo.dll
O2 - BHO: (no name) - {2DC40024-A5A0-4E30-BDD8-E8E11723FF91} - C:\WINDOWS\system32\Mpkxu.dll
O2 - BHO: (no name) - {33B6167A-79CC-4DA9-A692-D11C309047D1} - C:\WINDOWS\system32\Vasm.dll
O2 - BHO: (no name) - {3773ADDA-F1A4-4078-9A35-F290BA3A80AE} - C:\WINDOWS\system32\Zteuxg.dll
O2 - BHO: (no name) - {38A77079-3FA0-49EC-9E1D-C645D5CBA895} - C:\WINDOWS\system32\Sjpna.dll (file missing)
O2 - BHO: (no name) - {3CA1DE5A-1045-4B50-AAF7-E25936D12344} - C:\WINDOWS\system32\Qmvnwc.dll
O2 - BHO: (no name) - {4119B63E-DE08-475E-8EFE-2C5E943B3B8A} - C:\WINDOWS\system32\Jvpb.dll
O2 - BHO: (no name) - {4C6784CE-2957-4DF0-81B6-78ABF07BA67F} - C:\WINDOWS\system32\Pvgmaq.dll
O2 - BHO: (no name) - {53742AE8-1960-4A32-91A0-569D7447F1AE} - C:\WINDOWS\system32\Mwvcnx.dll
O2 - BHO: (no name) - {5399D4D1-DB50-4B5C-9BBF-E24DE563430D} - C:\WINDOWS\system32\Illr.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: (no name) - {55C4B544-8515-4124-8DD1-4A34148BC61C} - C:\WINDOWS\system32\Jhuzel.dll
O2 - BHO: (no name) - {65AC6DA7-B87A-498C-9769-10BA7B80BBD7} - C:\WINDOWS\system32\Acvcnk.dll
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\WINDOWS\system32\ssup.dll
O2 - BHO: std software - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
O2 - BHO: (no name) - {6DFBC2AE-0DF4-477A-B5F9-B1AF3A528D44} - C:\WINDOWS\system32\Asajns.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Progra~1\Baidu\bar\BaiDuBar.dll
O2 - BHO: (no name) - {7BB4F0B9-6840-4999-99F3-37B102AA6C00} - C:\WINDOWS\system32\Yfjbx.dll
O2 - BHO: (no name) - {7DF85946-D1FA-45BA-8351-CFD1D4D0DBF2} - C:\WINDOWS\system32\Bvbuh.dll
O2 - BHO: (no name) - {819B97A8-510B-4842-9D57-90721A7FDD30} - C:\WINDOWS\system32\Ojsv.dll
O2 - BHO: (no name) - {82BF785B-01CB-47F5-9EB2-8FB73951F10C} - C:\WINDOWS\system32\Khrb.dll
O2 - BHO: (no name) - {88B192DB-CB79-497A-B53A-0F7F29ABAF97} - C:\WINDOWS\system32\Bfnfie.dll
O2 - BHO: (no name) - {919EF953-E318-419C-8F6B-0263D492AA63} - C:\WINDOWS\system32\Tjmih.dll
O2 - BHO: (no name) - {955D3E06-7194-4BCB-85D0-BD0C244DE4C2} - C:\WINDOWS\system32\Cmgog.dll
O2 - BHO: (no name) - {962B0248-EAF9-4480-9AC8-117F68351E23} - C:\WINDOWS\system32\Sczw.dll
O2 - BHO: (no name) - {994AC898-9792-463D-A9A4-9F44D1B50299} - C:\WINDOWS\system32\Hlkll.dll
O2 - BHO: (no name) - {9BB46326-7A1E-490A-BA75-4D2FD0811420} - C:\WINDOWS\system32\Ktdqe.dll
O2 - BHO: (no name) - {A2A75B3E-AE79-4B5A-B186-C36D55E0A135} - C:\WINDOWS\system32\Wdgmk.dll (file missing)
O2 - BHO: (no name) - {A6642ABD-50D2-44AB-8DCC-15BE5765BBB1} - C:\WINDOWS\system32\Mbuow.dll
O2 - BHO: (no name) - {AA4F0A89-2912-4169-9DA9-ED17731E80D7} - C:\WINDOWS\system32\Iuey.dll
O2 - BHO: (no name) - {B0FE26D9-3D31-4E1A-AE0E-6959CF280185} - C:\WINDOWS\system32\Zixzh.dll
O2 - BHO: (no name) - {B4665FFA-B7EF-4FA7-B029-EBC0C7B3CBFE} - C:\WINDOWS\system32\Izfr.dll
O2 - BHO: (no name) - {B78E694A-2FBD-4CA1-861B-589C05729E02} - C:\WINDOWS\system32\Htlgnc.dll
O2 - BHO: MacroMediapd - {B8CCDD47-38E4-4CD2-B7FA-3B4B690F74BD} - C:\WINDOWS\system32\microapmddt.dll (file missing)
O2 - BHO: (no name) - {C0F67F80-CFA2-4691-A8AA-0DAF930E0D8E} - C:\WINDOWS\system32\Zwltn.dll
O2 - BHO: (no name) - {C5933E25-6A6E-4F56-BFFE-E5CD0DB87D31} - C:\WINDOWS\system32\Qgppr.dll
O2 - BHO: (no name) - {CB955D03-68A9-4110-92C6-34C2D10A3BC9} - C:\WINDOWS\system32\Atpbt.dll
O2 - BHO: (no name) - {CDCC2DB2-968A-4757-8F73-C06E8C5E71BF} - C:\WINDOWS\system32\Icdaew.dll
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\IEHelper.dll
O2 - BHO: (no name) - {CE992542-B84B-40E2-B85B-CC800A2AC8B3} - C:\WINDOWS\system32\Owgapf.dll (file missing)
O2 - BHO: QuickBtn - {D1BB7CF4-4463-4e91-88D7-ECC3CE0A13B7} - C:\Program Files\CoolWebsite\QuickLink.dll
O2 - BHO: (no name) - {DB0420D3-A4FB-4EDA-9C74-4A5448F0562D} - C:\WINDOWS\system32\Pjga.dll
O2 - BHO: (no name) - {DCC0911D-5E69-467D-9CF5-CB4837E0D850} - C:\WINDOWS\system32\Kskd.dll
O2 - BHO: (no name) - {EC19582D-E73B-4A48-B21B-906AC0A77B02} - C:\WINDOWS\system32\Cclmc.dll
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Progra~1\Baidu\bar\BaiDuBar.dll
O3 - IE工具栏增项: 实用搜索 - {15ADF205-4C54-4cfe-AC88-1EA0BA6D06A0} - C:\Program Files\ScanToolbar\ScanBar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - 启动项HKLM\\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - 启动项HKLM\\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - 启动项HKLM\\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - 启动项HKLM\\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - 启动项HKLM\\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - 启动项HKLM\\Run: [KeybdUtility] "C:\Program Files\On Screen Display\Hotkey.exe"
O4 - 启动项HKLM\\Run: [batterymiser] C:\Program Files\Battery miser\batterymiser.exe
O4 - 启动项HKLM\\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup

