我一运行某个程序就在进程中出来一大堆*****.EXE。程序开启后自动消失。我曾搜索并删了*****.EXE。开机后又有另一个*******.EXE。名字是些如：zyxem.exe,abnt.exe,.我是否中毒？中了什么毒？再哪个文件夹可找到此病毒？谢谢。

卸载搜搜地址栏...

http://forum.ikaka.com/topic.asp?board=28&artid=8105899
下载HijackThis...把日志帖上来..

HijackThis_815汉化版扫描日志 V1.99.1
保存于      18:44:22, 日期 2006-7-23
操作系统：  Windows XP SP1 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AMD\Cool'n'Quiet\GemServ.exe
C:\Program Files\AMD\Cool'n'Quiet\gemback.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\wincup\wincup.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\联想\联想标准功能键盘\SkDaemond.exe
C:\Program Files\3721\Dlaccel\YDownloader.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\WINDOWS\System32\Xpoilm.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
E:\新建文件夹\ISATRAY.EXE
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
E:\ha_killbox200175\KillBox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\program\Hijackthis1991zww\HijackThis1991zww.exe

R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: (no name) - _{00D2069A-DED6-40C2-A31E-6DE0ED225587} - (no file)
O2 - BHO: (no name) - _{052B3A4C-5DF3-45A7-AD69-792729168226} - (no file)
O2 - BHO: (no name) - _{05EF14E0-6E95-4BF5-B55D-D924D19D1C09} - (no file)
O2 - BHO: (no name) - _{08A312BB-5409-49FC-9347-54BB7D069AC6} - (no file)
O2 - BHO: (no name) - _{08A41AAB-EAE7-42FA-8322-EF8161BAA561} - (no file)
O2 - BHO: (no name) - _{0C152589-D577-4ED1-82E5-BFF63529B632} - (no file)
O2 - BHO: (no name) - _{0E106116-D783-439C-8CFC-F6EBAB830C73} - (no file)
O2 - BHO: (no name) - _{11393279-2A60-425B-9A73-E6C562349016} - (no file)
O2 - BHO: (no name) - _{17913476-7EC4-4AED-A5C0-3555D4D637DA} - (no file)
O2 - BHO: (no name) - _{19B4C788-B6DC-497A-AC49-9D9832702613} - (no file)
O2 - BHO: (no name) - _{1DC4716A-773D-4DDD-8BA9-32E25AEE6FF6} - (no file)
O2 - BHO: (no name) - _{1F60FA79-6951-4336-B080-14398012BA94} - (no file)
O2 - BHO: (no name) - _{21B5EE58-FD24-4D9D-A5A1-628F232505F5} - (no file)
O2 - BHO: (no name) - _{221AE039-4AFF-414E-B484-ECDBCFCFFA50} - (no file)
O2 - BHO: (no name) - _{2A0176FE-008B-4706-90F5-BBA532A49731} - (no file)
O2 - BHO: yPhtb - _{33BBE430-0E42-4f12-B075-8D21ACB10DCB} - (no file)
O2 - BHO: (no name) - _{34D5F9F8-7BA7-4E32-90BA-90900F20A0A3} - (no file)
O2 - BHO: (no name) - _{376B7B08-BF20-4BC2-B65D-88517DA10B39} - (no file)
O2 - BHO: Anti Fish - _{38928D50-8A48-44C2-945F-D2F23F771410} - (no file)
O2 - BHO: (no name) - _{3905ADC6-0D95-4B43-AD08-A6086009AD55} - (no file)
O2 - BHO: (no name) - _{3BE2C63A-313C-44EF-87FC-90BFB2267875} - (no file)
O2 - BHO: (no name) - _{3CE496D1-1746-41CD-9489-3C0B93DF10E2} - (no file)
O2 - BHO: (no name) - _{3EF6EE3B-7719-428D-883A-917B8DD3D341} - (no file)
O2 - BHO: (no name) - _{4648D707-1BC0-42B2-A4B7-F79DB5827446} - (no file)
O2 - BHO: (no name) - _{4B559C25-02A2-4E18-B7E3-3C933DF18698} - (no file)
O2 - BHO: (no name) - _{51BC6F48-1882-4102-A698-B7E3301AFFCF} - (no file)
O2 - BHO: QQIEHelper - _{54EBD53A-9BC1-480B-966A-843A333CA162} - (no file)
O2 - BHO: (no name) - _{5DFCB683-5903-4652-A936-6F4BEC1E91A3} - (no file)
O2 - BHO: (no name) - _{5F4C169A-E6FA-4628-9650-1E0215F2CAD3} - (no file)
