Logfile of Kaka v2. 0. 0. 9 Scan Module v2. 0. 0. 1
Scan saved at 21:29:38, on 2006-08-23
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


Running processes:
[smss.exe]
CommandLine =

[csrss.exe]
CommandLine = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

[winlogon.exe]
CommandLine = winlogon.exe

[services.exe]
CommandLine = C:\WINDOWS\system32\services.exe

[lsass.exe]
CommandLine = C:\WINDOWS\system32\lsass.exe

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost -k DcomLaunch

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost -k rpcss

[svchost.exe]
CommandLine = C:\WINDOWS\System32\svchost.exe -k netsvcs

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost.exe -k NetworkService

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost.exe -k LocalService

[spoolsv.exe]
CommandLine = C:\WINDOWS\system32\spoolsv.exe

[explorer.exe]
CommandLine = explorer.exe C:\WINDOWS\system32\downasp.exe

[shstat.exe]
CommandLine = "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE

[UpdaterUI.exe]
CommandLine = "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey

[ctfmon.exe]
CommandLine = "C:\WINDOWS\system32\ctfmon.exe"

[SRIECLI.EXE]
CommandLine = "F:\超级兔子\MagicSet\SRIECLI.EXE" /LOAD

[FrameworkService.exe]
CommandLine = "C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart

[naPrdMgr.exe]
CommandLine = C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe -Embedding

[Mcshield.exe]
CommandLine = "C:\Program Files\Network Associates\VirusScan\Mcshield.exe"

[VsTskMgr.exe]
CommandLine = "C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"

[alg.exe]
CommandLine = C:\WINDOWS\System32\alg.exe

[realsched.exe]
CommandLine = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"

[KkScan.exe]
CommandLine = "F:\卡卡上网助手\KkScan.exe"

[IEXPLORE.EXE]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe"  -nohome

R3 - Default URLSearchHook is missing
F0 - system.ini: Shell=explorer.exe C:\WINDOWS\system32\downasp.exe
O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} -  (file missing)
O2 - BHO:  - {295CD217-AD34-4B66-91BA-48D5EFD9CA20} - C:\WINDOWS\system32\NBBHO.dll
O2 - BHO: Yahoo!Photo - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} -  (file missing)
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} -  (file missing)
O2 - BHO: DragSearch BHO - {62EED7C6-9F02-42f9-B634-98E2899E147B} -  (file missing)
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - F:\超级兔子\MAGICSET\haokanbar.dll
O2 - BHO: Thunder Browser Helper - {889D2FEB-5411-4565-8998-1DD2C5261283} - F:\讯雷\ComDlls\XunLeiBHO_002.dll
O2 - BHO: assist - {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} -  (file missing)
O3 - Toolbar: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - F:\超级兔子\MAGICSET\haokanbar.dll
O3 - Toolbar:  (file missing)
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] F:\超级兔子\MagicSet\SRIECLI.EXE /LOAD
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - Startup: desktop.ini =
O4 - Startup: office文件检索.exe =
O4 - Global Startup: desktop.ini =
O8 - Extra context menu item: &使用迅雷下载 - F:\讯雷\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - F:\讯雷\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra Button: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - F:\讯雷\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - F:\讯雷\Thunder.exe
O9 - Extra Button: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} -  (file missing)
O9 - Extra 'Tools' menuitem: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} -  (file missing)
O9 - Extra Button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\cdnns.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\wshcon32.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\wshcon32.dll
O11 - Options group: [CDNCLIENT]  中文上网
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O16 - DPF: {5932517A-3326-4439-A708-1C98EDB5C549} (Downloader Class) - file://C:\Documents and Settings\All Users\Application Data\Share Helper\Cast\GGS\d11e54c7b6\js\iMopDl.cab
O16 - DPF: {F3ED645F-2426-4001-8756-596B4F1EBF1A} (ShakeGTW Control) - http://www.crazy.com.tw/game/qkart/ShakeGTW.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{61FA4C8F-D9F8-4EF0-AA0C-EE7316613BEF}: NameServer = 61.139.2.69,202.98.96.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{E3895CBA-3D79-4105-B5E4-1836CF1BE13E}: NameServer = 211.155.27.88 61.236.127.254
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O21 - SSODL: webwork - {4C611512-2C1D-44b2-A044-872AD2AD5A61} - C:\WINDOWS\webwork\webwork.dll
O23 - Service: Human Interface Device Access (HidServ) -  - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: McAfee Framework 服务 (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - "C:\Program Files\Network Associates\VirusScan\Mcshield.exe"
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - "C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"
O23 - Service: User Privilege Service (usprserv) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe -k netsvcs