O4 - 启动项HKLM\\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - 启动项HKLM\\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - 启动项HKLM\\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 腾讯TM.lnk = C:\Program Files\Tencent\QQ\TMShell.exe
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - IE右键菜单中的新增项目: &RSDN Search - res://C:\Program Files\ScanToolbar\ScanBar.dll/GoRSDN.dll.htm
O8 - IE右键菜单中的新增项目: >>彩信发送<< - res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: 百度--MP3搜索 - RES://C:\Progra~1\Baidu\bar\baidubar.dll/BAIDUMP3.HTM
O8 - IE右键菜单中的新增项目: 百度--图片搜索 - RES://C:\Progra~1\Baidu\bar\baidubar.dll/BAIDUIMG.HTM
O8 - IE右键菜单中的新增项目: 百度--新闻搜索 - RES://C:\Progra~1\Baidu\bar\baidubar.dll/BAIDUNEWS.HTM
O8 - IE右键菜单中的新增项目: 百度--歌词搜索 - RES://C:\Progra~1\Baidu\bar\baidubar.dll/BAIDULYRIC.HTM
O8 - IE右键菜单中的新增项目: 百度--网页搜索 - RES://C:\Progra~1\Baidu\bar\baidubar.dll/BAIDUSEARCH.HTM
O8 - IE右键菜单中的新增项目: 百度--词典搜索 - RES://C:\Progra~1\Baidu\bar\baidubar.dll/BAIDU_DIC.HTM
O8 - IE右键菜单中的新增项目: 百度--贴吧搜索 - RES://C:\Progra~1\Baidu\bar\baidubar.dll/BAIDUPOST.HTM
O9 - 浏览器额外的按钮: 实用网址导航 - {1D901067-2529-4A9B-9B6B-7A1DB3A44CB5} - C:\Program Files\CoolWebsite\QuickLink.dll
O9 - 浏览器额外的按钮: 联想 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.lenovo.com (file missing)
O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - 浏览器额外的“工具”菜单项: 彩E精灵设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [TBH] 搜搜地址栏搜索
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} (LiveMediaOcx Control) - http://dl_dir.qq.com/qqtv/QQLiveOcxSetup.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O21 - SSODL: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
O21 - SSODL: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O23 - NT 服务: aucup - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\wincup\wincup.exe
O23 - NT 服务: aukld - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\aukld\aukld.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe

