一个不小心 中了小不点  杀不了了  求高手专杀工具

没有专杀
扫日志

下载 System Repair Engineer，
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来，不要修改

[CODE]

2007-01-15,23:28:25

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <switch><c:\windows\system32\壁纸自动换.exe>  [N/A]
    <helper.dll><C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  []
    <CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32>  [北京三七二一科技有限公司]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  [N/A]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)NVIDIA Corporation]
    <KvMonXP><"C:\Program Files\KV2005\KVMonXP.kxp" /auto>  [JiangMin Co.Ltd]
    <SKYNET Personal FireWall><C:\Program Files\SkyNet\FireWall\PFW.exe>  [广州众达天网技术有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\CnsHook.dll>  [北京三七二一科技有限公司]

==================================
启动文件夹
[QQ游戏启动加速程序]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> C:\PROGRA~1\Tencent\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N>

==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[KVSrvXP / KVSrvXP][Running/Auto Start]
  <C:\PROGRA~1\KV2005\KVSrvXP.exe -Service><JiangMin New Tech Ltd.>
[KVWSC / KVWSC][Running/Auto Start]
  <"C:\Program Files\KV2005\kvwsc.exe"><Jiangmin Co.Ltd>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[AliIde / AliIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[CmdIde / CmdIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[CnsMinKP / CnsMinKP][Running/Boot Start]
  <\SystemRoot\system32\drivers\CnsMinKP.sys><Copyright (C) 3721 Corporation.>
[dump_wmimmc / dump_wmimmc][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\dump_wmimmc.sys><N/A>
[ESS 1969 Audio Driver (WDM) / es1969][Running/Manual Start]
  <system32\drivers\es1969.sys><ESS Technology Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[KSysCall / KSysCall][Running/System Start]
  <\??\C:\PROGRA~1\KV2005\KSysCall.sys><Jiangmin Co. Ltd.>
[KVDriver for NT (KVDP_2) / KVDP_2][Running/Manual Start]
  <\??\C:\PROGRA~1\KV2005\KVDP_2.sys><Beijing Jiangmin New Sci.&Tec. Co.Ltd.>
[lapejgq / lapejgq][Running/Boot Start]
  <\SystemRoot\\SystemRoot\System32\drivers\lapejgq.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\QQ2006\npkcrypt.sys><INCA Internet Co., Ltd.>
[NPPTNT2 / NPPTNT2][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[R2A / R2A][Stopped/Disabled]
  <\??\C:\WINDOWS\system32a2.sys><N/A>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SKNFW / SKNFW][Running/System Start]
  <\??\C:\WINDOWS\system32\Drivers\SKNFW.sys><N/A>
[SkyProcs / SkyProcs][Running/Manual Start]
  <\??\C:\Program Files\SkyNet\FireWall\SkyProcs.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[PProtect / PProtect][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\PProtect.sys><Jiangmin Co. Ltd.>
[KRegEx / KRegEx][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\KRegEx.sys><Jiangmin Co. Ltd.>

==================================
浏览器加载项
[ltmenu Class]
  {78C21EFD-53BA-406C-AF1A-33A38ABD3958} <C:\Program Files\LtUcx\1002\c0.dll, 北京莲塘软件技术有限公司>
[BrowseHelper Class]
  {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\KV2005\KvShell_1.dll, JiangMin Lmt>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[Yahoo 3.5G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[视频聊天]
  {6924091F-CD97-41E1-B1D4-D9079409D413} <http://www.liantang.net, N/A>
[寻论网--中学作业解答]
  {6924091F-CD97-41E1-B1D4-D9079409D423} <http://www.xunlun.com, N/A>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[IE搜索工具条]

{BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[江民杀毒工具栏]
  {B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\KV2005\KvShell_1.dll, JiangMin Lmt>
[IMCv1 Control]
  {6924091F-CD97-41E1-B1D4-D9079409D413} <C:\PROGRA~1\LtUcx\1003\c0.dll, 北京莲塘软件技术有限公司 Liantang Software Tech. Inc. (http://www.liantang.cn)>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[IMCv1 Control]
  {6924091F-CD97-41E1-B1D4-D9079409D413} <C:\PROGRA~1\LtUcx\1003\c0.dll, 北京莲塘软件技术有限公司 Liantang Software Tech. Inc. (http://www.liantang.cn)>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[ltmenu Class]
  {78C21EFD-53BA-406C-AF1A-33A38ABD3958} <C:\Program Files\LtUcx\1002\c0.dll, 北京莲塘软件技术有限公司>
[BrowseHelper Class]
  {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\KV2005\KvShell_1.dll, JiangMin Lmt>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[江民杀毒工具栏]
  {B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\KV2005\KvShell_1.dll, JiangMin Lmt>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[IE搜索工具条]
  {BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[使用迅雷下载]
  <C:\Program Files\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 440][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 500][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 524][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 568][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 580][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\KvWspXp_1.dll]  [JiangMin Ltd., 9, 0, 5, 324]
[PID: 736][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 780][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\KvWspXp_1.dll]  [JiangMin Ltd., 9, 0, 5, 324]
[PID: 888][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\KvWspXp_1.dll]  [JiangMin Ltd., 9, 0, 5, 324]
[PID: 972][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\KvWspXp_1.dll]  [JiangMin Ltd., 9, 0, 5, 324]
[PID: 1024][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\KvWspXp_1.dll]  [JiangMin Ltd., 9, 0, 5, 324]
[PID: 1232][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\PROGRA~1\3721\alrex.dll]  [, 1, 0, 1, 1001]
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\Program Files\KV2005\KvShell_1.dll]  [JiangMin Lmt, 9, 0, 5, 1205]
    [C:\Program Files\KV2005\UpdateX.dll]  [JiangMin Ltd., 8, 0, 0, 0]
    [C:\Program Files\KV2005\lang\Kvxp0804_1.lng]  [N/A, N/A]
    [C:\Program Files\KV2005\APIImpl.dll]  [JiangMin Ltd., 9.0.0.500]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\PROGRA~1\3721\autolive.dll]  [, 2, 5, 0, 1002]
    [C:\PROGRA~1\3721\alLiveEx.dll]  [ , 1, 0, 3, 1006]
    [C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\Program Files\LtUcx\1002\c0.dll]  [北京莲塘软件技术有限公司, 1, 8, 0, 60]
    [C:\Program Files\LtUcx\ucx0.dll]  [北京莲塘软件技术有限公司, 1, 0, 3, 21]
[PID: 1308][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1472][C:\WINDOWS\system32\Rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\WINDOWS\DOWNLO~1\CnsMinIO.dll]  [北京三七二一科技有限公司, 1, 0, 3, 7]
    [C:\WINDOWS\DOWNLO~1\cnsio.dll]  [北京三七二一科技有限公司, 1, 0, 2, 8]
    [C:\WINDOWS\DOWNLO~1\CnsMinEx.dll]  [国风因特软件(北京)有限公司, 2, 5, 0, 2]
[PID: 1856][C:\PROGRA~1\KV2005\KVSrvXP.exe]  [JiangMin New Tech Ltd., 9, 0, 5, 720]
    [C:\PROGRA~1\KV2005\UpdateX.dll]  [JiangMin Ltd., 8, 0, 0, 0]
    [C:\Program Files\KV2005\KVEnhD.dll]  [JiangMin Ltd., 9, 1, 5, 423]
    [C:\Program Files\KV2005\KvSPI.dll]  [JiangMin New Tech. Ltd., 9, 0, 5, 720]
    [C:\PROGRA~1\KV2005\PProtect.dll]  [北京江民新科技术公司, 1.0.121]
    [C:\Program Files\KV2005\KVEnhP_1.dll]  [JiangMin Ltd., 9, 0, 5, 405]
    [C:\Program Files\KV2005\KVEnhM.dll]  [JiangMin Ltd., 9.0.0.500]
    [C:\Program Files\KV2005\KvSpiPS.dll]  [JiangMin Ltd., 9.0.0.501]
    [C:\WINDOWS\system32\KvWspXp_1.dll]  [JiangMin Ltd., 9, 0, 5, 324]
    [C:\Program Files\KV2005\KVEnhC.DLL]  [JiangMin Ltd., 9, 1, 5, 603]
    [C:\Program Files\KV2005\KVEnhO.dll]  [JiangMin New Tech Ltd., 9, 0, 5, 507]