请问哪位高手可以给免费杀毒的网址？？！！
　　　　　　　　　　　　　　　　　　　　　　谢谢了

请到http://forum.ikaka.com/topic.asp?board=67&artid=5188931，下载，LSPFix.exe，WinsockXPFix这两个软件
重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows

运行LSPFix.exe
删除
wshcon32.dll
附说明一份
LSPFix.exe这个软件主要用来辅助修复HijackThis扫描发现的O10项。
使用时，请关闭所有IE界面和文件夹界面后运行LSPFix，运行后，把要修复的那一个O10项从左边转到右边，点“Finish”即可。（不过这之前，需要在“I know what I`m doing”前面打勾。）
双击我的电脑，工具，文件夹选项，查看，单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示确定更改时，单击“是”，清除“隐藏已知文件类型的扩展名
删除
C:\WINDOWS\system32\wshcon32.dll
修复后重启，如果无法上网，请运行WinsockXPFix，让它修复一下。
回到正常模式，请再扫日志粘上来。
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

C:\WINDOWS\system32\wshcon32.dll 删不掉

2006-08-23,22:23:47

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <Super Rabbit IEPro><F:\超级兔子\MagicSet\SRIECLI.EXE /LOAD>  [Super Rabbit Soft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <ShStatEXE><"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE>  [Network Associates, Inc.]
    <McAfeeUpdaterUI><"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey>  [Network Associates, Inc.]
    <yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  []
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe C:\WINDOWS\system32\downasp.exe>  []
    <Userinit><userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <webwork><C:\WINDOWS\webwork\webwork.dll>  [MSWebwork Cop.]

==================================
启动文件夹
[office文件检索]
  <C:\Documents and Settings\cool\「开始」菜单\程序\启动\office文件检索.exe><N>

==================================
服务
[McAfee Framework 服务 / McAfeeFramework]
  <C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart><Network Associates, Inc.>
[Network Associates McShield / McShield]
  <"C:\Program Files\Network Associates\VirusScan\Mcshield.exe"><Network Associates, Inc.>
[Network Associates Task Manager / McTaskManager]
  <"C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"><Network Associates, Inc.>
[Te1net / Te1net]
  <><N/A>