日志都贴上！

O11 - Options group: [TBH] 搜搜地址栏搜索

【回复“一级列兵”的帖子】
都贴完了啊，怎么弄啊，我要哭了～～！

O23 - NT 服务: aucup - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\wincup\wincup.exe
O23 - NT 服务: aukld - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\aukld\aukld.exe
临时文件也要进服务项吗?
1.开始-运行输入regedit,打开注册表编辑器，定位到HKEY_LOCAL_MACHINE\ SYSTEM \ CURRENTCONTROLSET \ SERVICES分支，删除左栏中的病毒服务名aucup和aukld

去安全模式下断网清空缓存.



建议你下载超级兔子。
http://www.pctutu.com/srmsdown.asp
安装好后，打开“超级兔子优化王”“专业卸载,卸载所有提示的垃圾软件，卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载。


R3和02项里的垃圾太多了.用兔子清一下吧.不要的都清了


O11 - Options group: [TBH] 搜搜地址栏搜索      去控制面版,添加删除程序里删掉.

照你说的都做完了，帮我看看还有问题没有～！
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      11:16:58, 日期 2006-7-8
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
c:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\On Screen Display\Hotkey.exe
C:\Program Files\Battery miser\batterymiser.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\桌面\2535952005811174944\2535952005811174944\HijackThis1991zww.exe

