D:\Program\dzh\internet\hypwise.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Files\QQ.exe
D:\Files\TIMPlatform.exe
C:\Downloads\HijackThis\HijackThis.exe
R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\Assist\asbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program\ActiveX\AcroIEHelper.dll
O2 - BHO: URLMonitor Class - {3ED9FFDA-79DB-4B2D-99B7-16EA3C4A3A92} - C:\WINDOWS\System32\hap.dll
O2 - BHO: DownloadValue Class - {616D4040-5712-4F0F-BCF1-5C6420A99E14} - C:\WINDOWS\System32\winhtp.dll
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\KV2004\KvShell.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\Assist\asbar.dll
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\System32\drivers\inf\bands.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\downlo~1\CnsHook.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\Assist\asbar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: 江民杀毒工具栏 - {B5A34A93-D538-43A7-8371-864CB6148D12} - C:\KV2004\KvShell.dll
O3 - Toolbar: (no name) - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SKDaemon] C:\Program Files\Lenovo\Legend Standard Keyboard\skdaemon.exe
O4 - HKLM\..\Run: [Shuttle.exe] C:\Program Files\联想(北京)有限公司\幸福飞梭\Shuttle.exe
O4 - HKLM\..\Run: [ControlCenter.exe] "C:\Program Files\Lenovo\RemoteControlCenter\ControlCenter.exe"
O4 - HKLM\..\Run: [NewRmtService ] C:\Program Files\NewRemoteControl\NewRmtService.exe
O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [assistse] "C:\PROGRA~1\3721\assistse.exe"
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\downlo~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [KvMonXP] C:\KV2004\KVMonXP.kxp /auto
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program\Reader\reader_sl.exe
O4 - Global Startup: Internet Explorer.URL
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Windows Update.URL
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 新浪搜索 - http://cha.sina.com.cn/ddt.html
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Files\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Files\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Files\SendMMS.htm
O9 - Extra button: 彩秀网 - {00000000-0000-0001-0001-596BAEDD1289} - http://www.caishow.com/default.asp?f=11808&menu=yes (file missing)
O9 - Extra button: (no name) - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - http://www32.websamba.com/ppmmpic/c/?a=&b=&c=fh8&d=s0s&e=&f=&i=&j=314096&t=12/8/2005&s=t2 (file missing)
O9 - Extra button: 七彩谷 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://shop.7cv.com/index.php?asstfrom=administery (file missing)
O9 - Extra button: 云网 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://www.cncard.com/cnlink.asp?varid=27667 (file missing)
O9 - Extra button: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www32.websamba.com/ppmmpic/c/?a=&b=&c=fh8&d=s0s&e=&f=&i=&j=314096&t=12/8/2005&s=b (file missing)
O9 - Extra button: 联想 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.lenovo.com (file missing)
O9 - Extra button: 漂漂娱乐网 - {6713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www32.websamba.com/ppmmpic/c/?a=&b=&c=fh8&d=s0s&e=&f=&i=&j=314096&t=12/8/2005&s=bm (file missing)
O9 - Extra button: 领我上上网 - {7713E8D2-850A-101B-AFC0-4210102A8DA7} - http://cool.05335.com/?f=bm (file missing)
O9 - Extra button: (no name) - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - http://www.joyo.com/default.asp?source=w-90002765 (file missing)
O9 - Extra button: (no name) - {A23817F2-733B-4BC5-8DED-C1B9B4BBF93C} - (no file)
O9 - Extra button: (no name) - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - http://www32.websamba.com/ppmmpic/c/?a=&b=&c=fh8&d=s0s&e=&f=&i=&j=314096&t=12/8/2005&s=b (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: 当当网 - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - http://www.dangdang.com/?from=P-200636 (file missing)
O9 - Extra 'Tools' menuitem: 当当网 - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - http://www.dangdang.com/?from=P-200636 (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://adfarm.mediaplex.com/ad/ck/4080-23674-10022-0?aid=administery;icon;hp&mpro=http://www.ebay.com.cn (file missing)
O9 - Extra button: e龙旅行网 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://travel.elong.com/ap/ap.asp?campaign_id=4004029 (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://www32.websamba.com/ppmmpic/c/?a=&b=&c=fh8&d=s0s&e=&f=&i=&j=314096&t=12/8/2005&s=b (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://www32.websamba.com/ppmmpic/c/?a=&b=&c=fh8&d=s0s&e=&f=&i=&j=314096&t=12/8/2005&s=b (file missing)
O9 - Extra button: 卓越网 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - http://www.joyo.com/default.asp?source=w-90002765 (file missing)
O9 - Extra 'Tools' menuitem: 卓越网 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - http://www.joyo.com/default.asp?source=w-90002765 (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://www32.websamba.com/ppmmpic/c/?a=&b=&c=fh8&d=s0s&e=&f=&i=&j=314096&t=12/8/2005&s=t1 (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://www32.websamba.com/ppmmpic/c/?a=&b=&c=fh8&d=s0s&e=&f=&i=&j=314096&t=12/8/2005&s=t1 (file missing)
O9 - Extra button: 漂漂娱乐网 - {6713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www32.websamba.com/ppmmpic/c/?a=&b=&c=fh8&d=s0s&e=&f=&i=&j=314096&t=12/8/2005&s=bu (file missing) (HKCU)
O9 - Extra button: 领我上上网 - {7713E8D2-850A-101B-AFC0-4210102A8DA7} - http://cool.05335.com/?f=bu (file missing) (HKCU)
O11 - Options group: [!CNS] 上网助手-地址栏搜索
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://www.yuruyi.cn/plugin/PowerPlr.ocx
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://www.dianliao.com/wwwroot/talk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{83366C68-CFF8-464E-9240-721DAFC5B7D3}: NameServer = 211.97.184.100,211.97.168.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6AFC750-6637-451B-8C90-A4CA8AAF509C}: NameServer = 211.97.184.100 211.97.168.129
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: KVSrvXP - JiangMin Ltd. - C:\KV2004\KVSrvXP.exe
O23 - Service: Windows Services (系统服务优化与管理) - Unknown owner - C:\WINDOWS\services.exe