==================================

浏览器加载项
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <, N/A>
[]
  {295CD217-AD34-4B66-91BA-48D5EFD9CA20} <C:\WINDOWS\system32\NBBHO.dll, N/A>
[Yahoo!Photo]
  {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <, N/A>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <, N/A>
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <, N/A>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <F:\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\讯雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <, N/A>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <F:\讯雷\Thunder.exe, Thunder Networking Technologies,LTD>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <, N/A>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <F:\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[Downloader Class]
  {5932517A-3326-4439-A708-1C98EDB5C549} <C:\WINDOWS\system32\iMopDl.dll, >
[ShakeGTW Control]
  {F3ED645F-2426-4001-8756-596B4F1EBF1A} <C:\WINDOWS\DOWNLO~1\ShakeGTW.ocx, >
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <F:\讯雷\web\WebThunderBHO_011.dll, Thunder Networking Technologies,LTD>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[SSOClientAgent Class]
  {05DA0521-0B6B-458C-BFB1-1EFEF1F3C8FF} <E:\jiayou\SEGAmeLauncher\SSOAgent.dll, SEGA Networks>
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[]
  {295CD217-AD34-4B66-91BA-48D5EFD9CA20} <C:\WINDOWS\system32\NBBHO.dll, N/A>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <, N/A>
[Yahoo!Photo]
  {33BBE430-0E42-4F12-B075-8D21ACB10DCB} <, N/A>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <F:\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[Yahoo!Live]
  {57421194-58FB-49AE-9B4F-FD48869B9AD4} <, N/A>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <, N/A>
[DragSearch BHO]
  {62EED7C6-9F02-42F9-B634-98E2899E147B} <, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <F:\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[SlangFilter Control]
  {81BF1A75-0075-4525-9E2F-51076A4DE7B1} <C:\WINDOWS\DOWNLO~1\SLANGF~1.OCX, beta>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\讯雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Mini PPGou BHO]
  {92FB5F8F-8254-4978-9C50-03D9B0405062} <, N/A>
[ImgUploader Control]
  {94124442-376B-484A-B7F3-1648531AF213} <C:\WINDOWS\DOWNLO~1\IMGUPL~1.OCX, SEGA>
[SsgJjsnj Class]
  {A7A2D6E6-4433-E92E-736A-D5F793DF47F3} <C:\WINDOWS\DOWNLO~1\yvgtx.dll, hexcssoft>
[Fc2Boot Class]
  {ABA7CC7F-019D-47DB-A0D2-B3C2B3AC1B44} <C:\Program Files\FancyBoxII Games\system\ActiveX\fc2boot.dll, 北京线线通科技开发有限公司>
[Java Enhancer]
  {AF098F95-7CEA-407A-8552-3846737CC4B2} <C:\WINDOWS\system32\contwin.dll, Sun MicroSystems, Inc.>
[XBTP03129 Class]
  {B07D1F6B-6B8C-4904-8EE8-5E5A2B4624B3} <C:\PROGRA~1\MICRSO~1\tbu00777\SEARCH~1.DLL, IE Toolbar>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Messenger Object]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <, N/A>
[Flash 8 ocx ]
  {B8CCDD47-38E4-4CD2-B7FA-3B4B690F74BD} <C:\WINDOWS\system32\flash8.dll, MACROMEDlA>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[RealPlayer Control]
  {BDBFE1F2-14C7-42D3-ACC7-4C2757F27F55} <C:\WINDOWS\system32\rmod3260.dll, RealNetworks,Inc.>
[isObject Class]
  {BE0B5843-553A-48C2-9A42-258A1D791AFC} <, N/A>
[SSOClientDaemon Class]
  {BE20377D-3B83-4CD8-A5B2-00C3C67D518A} <, N/A>
[WebActivater Control]
  {C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[51导航]
  {D271A289-57EB-4D0E-9131-A0CD25D4D1F8} <C:\WINDOWS\system32\browsewmzero.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[TencentVmpCtl Class]
  {D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[VqqSpeedDlProxy Class]
  {F138084D-84D7-48CD-BEA8-04772457516E} <C:\WINDOWS\vqqsdl.dll, Tencent>
[ShakeGTW Control]
  {F3ED645F-2426-4001-8756-596B4F1EBF1A} <C:\WINDOWS\DOWNLO~1\ShakeGTW.ocx, >
[IERPCtl Class]
  {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} <C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll, RealNetworks, Inc.>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <, N/A>
[&使用迅雷下载]
  <F:\讯雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <F:\讯雷\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <, N/A>
[使用Web迅雷下载全部链接]
  <, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================