O2 - BHO: YDragSearch - _{62EED7C6-9F02-42f9-B634-98E2899E147B} - (no file)
O2 - BHO: (no name) - _{65F76A51-A6A2-4890-9FC7-6A7B923D7D75} - (no file)
O2 - BHO: Vision - _{6671A431-5C3D-463d-A7CF-5587F9B7E191} - (no file)
O2 - BHO: (no name) - _{669751ED-D558-49AE-B01A-3B374CC7910E} - (no file)
O2 - BHO: (no name) - _{6B7E9C00-4BBA-4356-9D07-93CAAF25A842} - (no file)
O2 - BHO: (no name) - _{73D59CFC-C539-465E-94DF-CD9A4C4ACDEC} - (no file)
O2 - BHO: (no name) - _{75363876-F9A3-4C20-BBC4-7BB78961C082} - (no file)
O2 - BHO: (no name) - _{77FEF28E-EB96-44FF-B511-3185DEA48697} - (no file)
O2 - BHO: (no name) - _{78729250-5464-4B66-BA9C-0DC98ED28CC9} - (no file)
O2 - BHO: (no name) - _{818D3AE7-5D75-426A-BD80-707746AC96A5} - (no file)
O2 - BHO: (no name) - _{82396C57-0C5F-44D3-ADA8-ED582A3C5A04} - (no file)
O2 - BHO: (no name) - _{84192C90-56E5-476D-8A5A-70936CEF01CA} - (no file)
O2 - BHO: (no name) - _{878DC203-8C38-41D7-A8DE-078546BA8398} - (no file)
O2 - BHO: (no name) - _{8A741EAF-5746-4FFB-8A4A-8ADC05444373} - (no file)
O2 - BHO: (no name) - _{95FDE2AD-5E80-4D15-8E94-41937C0CAA30} - (no file)
O2 - BHO: (no name) - _{98395DBE-C127-4027-9E87-448B616EA740} - (no file)
O2 - BHO: (no name) - _{9844E5BE-5395-4067-823D-4983C592C214} - (no file)
O2 - BHO: (no name) - _{9F52ECE7-BEBF-4340-A867-FD8BE270E25A} - (no file)
O2 - BHO: (no name) - _{A66C763E-9420-452E-820A-3B45544F088A} - (no file)
O2 - BHO: (no name) - _{A8F6B6D6-1E95-4195-BADF-026E0A23A393} - (no file)
O2 - BHO: (no name) - _{A927DED0-501E-4F31-9606-F37F7528DE89} - (no file)
O2 - BHO: (no name) - _{AAF2B73B-08FA-4CDD-AE1B-BB6212BC7513} - (no file)
O2 - BHO: (no name) - _{AF4C5606-2A1D-4B27-A54E-78FFF4DFBA84} - (no file)
O2 - BHO: (no name) - _{B381E56C-B24D-498B-AFF9-267437B6F27E} - (no file)
O2 - BHO: (no name) - _{B4DE336F-D475-478C-BB60-AA85D8976D18} - (no file)
O2 - BHO: (no name) - _{B9654623-77FE-4CAA-992B-4572C8737D5C} - (no file)
O2 - BHO: (no name) - _{BA4B4EB7-1012-479B-A469-9EB1E8723587} - (no file)
O2 - BHO: (no name) - _{BB789520-A832-48E5-A350-B947575E8140} - (no file)
O2 - BHO: (no name) - _{BCA8F9CF-1DFD-4B4F-A68E-B2FD831EAF8A} - (no file)
O2 - BHO: (no name) - _{BEB5DB14-298B-4076-AD96-3C3E8295E30D} - (no file)
O2 - BHO: (no name) - _{C1D5D640-02C4-4659-9689-88352539B0E9} - (no file)
O2 - BHO: (no name) - _{C45696B3-66B9-4975-B32D-CF2CC05BA51F} - (no file)
O2 - BHO: (no name) - _{C765C575-C3EB-48A3-B70D-69FA5D98693B} - (no file)
O2 - BHO: (no name) - _{C86E0AC6-D404-4BFE-8D97-BBEAD0947B58} - (no file)
O2 - BHO: (no name) - _{C9A17B38-FF70-4D85-894C-E730D3E694D9} - (no file)
O2 - BHO: (no name) - _{CC4FA863-0597-4486-A60A-DDEDD951AC97} - (no file)
O2 - BHO: (no name) - _{CCA35FD4-DF09-4CFD-BDC8-E4CAC0F49643} - (no file)
O2 - BHO: (no name) - _{CCFB17CD-00E9-4533-A49F-46BE2CAFD05F} - (no file)
O2 - BHO: (no name) - _{CDB44AB2-8D5B-4F80-967F-92B17F2621C4} - (no file)
O2 - BHO: (no name) - _{D04CE906-1260-4DAF-90A8-30A3663E98A0} - (no file)
O2 - BHO: (no name) - _{D1DC60E1-4E0D-4D5C-AA1A-EB176C96D588} - (no file)
O2 - BHO: (no name) - _{D2F5919E-B551-4208-AEDE-182CA2A4BC1A} - (no file)
O2 - BHO: (no name) - _{D6BB7ABF-6906-4CDB-BF29-663A32D0C69A} - (no file)
