HijackThis@Qoo的扫描日志  V1.97.7
Scan saved at 19:01:19, on 2006-4-13
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\SYSTEM32\RUNDLL32.EXE
C:\WINNT\system32\oodag.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Rainbow Technologies\SPN Combo Installer\1.0.5\Server\WinNT\spnsrvnt.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\COMM\Network.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\system32\inetsrv\inetinfo.exe
C:\WINNT\system32\msdtc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\wt\updater\wcmdmgr.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\Common Files\UPDAT\Update.exe
C:\WINNT\system32\internat.exe
E:\Program Files\Netease\popo2004\popo.exe
C:\WINNT\system32\dllhost.exe
E:\Program Files\Tencent\qq\TIMPlatform.exe
C:\WINNT\system32\res.exe
C:\WINNT\system32\conime.exe
C:\WINNT\system32\taskmgr.exe
C:\WINNT\explorer.exe
E:\Program Files\Tencent\qq\QQ.exe
C:\WINNT\system32\Rundll32.exe
D:\WuSoft\Wumis\wumis.exe
C:\WINNT\system32\rundll32.exe
E:\Program Files\Tencent\qq\QQ.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\HijackThis.exe
C:\WINNT\system32\Notepad.exe

O1 - Hosts: 59.34.216.223 www.paodian.net
O1 - Hosts: 59.34.216.223 paodian.net
O1 - Hosts: 59.34.216.223 369q.com
O1 - Hosts: 59.34.216.223 www.369q.com
O1 - Hosts: 59.34.216.223 www.30ok.com
O1 - Hosts: 59.34.216.223 cq.30ok.com
O1 - Hosts: 59.34.216.223 www.176g.com
O1 - Hosts: 59.34.216.223 www.guacq.com
O1 - Hosts: 59.34.216.223 guacq.com
O1 - Hosts: 59.34.216.223 guagame.com
O1 - Hosts: 59.34.216.223 baigua.com
O1 - Hosts: 59.34.216.223 www.baigua.com
O1 - Hosts: 59.34.216.223 www.paogame.com
O1 - Hosts: 59.34.216.223 www.guagame.com
O1 - Hosts: 59.34.216.223 paogame.com
O1 - Hosts: 59.34.216.223 bbs.91530.com
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\system32\xunleibho_v14.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Progra~1\Baidu\bar\BaiDuBar.dll (file missing)
O3 - Toolbar: ????? - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Progra~1\Baidu\bar\BaiDuBar.dll (file missing)
O3 - Toolbar: ????? - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINNT\WORLD2\TOOLBAR\hmtoolbar.dll
O4 - HKLM\..\Run: [WuLink] D:\WuSoft\Wulink\wulink.exe
O4 - HKLM\..\Run: [Network Statistics] C:\Program Files\Network Statistics\nstat.exe
O4 - HKLM\..\Run: [wcmdmgr] C:\WINNT\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [POPO2004] E:\Program Files\Netease\popo2004\Start.exe
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\UPDAT\Update.exe
O4 - HKLM\..\Run: [res] C:\WINNT\system32\res.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Startup: bang.ini
O4 - Startup: bang.ini.1
O4 - Startup: ErrorLog.txt
O4 - Startup: iplay.tmp
O4 - Startup: KakaScan.log
O4 - Startup: NTUSER.DAT
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O4 - Startup: ntuser.pol
O4 - Startup: Plus!.bmp
O4 - Startup: QQProxy.Dat
O4 - Startup: scaleaddress.ini
O4 - Startup: sqlerror.log
O4 - Startup: sys_log_146266937.upt
O4 - Startup: TempUpdate.txt
O4 - Startup: tld_plu.txt
O4 - Startup: Transscale.ini
O4 - Startup: uninstalldrv.exe
O4 - Startup: zdb
O4 - Global Startup: ntuser.dat
O4 - Global Startup: ntuser.dat.LOG
O4 - Global Startup: ntuser.pol
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &使用迅雷下载 - F:\kavas\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - F:\kavas\getallurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\Tencent\qq\SendMMS.htm
O8 - Extra context menu item: 百度-搜索新闻 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUNEWS.HTM
O9 - Extra button: QQ (HKLM)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} (
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://www.tenpay.com/download/qqedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{559412F5-51AB-4D46-AFF7-4CE3E3A9B96B}: NameServer = 61.139.2.69
O17 - HKLM\System\CCS\Services\Tcpip\..\{E92BEAFD-5349-490E-858B-19BE6F2496A9}: NameServer = 61.139.2.69 202.98.96.68