浏览器加载项
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <, N/A>
[]
  {295CD217-AD34-4B66-91BA-48D5EFD9CA20} <C:\WINDOWS\system32\NBBHO.dll, N/A>
[Yahoo!Photo]
  {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <, N/A>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <, N/A>
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <, N/A>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <F:\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\讯雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <, N/A>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <F:\讯雷\Thunder.exe, Thunder Networking Technologies,LTD>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <, N/A>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <F:\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[Downloader Class]
  {5932517A-3326-4439-A708-1C98EDB5C549} <C:\WINDOWS\system32\iMopDl.dll, >
[ShakeGTW Control]
  {F3ED645F-2426-4001-8756-596B4F1EBF1A} <C:\WINDOWS\DOWNLO~1\ShakeGTW.ocx, >
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <F:\讯雷\web\WebThunderBHO_011.dll, Thunder Networking Technologies,LTD>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[SSOClientAgent Class]
  {05DA0521-0B6B-458C-BFB1-1EFEF1F3C8FF} <E:\jiayou\SEGAmeLauncher\SSOAgent.dll, SEGA Networks>
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[]
  {295CD217-AD34-4B66-91BA-48D5EFD9CA20} <C:\WINDOWS\system32\NBBHO.dll, N/A>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <, N/A>
[Yahoo!Photo]
  {33BBE430-0E42-4F12-B075-8D21ACB10DCB} <, N/A>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <F:\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[Yahoo!Live]
  {57421194-58FB-49AE-9B4F-FD48869B9AD4} <, N/A>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <, N/A>
[DragSearch BHO]
  {62EED7C6-9F02-42F9-B634-98E2899E147B} <, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <F:\超级兔子\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[SlangFilter Control]
  {81BF1A75-0075-4525-9E2F-51076A4DE7B1} <C:\WINDOWS\DOWNLO~1\SLANGF~1.OCX, beta>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\讯雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Mini PPGou BHO]
  {92FB5F8F-8254-4978-9C50-03D9B0405062} <, N/A>
[ImgUploader Control]
  {94124442-376B-484A-B7F3-1648531AF213} <C:\WINDOWS\DOWNLO~1\IMGUPL~1.OCX, SEGA>
[SsgJjsnj Class]
  {A7A2D6E6-4433-E92E-736A-D5F793DF47F3} <C:\WINDOWS\DOWNLO~1\yvgtx.dll, hexcssoft>
[Fc2Boot Class]
  {ABA7CC7F-019D-47DB-A0D2-B3C2B3AC1B44} <C:\Program Files\FancyBoxII Games\system\ActiveX\fc2boot.dll, 北京线线通科技开发有限公司>
[Java Enhancer]
  {AF098F95-7CEA-407A-8552-3846737CC4B2} <C:\WINDOWS\system32\contwin.dll, Sun MicroSystems, Inc.>
[XBTP03129 Class]
  {B07D1F6B-6B8C-4904-8EE8-5E5A2B4624B3} <C:\PROGRA~1\MICRSO~1\tbu00777\SEARCH~1.DLL, IE Toolbar>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Messenger Object]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <, N/A>
[Flash 8 ocx ]
  {B8CCDD47-38E4-4CD2-B7FA-3B4B690F74BD} <C:\WINDOWS\system32\flash8.dll, MACROMEDlA>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[RealPlayer Control]
  {BDBFE1F2-14C7-42D3-ACC7-4C2757F27F55} <C:\WINDOWS\system32\rmod3260.dll, RealNetworks,Inc.>
[isObject Class]
  {BE0B5843-553A-48C2-9A42-258A1D791AFC} <, N/A>
[SSOClientDaemon Class]
  {BE20377D-3B83-4CD8-A5B2-00C3C67D518A} <, N/A>
[WebActivater Control]
  {C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[51导航]
  {D271A289-57EB-4D0E-9131-A0CD25D4D1F8} <C:\WINDOWS\system32\browsewmzero.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[TencentVmpCtl Class]
  {D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[VqqSpeedDlProxy Class]
  {F138084D-84D7-48CD-BEA8-04772457516E} <C:\WINDOWS\vqqsdl.dll, Tencent>
[ShakeGTW Control]
  {F3ED645F-2426-4001-8756-596B4F1EBF1A} <C:\WINDOWS\DOWNLO~1\ShakeGTW.ocx, >
[IERPCtl Class]
  {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} <C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll, RealNetworks, Inc.>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <, N/A>
[&使用迅雷下载]
  <F:\讯雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <F:\讯雷\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <, N/A>
[使用Web迅雷下载全部链接]
  <, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================

