My friend's computer is running extremely slow. He cant open his anti-virus software, when he click on it, nothing happens. I think hes got lots of virus in his computer. Please help, here is the Hijackthis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:20:11, on 2000-12-1
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\inf\svchost.exe
C:\WINDOWS\system32\inf\svch0st.exe
C:\WINDOWS\KSVSvc.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\8b571.exe
C:\WINDOWS\system32\rundll32.exe
g:\Program Files\Unlocker\UnlockerAssistant.exe
\John-9b31f93190\shareddocs\HiJackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,C:\WINDOWS\system32\11334676713.exe
O1 - Hosts: 221.130.185.110 survey88.allyes.com
O1 - Hosts: 221.130.185.110 adtaobao.allyes.com
O1 - Hosts: 221.130.185.110 code.qihoo.com
O1 - Hosts: 221.130.185.110 union.mop.com
O1 - Hosts: 221.130.185.110 js.kkunion.com
O1 - Hosts: 221.130.185.110 v.kkunion.com
O1 - Hosts: 221.130.185.110 v.21cn.com
O1 - Hosts: 221.130.185.110 iplusms.allyes.com
O1 - Hosts: 221.130.185.110 mms.t2t2.com
O1 - Hosts: 221.130.185.110 ivr.dobig.net
O1 - Hosts: 221.130.185.110 www.u8u.com
O1 - Hosts: 221.130.185.110 u.u8u.com
O1 - Hosts: 221.130.185.110 img.zhangxiu.com
O1 - Hosts: 221.130.185.110 tl.linktone.com
O1 - Hosts: 221.130.185.110 channel.e78.com
O1 - Hosts: 221.130.185.110 u.7town.com
O1 - Hosts: 221.130.185.110 union.95ol.com.cn
O1 - Hosts: 221.130.185.110 mms1.95ol.com.cn
O1 - Hosts: 221.130.185.110 mfs.95ol.com.cn
O1 - Hosts: 221.130.185.110 tl.a8.com
O1 - Hosts: 221.130.185.110 ad01.a8.com
O1 - Hosts: 221.130.185.110 u2.caiku.com
O1 - Hosts: 221.130.185.110 mms.caiku.com
O1 - Hosts: 221.130.185.110 code1.caiku.com
O1 - Hosts: 221.130.185.110 pub.lele.com
O1 - Hosts: 221.130.185.110 u.lele.com
O1 - Hosts: 221.130.185.110 7town.com
O1 - Hosts: 221.130.185.110 tvsend.7town.com
O1 - Hosts: 221.130.185.110 ivrsend.7town.com
O1 - Hosts: 221.130.185.110 tlt.7town.com
O1 - Hosts: 221.130.185.110 gsend.7town.com
O1 - Hosts: 221.130.185.110 smssend.7town.com
O1 - Hosts: 221.130.185.110 mmssend.moyu.com
O1 - Hosts: 221.130.185.110 91ivr.com
O1 - Hosts: 221.130.185.110 myad.91ivr.com
O1 - Hosts: 221.130.185.110 u.91ivr.com
O1 - Hosts: 221.130.185.110 union.91ivr.com
O1 - Hosts: 221.130.185.110 cm.p4p.cn.yahoo.com
O1 - Hosts: 221.130.185.110 un.265.com
O1 - Hosts: 221.130.185.110 union.qq.com
O1 - Hosts: 221.130.185.110 view.aliunion.cn.yahoo.com
O1 - Hosts: 221.130.185.110 union.narrowad.com
O1 - Hosts: 221.130.185.110 ln.heima8.com
O1 - Hosts: 221.130.185.110 www.fboat.cn
O1 - Hosts: 221.130.185.110 cpro.baidu.com
O1 - Hosts: 221.130.185.110 unstat.baidu.com
O1 - Hosts: 221.130.185.110 y.cnxad.com
O1 - Hosts: 221.130.185.110 www.ewowo.com
O1 - Hosts: 221.130.185.110 template.union.163.com
O1 - Hosts: 221.130.185.110 new.is686.com
O1 - Hosts: 221.130.185.110 creative.unionsys.bolaa.com
O1 - Hosts: 221.130.185.110 www.qyule.com
O1 - Hosts: 221.130.185.110 99e.cc
O1 - Hosts: 221.130.185.110 www.91ivr.com
O1 - Hosts: 221.130.185.110 mg.ukaka.com
O1 - Hosts: 221.130.185.110 kooxoo2.ad4all.net
O1 - Hosts: 221.130.185.110 www.8fff.com
O1 - Hosts: 221.130.185.110 union.pomoho.com
O1 - Hosts: 221.130.185.110 202.107.233.211
O1 - Hosts: 221.130.185.110 www.end123.com
O1 - Hosts: 221.130.185.110 w1.7clink.com
O1 - Hosts: 221.130.185.110 w2.7clink.com
O1 - Hosts: 221.130.185.110 union01.com
O1 - Hosts: 221.130.185.110 click.8le8le.com
O1 - Hosts: 221.130.185.110 stbanner.allyes.com
O1 - Hosts: 221.130.185.110 mms1.moyu.com
O1 - Hosts: 221.130.185.110 u.moyu.com
O1 - Hosts: 221.130.185.110 mmsu.moyu.com
O1 - Hosts: 221.130.185.110 show.moyu.com
O1 - Hosts: 221.130.185.110 ivrsend.moyu.com
O1 - Hosts: 221.130.185.110 ivru.moyu.com