O2 - BHO: (no name) - _{DA23B3AD-BA9C-4428-8FBE-AC14285D0A81} - (no file)
O2 - BHO: (no name) - _{DC04A391-925F-45FE-BBF9-6E4CD90E8DBB} - (no file)
O2 - BHO: (no name) - _{DDA851AE-0598-44B2-8CA9-460E9A3AB506} - (no file)
O2 - BHO: (no name) - _{E13984D6-0FBE-4C0C-8A36-AE1671B36B8F} - (no file)
O2 - BHO: (no name) - _{E165CA9E-0900-410D-A23D-CCB42FC236F4} - (no file)
O2 - BHO: (no name) - _{E342E397-018E-4DEF-95AD-E66231BA8F6E} - (no file)
O2 - BHO: (no name) - _{E835CFAC-6872-4ED8-B5A9-F33146C77090} - (no file)
O2 - BHO: (no name) - _{EA421955-7A2A-4477-B6B0-89FAFE533F4D} - (no file)
O2 - BHO: (no name) - _{EB23D028-7596-4766-8676-65A1A821891F} - (no file)
O2 - BHO: (no name) - _{EB29FB91-155A-47CB-A3DE-F553E937F290} - (no file)
O2 - BHO: (no name) - _{F18CB82E-ADA1-4353-B8A6-DCF0A54A401D} - (no file)
O2 - BHO: (no name) - _{F38E5356-5E03-4D3B-99B0-DD3116F9BC3C} - (no file)
O2 - BHO: (no name) - _{F3EAA6FE-2973-4726-A24F-6C1FFDE0EE76} - (no file)
O2 - BHO: (no name) - _{FAFBA031-5A95-4BD4-B65D-AA720134E5C9} - (no file)
O2 - BHO: (no name) - _{FB9F12A6-64AB-42E1-B2E3-CFB9A853E878} - (no file)
O2 - BHO: (no name) - _{FC132F3B-FE46-40F0-9574-D1DF13938310} - (no file)
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v6.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\program\Acrobat Reader\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: 搜搜地址栏搜索 - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\WINDOWS\System32\ssup.dll
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
O2 - BHO: (no name) - {8DE7BA48-770A-4591-9826-1FFB92EB51BC} - C:\WINDOWS\System32\Shmfso.dll (file missing)
O2 - BHO: (no name) - {A474654B-ED56-4088-99C6-F0D2336EBA25} - C:\WINDOWS\System32\Lvpqvb.dll (file missing)
O2 - BHO: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: IEHlprObj Class - {C5E5DB7E-46B1-47E6-8447-2E517F269925} - E:\document\Xplus\GETIE.dll (file missing)
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O3 - IE工具栏增项: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
O3 - IE工具栏增项: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msd

O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [联想标准功能键盘 Ver1.0.0.1] C:\Program Files\联想\联想标准功能键盘\SkDaemond.exe
O4 - 启动项HKLM\\Run: [StateChange] C:\Program Files\lenovo\StateChange\QuakeII.exe
O4 - 启动项HKLM\\Run: [dl_accel] C:\Program Files\3721\Dlaccel\YDownloader.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - 启动项HKLM\\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - 启动项HKLM\\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - 启动项HKLM\\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - 启动项HKLM\\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - 启动项HKLM\\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - 启动项HKLM\\Run: [x76syveg] RunDll32 "C:\WINDOWS\Downlo~1\x76syveg.dll",Run
O4 - 启动项HKLM\\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - 启动项HKLM\\Run: [DAEMON Tools-2052] "E:\program\daemon\daemon.exe"  -lang 2052
O4 - 启动项HKLM\\Run: [QuickTime Task] "E:\program\hui9\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Xplus_spy] "E:\program\XPLUS\xvcclip.exe" /min
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = ?