我这个就是全部日志了啊!!!!

没法,,进迷宫了,,找不到地方下,这个应该是一样的哦,我昨天才下载的.

记不得了,,别个推荐的.我可能把其中那些运行的东西删了,
我重整个日志出来嘛

HijackThis@Qoo的扫描日志  V1.97.7
Scan saved at 20:36:11, on 2006-4-14
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Rainbow Technologies\SPN Combo Installer\1.0.5\Server\WinNT\spnsrvnt.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\COMM\Network.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\system32\inetsrv\inetinfo.exe
C:\WINNT\system32\msdtc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\wt\updater\wcmdmgr.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\Common Files\UPDAT\Update.exe
C:\WINNT\system32\internat.exe
E:\Program Files\Netease\popo2004\popo.exe
C:\WINNT\system32\dllhost.exe
E:\Program Files\Tencent\qq\TIMPlatform.exe
C:\WINNT\system32\res.exe
C:\WINNT\system32\conime.exe
C:\WINNT\explorer.exe
C:\WINNT\system32\Rundll32.exe
D:\WuSoft\Wumis\wumis.exe
E:\Program Files\Tencent\qq\QQ.exe
D:\WuSoft\Wumis\wumis.exe
C:\WINNT\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Tencent\qq\QQ.exe
F:\HijackThis.exe

O1 - Hosts: 59.34.216.223 www.paodian.net
O1 - Hosts: 59.34.216.223 paodian.net
O1 - Hosts: 59.34.216.223 369q.com
O1 - Hosts: 59.34.216.223 www.369q.com
O1 - Hosts: 59.34.216.223 www.30ok.com
O1 - Hosts: 59.34.216.223 cq.30ok.com
O1 - Hosts: 59.34.216.223 www.176g.com
O1 - Hosts: 59.34.216.223 www.guacq.com
O1 - Hosts: 59.34.216.223 guacq.com
O1 - Hosts: 59.34.216.223 guagame.com
O1 - Hosts: 59.34.216.223 baigua.com
O1 - Hosts: 59.34.216.223 www.baigua.com
O1 - Hosts: 59.34.216.223 www.paogame.com
O1 - Hosts: 59.34.216.223 www.guagame.com
O1 - Hosts: 59.34.216.223 paogame.com
O1 - Hosts: 59.34.216.223 bbs.91530.com
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\system32\xunleibho_v14.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Progra~1\Baidu\bar\BaiDuBar.dll (file missing)
O3 - Toolbar: ????? - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Progra~1\Baidu\bar\BaiDuBar.dll (file missing)
O3 - Toolbar: ????? - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINNT\WORLD2\TOOLBAR\hmtoolbar.dll
O4 - HKLM\..\Run: [WuLink] D:\WuSoft\Wulink\wulink.exe
O4 - HKLM\..\Run: [Network Statistics] C:\Program Files\Network Statistics\nstat.exe
O4 - HKLM\..\Run: [wcmdmgr] C:\WINNT\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [POPO2004] E:\Program Files\Netease\popo2004\Start.exe
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\UPDAT\Update.exe
O4 - HKLM\..\Run: [res] C:\WINNT\system32\res.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Startup: bang.ini
O4 - Startup: bang.ini.1
O4 - Startup: ErrorLog.txt
O4 - Startup: iplay.tmp
O4 - Startup: KakaScan.log
O4 - Startup: NTUSER.DAT
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O4 - Startup: ntuser.pol
O4 - Startup: Plus!.bmp
O4 - Startup: QQProxy.Dat
O4 - Startup: scaleaddress.ini
O4 - Startup: sqlerror.log
O4 - Startup: sys_log_146266937.upt
O4 - Startup: TempUpdate.txt
O4 - Startup: tld_plu.txt
O4 - Startup: Transscale.ini
O4 - Startup: uninstalldrv.exe
O4 - Startup: zdb
O4 - Global Startup: ntuser.dat
O4 - Global Startup: ntuser.dat.LOG
O4 - Global Startup: ntuser.pol
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &使用迅雷下载 - F:\kavas\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - F:\kavas\getallurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\Tencent\qq\SendMMS.htm
O8 - Extra context menu item: 百度-搜索新闻 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUNEWS.HTM
O9 - Extra button: QQ (HKLM)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} (
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://www.tenpay.com/download/qqedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{559412F5-51AB-4D46-AFF7-4CE3E3A9B96B}: NameServer = 61.139.2.69
O17 - HKLM\System\CCS\Services\Tcpip\..\{E92BEAFD-5349-490E-858B-19BE6F2496A9}: NameServer = 61.139.2.69 202.98.96.68