正在运行的进程
[PID: 396][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 644][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 668][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 712][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\wshcon32.dll]  <><4, 0, 0, 0>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
[PID: 724][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
[PID: 884][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
[PID: 960][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\wshcon32.dll]  <><4, 0, 0, 0>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
[PID: 1048][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\wshcon32.dll]  <><4, 0, 0, 0>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
[PID: 1092][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
[PID: 1148][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
[PID: 1512][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1552][C:\WINDOWS\explorer.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\webwork\webwork.nls]  <MSWebwork Cop.><1, 0, 0, 1>
    [C:\WINDOWS\system32\SystemDll.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
    [C:\WINDOWS\system32\wshcon32.dll]  <><4, 0, 0, 0>
    [F:\讯雷\ComDlls\XunLeiBHO_002.dll]  <Thunder Networking Technologies,LTD><5, 0, 0, 2>
[PID: 1832][C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\SHUTIL.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\naiwmain.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\RES04\shstat.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\RES04\Product.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\RES04\McShield.dll]  <Network Associates, Inc.><8.0.0.251>
    [C:\Program Files\Network Associates\VirusScan\RES04\Shutilrc.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\Graphics.dll]  <Network Associates, Inc.><8.0.0.912>
[PID: 1844][C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\nailog.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\Program Files\Network Associates\Common Framework\naCmnLib.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\Program Files\Network Associates\Common Framework\naXML.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\Program Files\Network Associates\Common Framework\0804\UpdRes.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\0804\AgentRes.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  <Network Associates, Inc.><3.5.0.412>

[PID: 1976][C:\Program Files\Network Associates\Common Framework\FrameworkService.exe]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\nailog.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\Program Files\Network Associates\Common Framework\naXML.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\Program Files\Network Associates\Common Framework\naCmnLib.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\Program Files\Network Associates\Common Framework\applib.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\0804\AgentRes.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\Logging.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\InternetManager.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\naInet.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\Program Files\Network Associates\Common Framework\UserSpace.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\Management.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\cmalib.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\naPolicyManager.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\ScriptSubSys.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\UpdateSubSys.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\Scheduler.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\Common Framework\TCSubSys.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
[PID: 2016][C:\Program Files\Network Associates\VirusScan\Mcshield.exe]  <Network Associates, Inc.><8.0.0.251>
    [C:\Program Files\Network Associates\VirusScan\Res04\McShield.DLL]  <Network Associates, Inc.><8.0.0.251>
    [C:\Program Files\Network Associates\VirusScan\FTL.Dll]  <Network Associates, Inc.><8.0.0.133>
    [C:\Program Files\Network Associates\VirusScan\naiann.dll]  <Network Associates, Inc.><8.0.0.251>
    [C:\Program Files\Network Associates\VirusScan\mytilus.dll]  <Network Associates, Inc.><8.0.0.251>
    [C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\VirusScan\NaEventU.DLL]  <Network Associates, Inc.><8.0.0.342>
    [C:\Program Files\Network Associates\VirusScan\Res04\naEvtRes.dll]  <Network Associates, Inc.><8.0.0.342>
    [C:\Program Files\Network Associates\VirusScan\VSIDSvr.dll]  <Network Associates, Inc.><8.0.0.251>
    [C:\Program Files\Common Files\Network Associates\Engine\MCSCAN32.DLL]  <McAfee, Inc.><4.4.00>
    [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\VirusScan\EntSrv.Dll]  <Network Associates, Inc><8.0.0.240>
[PID: 2020][C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe]  <Network Associates, Inc.><3.5.0.412>
    [C:\PROGRA~1\NETWOR~1\COMMON~1\nailog.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\PROGRA~1\NETWOR~1\COMMON~1\naCmnLib.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\PROGRA~1\NETWOR~1\COMMON~1\naXML.dll]  <Network Associates, Inc.><3.5.0.474>
    [C:\PROGRA~1\NETWOR~1\COMMON~1\0804\AgentRes.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\Program Files\Network Associates\VirusScan\VsPlugin.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
[PID: 196][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3427>
[PID: 160][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 216][F:\超级兔子\MagicSet\SRIECLI.EXE]  <Super Rabbit Soft><7.76>
    [F:\超级兔子\MagicSet\shlobj71.ocx]  <Sky Software (http://www.ssware.com)><7, 1, 0, 0>
    [C:\WINDOWS\system32\wshcon32.dll]  <><4, 0, 0, 0>
[PID: 468][C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\SHUTIL.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\naiwmain.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\naicondl.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\RES04\VsTskMgr.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\Program Files\Network Associates\VirusScan\MIDUtil.Dll]  <Network Associates, Inc.><8.0.0.145>
[PID: 1964][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\wshcon32.dll]  <><4, 0, 0, 0>
[PID: 1444][C:\WINDOWS\system32\wbem\wmiprvse.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 4044][C:\WINDOWS\system32\wuauclt.exe]  <Microsoft Corporation><5.8.0.2469 built by: lab01_n(wmbla)>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
[PID: 1388][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.240>
    [F:\超级兔子\MAGICSET\haokanbar.dll]  <Xiang Feng Technology><2, 2, 0, 1612>
    [C:\WINDOWS\system32\NBBHO.dll]  <N/A><N/A>
    [F:\讯雷\ComDlls\XunLeiBHO_002.dll]  <Thunder Networking Technologies,LTD><5, 0, 0, 2>
    [C:\WINDOWS\system32\wshcon32.dll]  <><4, 0, 0, 0>
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
[PID: 2684][F:\瑞星\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINDOWS\system32\wshcon32.dll]  <><4, 0, 0, 0>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