O1 - Hosts: 221.130.185.110 ivr1.moyu.com
O1 - Hosts: 221.130.185.110 corep.dmcast.com
O1 - Hosts: 221.130.185.110 m081.dmcast.com
O1 - Hosts: 221.130.185.110 dcww.dmcast.com
O1 - Hosts: 221.130.185.110 renren.dmcast.com
O1 - Hosts: 221.130.185.110 files.henbang.net
O1 - Hosts: 221.130.185.110 bannerbox.cn
O1 - Hosts: 221.130.185.110 www.bannerbox.cn
O1 - Hosts: 221.130.185.110 action.coopen.cn
O1 - Hosts: 221.130.185.110 u4.sky99.cn
O1 - Hosts: 221.130.185.110 u1.sky99.cn
O1 - Hosts: 221.130.185.110 u2.sky99.cn
O1 - Hosts: 221.130.185.110 u3.sky99.cn
O1 - Hosts: 221.130.185.110 sky99.cn
O1 - Hosts: 221.130.185.110 u.sky99.cn
O1 - Hosts: 221.130.185.110 u.ete.cn
O1 - Hosts: 221.130.185.110 ip.alexaanywhere.com
O1 - Hosts: 221.130.185.110 www.365tan.com
O1 - Hosts: 221.130.185.110 www.winopen.cn
O1 - Hosts: 221.130.185.110 www.tanip.com
O1 - Hosts: 221.130.185.110 alexaanywhere.com
O1 - Hosts: 221.130.185.110 jssb.alexaanywhere.com
O1 - Hosts: 221.130.185.110 ns250.alexaanywhere.com
O1 - Hosts: 221.130.185.110 sb.alexaanywhere.com
O1 - Hosts: 221.130.185.110 ip.alexaanywhere.com
O1 - Hosts: 221.130.185.110 pop.9v.cn
O1 - Hosts: 221.130.185.110 xuni.myad.cn
O1 - Hosts: 221.130.185.110 iebar.t2t2.com
O1 - Hosts: 221.130.185.110 error.newcell.cn
O1 - Hosts: 221.130.185.110 auto.search.msn.com
O2 - BHO: ThunderAtOnce Class - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: ThunderBHO - {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9963387B-212E-4643-B207-82DAEA0E713D} - C:\Program Files\Internet Explorer\PLUGINS\Wn_Sys8x.Sys
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: ff Class - {B9751A53-4494-4d7c-9732-AE3058D8145F} - C:\WINDOWS\system32\18b1.dll
O2 - BHO: YMIN IEBand - {D4F7605B-084D-4353-A1E1-C1BC3161938C} - C:\PROGRA~1\Yahoo!\MiniMsgr\ymini.dll
O2 - BHO: Microsoft WMP 换肤管理扩展 - {FD730F2D-7EA7-4EDA-B925-9E9DDE5E6C87} - C:\Program Files\Windows Media Player\Skins\Start.wmz
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\PROGRA~1\Kingsoft\FASTAI~1\IEBand.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] rem "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] rem C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] rem C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] rem "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [EPSON Stylus CX5400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE /P19 "EPSON Stylus CX5400" /O6 "USB002" /M "Stylus CX5400"
O4 - HKLM\..\Run: [pxdnd] C:\DOCUME~1\XITIAN~1\LOCALS~1\Temp\bt9.exe
O4 - HKLM\..\Run: [KSVSvc] C:\WINDOWS\KSVSvc.exe /i
O4 - HKLM\..\Run: [facku] C:\WINDOWS\facku.exe
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [mppds] C:\WINDOWS\mppds.exe
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe
O4 - HKLM\..\Run: [WinSysM] C:\WINDOWS\351677M.exe
O4 - HKLM\..\Run: [GenProtect] C:\WINDOWS\qctxlp.exe
O4 - HKLM\..\Run: [Kvsc3] C:\WINDOWS\gnscba.exe
O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exE
O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\wrgyjv.exe
O4 - HKLM\..\Run: [NVDispDrv] C:\WINDOWS\qdimam.exe
O4 - HKLM\..\Run: [MsPrint32D] C:\WINDOWS\znhcms.exe
O4 - HKLM\..\Run: [msccrt] C:\WINDOWS\lgakal.exe
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\dgaooo.exe
O4 - HKLM\..\Run: [MsIMMs32] C:\WINDOWS\njptyj.exe
O4 - HKLM\..\Run: [LotusHlp] C:\WINDOWS\jiwsia.exe
O4 - HKLM\..\Run: [WinSysW] C:\WINDOWS\351677L.exe
O4 - HKLM\..\Run: [crsss] C:\WINDOWS\system32\TxHMoU.Exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TBMonEx] C:\WINDOWS\system\C0NIME.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "g:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [1vidkgkjl21l] C:\DOCUME~1\XITIAN~1\LOCALS~1\Temp\c0nime.exe