R3 - URLSearchHook: (no name) - {A2A75B3E-AE79-4B5A-B186-C36D55E0A135} - C:\WINDOWS\system32\Wdgmk.dll (file missing)
R3 - URLSearchHook: (no name) - {CE992542-B84B-40E2-B85B-CC800A2AC8B3} - C:\WINDOWS\system32\Owgapf.dll (file missing)
R3 - URLSearchHook: (no name) - {4119B63E-DE08-475E-8EFE-2C5E943B3B8A} - C:\WINDOWS\system32\Jvpb.dll (file missing)
R3 - URLSearchHook: (no name) - {A6642ABD-50D2-44AB-8DCC-15BE5765BBB1} - C:\WINDOWS\system32\Mbuow.dll (file missing)
R3 - URLSearchHook: (no name) - {962B0248-EAF9-4480-9AC8-117F68351E23} - C:\WINDOWS\system32\Sczw.dll (file missing)
R3 - URLSearchHook: (no name) - {955D3E06-7194-4BCB-85D0-BD0C244DE4C2} - C:\WINDOWS\system32\Cmgog.dll (file missing)
R3 - URLSearchHook: (no name) - {33B6167A-79CC-4DA9-A692-D11C309047D1} - C:\WINDOWS\system32\Vasm.dll (file missing)
R3 - URLSearchHook: (no name) - {CDCC2DB2-968A-4757-8F73-C06E8C5E71BF} - C:\WINDOWS\system32\Icdaew.dll (file missing)
R3 - URLSearchHook: (no name) - {B0FE26D9-3D31-4E1A-AE0E-6959CF280185} - C:\WINDOWS\system32\Zixzh.dll (file missing)
R3 - URLSearchHook: (no name) - {C0F67F80-CFA2-4691-A8AA-0DAF930E0D8E} - C:\WINDOWS\system32\Zwltn.dll (file missing)
R3 - URLSearchHook: (no name) - {6DFBC2AE-0DF4-477A-B5F9-B1AF3A528D44} - C:\WINDOWS\system32\Asajns.dll (file missing)
R3 - URLSearchHook: (no name) - {7DF85946-D1FA-45BA-8351-CFD1D4D0DBF2} - C:\WINDOWS\system32\Bvbuh.dll (file missing)
R3 - URLSearchHook: (no name) - {82BF785B-01CB-47F5-9EB2-8FB73951F10C} - C:\WINDOWS\system32\Khrb.dll (file missing)
R3 - URLSearchHook: (no name) - {AA4F0A89-2912-4169-9DA9-ED17731E80D7} - C:\WINDOWS\system32\Iuey.dll (file missing)
R3 - URLSearchHook: (no name) - {3773ADDA-F1A4-4078-9A35-F290BA3A80AE} - C:\WINDOWS\system32\Zteuxg.dll (file missing)
R3 - URLSearchHook: (no name) - {5399D4D1-DB50-4B5C-9BBF-E24DE563430D} - C:\WINDOWS\system32\Illr.dll (file missing)
R3 - URLSearchHook: (no name) - {65AC6DA7-B87A-498C-9769-10BA7B80BBD7} - C:\WINDOWS\system32\Acvcnk.dll (file missing)
R3 - URLSearchHook: (no name) - {88B192DB-CB79-497A-B53A-0F7F29ABAF97} - C:\WINDOWS\system32\Bfnfie.dll (file missing)
R3 - URLSearchHook: (no name) - {2DC40024-A5A0-4E30-BDD8-E8E11723FF91} - C:\WINDOWS\system32\Mpkxu.dll (file missing)
R3 - URLSearchHook: (no name) - {DCC0911D-5E69-467D-9CF5-CB4837E0D850} - C:\WINDOWS\system32\Kskd.dll (file missing)
R3 - URLSearchHook: (no name) - {2D72C060-A25E-4A49-8191-9E8B15B7F5D6} - C:\WINDOWS\system32\Kalwzo.dll (file missing)
R3 - URLSearchHook: (no name) - {919EF953-E318-419C-8F6B-0263D492AA63} - C:\WINDOWS\system32\Tjmih.dll (file missing)