关闭所有浏览窗口以及一些不必要的程序
运行(双击)System Repair Engineer，使用“系统修复，浏览器加载项”来删除以下选项。
C:\WINDOWS\system32\NBBHO.dll
C:\WINDOWS\system32\flash8.dll
C:\WINDOWS\system32\browsewmzero.dll
运行(双击)System Repair Engineer，使用“启动项目，注册表”来删除以下选项。
C:\WINDOWS\webwork\webwork.dll
运行(双击)System Repair Engineer，点“启动项目，服务，点“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务Te1net，选择“删除服务”点“设置”选择“否”

请到http://forum.ikaka.com/topic.asp?board=67&artid=5188931，下载，LSPFix.exe，WinsockXPFix这两个软件
重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows
运行(双击)System Repair Engineer，使用“启动项目，注册表”选中要修复的项

explorer.exe C:\WINDOWS\system32\downasp.exe
，点“编辑”在“值”里删除C:\WINDOWS\system32\downasp.exe

运行LSPFix.exe
删除
wshcon32.dll
附说明一份
LSPFix.exe这个软件主要用来辅助修复HijackThis扫描发现的O10项。
使用时，请关闭所有IE界面和文件夹界面后运行LSPFix，运行后，把要修复的那一个O10项从左边转到右边，点“Finish”即可。（不过这之前，需要在“I know what I`m doing”前面打勾。）
双击我的电脑，工具，文件夹选项，查看，单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示确定更改时，单击“是”，清除“隐藏已知文件类型的扩展名
删除
C:\WINDOWS\system32\wshcon32.dll
C:\WINDOWS\webwork
C:\WINDOWS\system32\NBBHO.dll
C:\WINDOWS\system32\flash8.dll
C:\WINDOWS\system32\browsewmzero.dll
C:\WINDOWS\system32\SystemDll.dll
C:\WINDOWS\system32\downasp.exe
修复后重启，如果无法上网，请运行WinsockXPFix，让它修复一下。
回到正常模式，请再扫日志粘上来。