O4 - HKLM\..\Policies\Explorer\Run: [comrepl32] C:\windows\system32\com\comrepl32.exe
O4 - HKLM\..\Policies\Explorer\Run: [Userinit] C:\WINDOWS\system32\inf\svchost.exe C:\WINDOWS\system32\lwisys16_071129.dll start
O4 - HKLM\..\Policies\Explorer\Run: [zuoyue] C:\WINDOWS\system32\inf\svch0st.exe C:\WINDOWS\system32\lwizysys16_071132.dll start
O4 - HKCU\..\Policies\Explorer\Run: [ATICheck] %SystemRoot%\system32\aticheck.exe
O4 - HKCU\..\Policies\Explorer\Run: [SystemCheck] %SystemRoot%\system32\syschk.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Policies\Explorer\Run: [ATICheck] %SystemRoot%\system32\aticheck.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Policies\Explorer\Run: [ATICheck] %SystemRoot%\system32\aticheck.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [ATICheck] %SystemRoot%\system32\aticheck.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [ATICheck] %SystemRoot%\system32\aticheck.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Excel(&X) - res://G:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - C:\Program Files\浩方对战平台\GameClient.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: 词霸 - {9A687CA6-D585-4947-9ED9-BE96071F5CD9} - C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE (file missing)
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE (file missing)
O9 - Extra button: 雅虎邮箱通 - {D1B76CE4-CCCA-4B22-9ECB-09F85C140904} - yminimsgr:ClickIEBT (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: 百万图库 - {6713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www.26-3.com/star (file missing) (HKCU)
O9 - Extra button: 铃声图片下载 - {7713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www.26-3.com/sms/index.htm (file missing) (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\ebspi.dll' missing
O16 - DPF: QTCAb - http://61.152.93.217/wqs/ocx/QTCAb.CAB
O16 - DPF: SQTCab - http://61.152.93.217.../ocx/SQTCab.CAB
O16 - DPF: {0150EB11-5FB4-4D9E-85EA-0F155705227E} (Yahoo! 相册轻松上载工具 Class) - http://us.dl1.yimg.c...ropper1_7cn.cab
O16 - DPF: {276BF72D-CA22-4237-9BCF-593B4E490DE9} (DownLoad Class) - http://img.china.ali.../atdownload.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail....es/MSNPUpld.cab
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} - http://iebar.t2t2.com/iebar.cab
O16 - DPF: {979D3788-9F25-4CCC-9F66-2D7482D191E4} (ZLG11 Class) - http://cg.custeel.co...id/card/ZLG.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{51A5E8B0-FDCD-417C-B869-854A5C49A85D}: NameServer = 60.190.228.88,218.108.234.88
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D6D6F98-7B7E-4ADE-870B-3EEF15F369C1}: NameServer = 60.190.228.88,218.108.234.88
O17 - HKLM\System\CCS\Services\Tcpip\..\{D82CF849-D45E-47B5-AEC7-EFE5023272AE}: NameServer = 60.190.228.88,218.108.234.88
O17 - HKLM\System\CCS\Services\Tcpip\..\{F33C8E5D-5FEC-45F7-9331-1BD8C53FFE99}: NameServer = 60.190.228.88,218.108.234.88
O17 - HKLM\System\CCS\Services\Tcpip\..\{F9EFFDA5-4F2E-48E5-98B0-293D9B95AD0B}: NameServer = 60.190.228.88,218.108.234.88
O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll
O20 - AppInit_DLLs: kvdxjma.dll
O23 - Service: 4E6E2961 - Unknown owner - C:\WINDOWS\system32\DBE1C96E.EXE (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: B_itAtion (kav7.0.0.125sch) - Unknown owner - C:\WINDOWS\system32\kav.exe
O23 - Service: Fax 2Client (ms_2fax) - Unknown owner - C:\WINDOWS\system32\8b571.exe
O23 - Service: telnets - Unknown owner - C:\WINDOWS\telnets.exe
O23 - Service: Windows Accounts Driver (windows_0) - Unknown owner - C:\WINDOWS\system32\1.exe
O23 - Service: WinWLServiceNow - Unknown owner - C:\DOCUME~1\XITIAN~1\LOCALS~1\Temp\RAVWL.EXE
O23 - Service: Yahoo Service (YahooSvr) - Unknown owner - C:\WINDOWS\system32\F1F6D\svchost.exe
--
End of file - 17484 bytes