哪里才是下载的哦?  也不说清楚在哪下

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      20:52:59, 日期 2006-4-14
操作系统：  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器：    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Rainbow Technologies\SPN Combo Installer\1.0.5\Server\WinNT\spnsrvnt.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\COMM\Network.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\system32\inetsrv\inetinfo.exe
C:\WINNT\system32\msdtc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\wt\updater\wcmdmgr.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\Common Files\UPDAT\Update.exe
C:\WINNT\system32\internat.exe
E:\Program Files\Netease\popo2004\popo.exe
C:\WINNT\system32\dllhost.exe
E:\Program Files\Tencent\qq\TIMPlatform.exe
C:\WINNT\system32\res.exe
C:\WINNT\system32\conime.exe
C:\WINNT\explorer.exe
C:\WINNT\system32\Rundll32.exe
D:\WuSoft\Wumis\wumis.exe
E:\Program Files\Tencent\qq\QQ.exe
D:\WuSoft\Wumis\wumis.exe
C:\WINNT\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Tencent\qq\QQ.exe
F:\2535952005811174944\HijackThis1991zww.exe

O1 - Hosts: 59.34.216.223 www.paodian.net
O1 - Hosts: 59.34.216.223 paodian.net
O1 - Hosts: 59.34.216.223 369q.com
O1 - Hosts: 59.34.216.223 www.369q.com
O1 - Hosts: 59.34.216.223 www.30ok.com
O1 - Hosts: 59.34.216.223 cq.30ok.com
O1 - Hosts: 59.34.216.223 www.176g.com
O1 - Hosts: 59.34.216.223 www.guacq.com
O1 - Hosts: 59.34.216.223 guacq.com
O1 - Hosts: 59.34.216.223 guagame.com
O1 - Hosts: 59.34.216.223 baigua.com
O1 - Hosts: 59.34.216.223 www.baigua.com
O1 - Hosts: 59.34.216.223 www.paogame.com
O1 - Hosts: 59.34.216.223 www.guagame.com
O1 - Hosts: 59.34.216.223 paogame.com
O1 - Hosts: 59.34.216.223 bbs.91530.com
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\system32\xunleibho_v14.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Progra~1\Baidu\bar\BaiDuBar.dll (file missing)
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Progra~1\Baidu\bar\BaiDuBar.dll (file missing)
O3 - IE工具栏增项: 完美网译通 - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINNT\WORLD2\TOOLBAR\hmtoolbar.dll
O4 - 启动项HKLM\\Run: [WuLink] D:\WuSoft\Wulink\wulink.exe
O4 - 启动项HKLM\\Run: [Network Statistics] C:\Program Files\Network Statistics\nstat.exe
O4 - 启动项HKLM\\Run: [wcmdmgr] C:\WINNT\wt\updater\wcmdmgrl.exe -launch
O4 - 启动项HKLM\\Run: [POPO2004] E:\Program Files\Netease\popo2004\Start.exe
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [Update] C:\Program Files\Common Files\UPDAT\Update.exe
O4 - 启动项HKLM\\Run: [res] C:\WINNT\system32\res.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - F:\kavas\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - F:\kavas\getallurl.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - E:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\Program Files\Tencent\qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\Program Files\Tencent\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\Program Files\Tencent\qq\SendMMS.htm