O8 - IE右键菜单中的新增项目: &使用下载加速专家下载 - C:\Program Files\3721\Dlaccel\geturl.htm
O8 - IE右键菜单中的新增项目: >>彩信发送<< - res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm
O9 - 浏览器额外的按钮: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm (file missing)
O9 - 浏览器额外的按钮: 江民在线杀毒 - {06926B30-424E-4f1c-8EE3-543CD96573DC} - http://online.jiangmin.com/online.asp (file missing)
O9 - 浏览器额外的按钮: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - 浏览器额外的按钮: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing)
O9 - 浏览器额外的按钮: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O9 - 浏览器额外的“工具”菜单项: 彩E精灵设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O11 - Options group: [!CNS]  上网助手-地址栏搜索
O11 - Options group: [TBH] 搜搜地址栏搜索
O14 - IERESET.INF: START_PAGE_URL=about:blank
O16 - DPF: _{5932517A-3326-4439-A708-1C98EDB5C549} - file://C:\Documents and Settings\All Users\Application Data\Share Helper\Cast\GGS\d2e6aca18b\js\iMopDl.cab
O16 - DPF: _{87CCFDB0-C4BE-4BC2-A78C-9EAA7CF96667} - http://ps.itv.mop.com/dn/files/vodupdate_1.0.0.9_20060425.cab
O16 - DPF: _{9BDBC41E-C335-4263-83C0-ECE78EE28A33} - http://www.ahn.com.cn/aspservice/plugin/myfirewall20.cab
O16 - DPF: _{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O16 - DPF: _{FCEFD5DD-7152-4317-ABC1-16682376EE7A} - http://ddddl.dudu.com/ddd/update/plugin/dddol.cab
O16 - DPF: _{FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.85_20060518.cab
O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} (金山毒霸在线产品升级) - http://zs.kingsoft.com/KOSInit.cab
O16 - DPF: {EF6205C1-3F17-4829-BCB5-1336ED89E356} (KvScanOnline Control) - http://online.jiangmin.com/KvDown.cab
O21 - SSODL: SysTime - {724C75F1-B757-408D-A50A-4CF99DA35D73} - C:\PROGRA~1\winkld\winkld.dll
O23 - NT 服务: .Net Boot Service - Unknown owner - C:\WINDOWS\System32\big5_gb2312.exe (file missing)
O23 - NT 服务: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - NT 服务: aucup - Unknown owner - C:\WINDOWS\TEMP\wincup\wincup.exe (file missing)
O23 - NT 服务: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - NT 服务: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - NT 服务: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - NT 服务: AMD PowerNow! (tm) Technology Service (GemServ) - Advanced Micro Devices - C:\Program Files\AMD\Cool'n'Quiet\GemServ.exe
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - NT 服务: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - NT 服务: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - NT 服务: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - NT 服务: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - NT 服务: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - NT 服务: Windows Services  (winservice) - Unknown owner - C:\WINDOWS\system32\winser.exe (file missing)
O23 - NT 服务: WintUPp - Unknown owner - C:\DOCUME~1\Fantasy\LOCALS~1\Temp\wt\wt.exe (file missing)
O23 - NT 服务: WinWrCup - MsWinCup - C:\WINDOWS\wincup\wincup.exe