R3 - URLSearchHook: (no name) - {7BB4F0B9-6840-4999-99F3-37B102AA6C00} - C:\WINDOWS\system32\Yfjbx.dll (file missing)
R3 - URLSearchHook: (no name) - {38A77079-3FA0-49EC-9E1D-C645D5CBA895} - C:\WINDOWS\system32\Sjpna.dll (file missing)
R3 - URLSearchHook: (no name) - {819B97A8-510B-4842-9D57-90721A7FDD30} - C:\WINDOWS\system32\Ojsv.dll (file missing)
R3 - URLSearchHook: (no name) - {B4665FFA-B7EF-4FA7-B029-EBC0C7B3CBFE} - C:\WINDOWS\system32\Izfr.dll (file missing)
R3 - URLSearchHook: (no name) - {013D4574-D441-4664-8EDD-36D0D6445643} - C:\WINDOWS\system32\Wvoku.dll (file missing)
R3 - URLSearchHook: (no name) - {DB0420D3-A4FB-4EDA-9C74-4A5448F0562D} - C:\WINDOWS\system32\Pjga.dll (file missing)
R3 - URLSearchHook: (no name) - {C5933E25-6A6E-4F56-BFFE-E5CD0DB87D31} - C:\WINDOWS\system32\Qgppr.dll (file missing)
R3 - URLSearchHook: (no name) - {CB955D03-68A9-4110-92C6-34C2D10A3BC9} - C:\WINDOWS\system32\Atpbt.dll (file missing)
R3 - URLSearchHook: (no name) - {53742AE8-1960-4A32-91A0-569D7447F1AE} - C:\WINDOWS\system32\Mwvcnx.dll (file missing)
R3 - URLSearchHook: (no name) - {4C6784CE-2957-4DF0-81B6-78ABF07BA67F} - C:\WINDOWS\system32\Pvgmaq.dll (file missing)
R3 - URLSearchHook: (no name) - {3CA1DE5A-1045-4B50-AAF7-E25936D12344} - C:\WINDOWS\system32\Qmvnwc.dll (file missing)
R3 - URLSearchHook: (no name) - {55C4B544-8515-4124-8DD1-4A34148BC61C} - C:\WINDOWS\system32\Jhuzel.dll (file missing)
R3 - URLSearchHook: (no name) - {B78E694A-2FBD-4CA1-861B-589C05729E02} - C:\WINDOWS\system32\Htlgnc.dll (file missing)
R3 - URLSearchHook: (no name) - {9BB46326-7A1E-490A-BA75-4D2FD0811420} - C:\WINDOWS\system32\Ktdqe.dll (file missing)
R3 - URLSearchHook: (no name) - {994AC898-9792-463D-A9A4-9F44D1B50299} - C:\WINDOWS\system32\Hlkll.dll (file missing)
R3 - URLSearchHook: (no name) - {EC19582D-E73B-4A48-B21B-906AC0A77B02} - C:\WINDOWS\system32\Cclmc.dll (file missing)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - 启动项HKLM\\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - 启动项HKLM\\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - 启动项HKLM\\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - 启动项HKLM\\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - 启动项HKLM\\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - 启动项HKLM\\Run: [KeybdUtility] "C:\Program Files\On Screen Display\Hotkey.exe"
O4 - 启动项HKLM\\Run: [batterymiser] C:\Program Files\Battery miser\batterymiser.exe
O4 - 启动项HKLM\\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - 启动项HKLM\\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} (LiveMediaOcx Control) - http://dl_dir.qq.com/qqtv/QQLiveOcxSetup.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe

修复所以R3项
R3 - URLSearchHook: (no name) - {A2A75B3E-AE79-4B5A-B186-C36D55E0A135} - C:\WINDOWS\system32\Wdgmk.dll (file missing)
R3 - URLSearchHook: (no name) - {CE992542-B84B-40E2-B85B-CC800A2AC8B3} - C:\WINDOWS\system32\Owgapf.dll (file missing)
R3 - URLSearchHook: (no name) - {4119B63E-DE08-475E-8EFE-2C5E943B3B8A} - C:\WINDOWS\system32\Jvpb.dll (file missing)
R3 - URLSearchHook: (no name) - {A6642ABD-50D2-44AB-8DCC-15BE5765BBB1} - C:\WINDOWS\system32\Mbuow.dll (file missing)
R3 - URLSearchHook: (no name) - {962B0248-EAF9-4480-9AC8-117F68351E23} - C:\WINDOWS\system32\Sczw.dll (file missing)
R3 - URLSearchHook: (no name) - {955D3E06-7194-4BCB-85D0-BD0C244DE4C2} - C:\WINDOWS\system32\Cmgog.dll (file missing)
R3 - URLSearchHook: (no name) - {33B6167A-79CC-4DA9-A692-D11C309047D1} - C:\WINDOWS\system32\Vasm.dll (file missing)
R3 - URLSearchHook: (no name) - {CDCC2DB2-968A-4757-8F73-C06E8C5E71BF} - C:\WINDOWS\system32\Icdaew.dll (file missing)
R3 - URLSearchHook: (no name) - {B0FE26D9-3D31-4E1A-AE0E-6959CF280185} - C:\WINDOWS\system32\Zixzh.dll (file missing)
R3 - URLSearchHook: (no name) - {C0F67F80-CFA2-4691-A8AA-0DAF930E0D8E} - C:\WINDOWS\system32\Zwltn.dll (file missing)
R3 - URLSearchHook: (no name) - {6DFBC2AE-0DF4-477A-B5F9-B1AF3A528D44} - C:\WINDOWS\system32\Asajns.dll (file missing)
R3 - URLSearchHook: (no name) - {7DF85946-D1FA-45BA-8351-CFD1D4D0DBF2} - C:\WINDOWS\system32\Bvbuh.dll (file missing)
R3 - URLSearchHook: (no name) - {82BF785B-01CB-47F5-9EB2-8FB73951F10C} - C:\WINDOWS\system32\Khrb.dll (file missing)
R3 - URLSearchHook: (no name) - {AA4F0A89-2912-4169-9DA9-ED17731E80D7} - C:\WINDOWS\system32\Iuey.dll (file missing)
R3 - URLSearchHook: (no name) - {3773ADDA-F1A4-4078-9A35-F290BA3A80AE} - C:\WINDOWS\system32\Zteuxg.dll (file missing)
R3 - URLSearchHook: (no name) - {5399D4D1-DB50-4B5C-9BBF-E24DE563430D} - C:\WINDOWS\system32\Illr.dll (file missing)
R3 - URLSearchHook: (no name) - {65AC6DA7-B87A-498C-9769-10BA7B80BBD7} - C:\WINDOWS\system32\Acvcnk.dll (file missing)
R3 - URLSearchHook: (no name) - {88B192DB-CB79-497A-B53A-0F7F29ABAF97} - C:\WINDOWS\system32\Bfnfie.dll (file missing)
R3 - URLSearchHook: (no name) - {2DC40024-A5A0-4E30-BDD8-E8E11723FF91} - C:\WINDOWS\system32\Mpkxu.dll (file missing)
R3 - URLSearchHook: (no name) - {DCC0911D-5E69-467D-9CF5-CB4837E0D850} - C:\WINDOWS\system32\Kskd.dll (file missing)
R3 - URLSearchHook: (no name) - {2D72C060-A25E-4A49-8191-9E8B15B7F5D6} - C:\WINDOWS\system32\Kalwzo.dll (file missing)
R3 - URLSearchHook: (no name) - {919EF953-E318-419C-8F6B-0263D492AA63} - C:\WINDOWS\system32\Tjmih.dll (file missing)
R3 - URLSearchHook: (no name) - {7BB4F0B9-6840-4999-99F3-37B102AA6C00} - C:\WINDOWS\system32\Yfjbx.dll (file missing)
R3 - URLSearchHook: (no name) - {38A77079-3FA0-49EC-9E1D-C645D5CBA895} - C:\WINDOWS\system32\Sjpna.dll (file missing)
R3 - URLSearchHook: (no name) - {819B97A8-510B-4842-9D57-90721A7FDD30} - C:\WINDOWS\system32\Ojsv.dll (file missing)
R3 - URLSearchHook: (no name) - {B4665FFA-B7EF-4FA7-B029-EBC0C7B3CBFE} - C:\WINDOWS\system32\Izfr.dll (file missing)
R3 - URLSearchHook: (no name) - {013D4574-D441-4664-8EDD-36D0D6445643} - C:\WINDOWS\system32\Wvoku.dll (file missing)
R3 - URLSearchHook: (no name) - {DB0420D3-A4FB-4EDA-9C74-4A5448F0562D} - C:\WINDOWS\system32\Pjga.dll (file missing)
R3 - URLSearchHook: (no name) - {C5933E25-6A6E-4F56-BFFE-E5CD0DB87D31} - C:\WINDOWS\system32\Qgppr.dll (file missing)
R3 - URLSearchHook: (no name) - {CB955D03-68A9-4110-92C6-34C2D10A3BC9} - C:\WINDOWS\system32\Atpbt.dll (file missing)
R3 - URLSearchHook: (no name) - {53742AE8-1960-4A32-91A0-569D7447F1AE} - C:\WINDOWS\system32\Mwvcnx.dll (file missing)
R3 - URLSearchHook: (no name) - {4C6784CE-2957-4DF0-81B6-78ABF07BA67F} - C:\WINDOWS\system32\Pvgmaq.dll (file missing)
R3 - URLSearchHook: (no name) - {3CA1DE5A-1045-4B50-AAF7-E25936D12344} - C:\WINDOWS\system32\Qmvnwc.dll (file missing)
R3 - URLSearchHook: (no name) - {55C4B544-8515-4124-8DD1-4A34148BC61C} - C:\WINDOWS\system32\Jhuzel.dll (file missing)
R3 - URLSearchHook: (no name) - {B78E694A-2FBD-4CA1-861B-589C05729E02} - C:\WINDOWS\system32\Htlgnc.dll (file missing)
R3 - URLSearchHook: (no name) - {9BB46326-7A1E-490A-BA75-4D2FD0811420} - C:\WINDOWS\system32\Ktdqe.dll (file missing)
R3 - URLSearchHook: (no name) - {994AC898-9792-463D-A9A4-9F44D1B50299} - C:\WINDOWS\system32\Hlkll.dll (file missing)
R3 - URLSearchHook: (no name) - {EC19582D-E73B-4A48-B21B-906AC0A77B02} - C:\WINDOWS\system32\Cclmc.dll (file missing)
如果还未解决问题
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。