O8 - IE右键菜单中的新增项目: 百度-搜索新闻 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUNEWS.HTM
O9 - 浏览器额外的按钮: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\WINNT\system32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\WINNT\system32\shdocvw.dll
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\qq\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\qq\QQ.EXE
O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} (金山毒霸安全助手) - http://zs.kingsoft.com/KOSInit.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://www.tenpay.com/download/qqedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{559412F5-51AB-4D46-AFF7-4CE3E3A9B96B}: NameServer = 61.139.2.69
O17 - HKLM\System\CCS\Services\Tcpip\..\{E92BEAFD-5349-490E-858B-19BE6F2496A9}: NameServer = 61.139.2.69 202.98.96.68
O18 - 列举现有的协议: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - (no file)
O18 - Filter: text/x-mrml - {C51721BE-858B-4A66-A8BF-D2882FF49820} - (no file)
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - NT 服务: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - NT 服务: C-DillaCdaC11BA - Macrovision - C:\WINNT\system32\drivers\CDAC11BA.EXE
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: DameWare NT Utilities 2.6 (DNTUS26) - Unknown owner - C:\WINNT\SYSTEM32\DNTUS26.EXE (file missing)
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: O&O Defrag - O&O Software GmbH - C:\WINNT\system32\oodag.exe
O23 - NT 服务: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: SuperProServer - Unknown owner - C:\Program Files\Rainbow Technologies\SPN Combo Installer\1.0.5\Server\WinNT\spnsrvnt.exe
O23 - NT 服务: Sybase BCKServer _ MPSSERVER_BS (SYBBCK_MPSSERVER_BS) - Unknown owner - d:\Sybase\bin\bcksrvr.exe
O23 - NT 服务: Sybase HISServer_MPSSERVER_HS (SYBHIS_MPSSERVER_HS) - Unknown owner - d:\Sybase\bin\histsrvr.exe
O23 - NT 服务: Sybase MONServer _ MPSSERVER_MS (SYBMON_MPSSERVER_MS) - Unknown owner - d:\Sybase\bin\monsrvr.exe
O23 - NT 服务: Sybase SQLServer _ MPSSERVER (SYBSQL_MPSSERVER) - Unknown owner - d:\Sybase\bin\sqlsrvr.exe
O23 - NT 服务: Sybase XPServer _ MPSSERVER_XP (SYBXPS_MPSSERVER_XP) - Unknown owner - d:\Sybase\bin\xpserver.exe
O23 - NT 服务: Network System (Universal Disk Manager) - COMENET TECHNOLOGY - C:\Program Files\Common Files\COMM\Network.exe

这个是那里下的了,,请各位高手帮帮忙

我最后扫出来这个已经是从哪里1楼附件里下的,然后重新扫出来的了.

非常感谢,,我想再多提个问题.C:\WINNT\wt\updater\wcmdmgr.exe
C:\Program Files\Common Files\COMM\Network.exe
C:\WINNT\system32\res.exe
C:\Program Files\Common Files\UPDAT\Update.exe 在进程中现在都没有,,不过之前看到过.