    [C:\Program Files\KV2005\KVEnhS.dll]  [JiangMin New Tech Ltd., 9, 0, 5, 607]
    [C:\Program Files\KV2005\KVEnhJ.dll]  [JiangMin New Tech. Ltd., 9, 1, 5, 508]
    [C:\Program Files\KV2005\KVExtLZH.dll]  [N/A, N/A]
    [C:\Program Files\KV2005\KVExtZ.dll]  [Jiangmin New Tech., 9.1.0.503]
    [C:\Program Files\KV2005\KVExtCab.dll]  [JiangMin New Tech. Ltd., 9, 0, 5, 621]
    [C:\Program Files\KV2005\KVExtEml.dll]  [JiangMin New Tech. Ltd., 9, 0, 0, 503]
    [C:\Program Files\KV2005\KvExtRar.dll]  [JiangMin Ltd., 9, 1, 0, 804]
    [C:\Program Files\KV2005\KvExtZip.dll]  [JiangMin Ltd., 9, 0, 5, 420]
    [C:\Program Files\KV2005\KVExtGz.dll]  [Jiangmin New Tech., 9, 0, 5, 420]
    [C:\Program Files\KV2005\KVExtTar.dll]  [Jiangmin New Tech., 9, 0, 5, 420]
    [C:\Program Files\KV2005\KVEnhK.dll]  [JiangMin Ltd., 9, 1, 5, 507]
    [C:\Program Files\KV2005\lang\PrivateCfg0804.lng]  [TODO: <Company name>, 1.0.0.1]
[PID: 1868][C:\Program Files\KV2005\kvwsc.exe]  [Jiangmin Co.Ltd, 9, 0, 0, 502]
    [C:\Program Files\KV2005\KVEnhP_1.dll]  [JiangMin Ltd., 9, 0, 5, 405]
[PID: 1912][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.8198]
[PID: 1952][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 872][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\PROGRA~1\3721\autolive.dll]  [, 2, 5, 0, 1002]
    [C:\PROGRA~1\3721\notifier.dll]  [, 1, 0, 0, 5]
    [C:\WINDOWS\system32\KvWspXp_1.dll]  [JiangMin Ltd., 9, 0, 5, 324]
    [C:\PROGRA~1\3721\alLiveEx.dll]  [ , 1, 0, 3, 1006]
[PID: 1000][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[C:\WINDOWS\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.10.8198]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.8198]
    [C:\Program Files\KV2005\KVMonXP.kxp]  [JiangMin Co.Ltd, 9, 2, 0, 60118]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\Program Files\KV2005\UpdateX.dll]  [JiangMin Ltd., 8, 0, 0, 0]
    [C:\Program Files\KV2005\lang\Kvxp0804_1.lng]  [N/A, N/A]
    [C:\Program Files\KV2005\GUIExt.dll]  [JiangMin Ltd., 9.0.0.501]
    [C:\Program Files\KV2005\lang\GUIExt0804.lng]  [JiangMin Ltd., 7, 1, 0, 200]
    [C:\Program Files\KV2005\KVEnhP_1.dll]  [JiangMin Ltd., 9, 0, 5, 405]
    [C:\Program Files\KV2005\KvSpiPS.dll]  [JiangMin Ltd., 9.0.0.501]
    [C:\Program Files\KV2005\KvOffice.dll]  [JiangMin New Tech., 9.0.0.1213]
    [C:\Program Files\KV2005\lang\KVOffice0804.lng]  [N/A, N/A]
    [C:\Program Files\KV2005\VirusUpload.dll]  [N/A, 2, 0, 0, 0]
    [C:\Program Files\KV2005\lang\PrivateCfg0804.lng]  [TODO: <Company name>, 1.0.0.1]
    [C:\Program Files\KV2005\PProtect.dll]  [北京江民新科技术公司, 1.0.121]
[PID: 1108][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
[PID: 1112][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\KvWspXp_1.dll]  [JiangMin Ltd., 9, 0, 5, 324]
    [C:\Program Files\KV2005\TrojDie.kxp]  [Jiangmin Co.Ltd, 9, 0, 5, 916]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\Program Files\KV2005\UpdateX.dll]  [JiangMin Ltd., 8, 0, 0, 0]
    [C:\Program Files\KV2005\lang\TrojDie0804.lng]  [N/A, N/A]
    [C:\Program Files\KV2005\GUIExt.dll]  [JiangMin Ltd., 9.0.0.501]
    [C:\Program Files\KV2005\lang\GUIExt0804.lng]  [JiangMin Ltd., 7, 1, 0, 200]
    [C:\Program Files\KV2005\PProtect.dll]  [北京江民新科技术公司, 1.0.121]
    [C:\Program Files\KV2005\ComUIPS.dll]  [N/A, 9. 5. 5. 20]
[PID: 1852][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\PROGRA~1\3721\scrblock.dll]  [3721, 1, 0, 1, 1000]
    [C:\PROGRA~1\3721\alrex.dll]  [, 1, 0, 1, 1001]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\WINDOWS\DOWNLO~1\CnsHint.dll]  [3721, 2, 5, 0, 2]
    [C:\PROGRA~1\3721\autolive.dll]  [, 2, 5, 0, 1002]
    [C:\PROGRA~1\3721\alLiveEx.dll]  [ , 1, 0, 3, 1006]
    [C:\WINDOWS\DOWNLO~1\cnsplus.dll]  [3721, 2, 5, 0, 2]
    [C:\WINDOWS\system32\IETool.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\KvWspXp_1.dll]  [JiangMin Ltd., 9, 0, 5, 324]
    [C:\Program Files\LtUcx\1002\c0.dll]  [北京莲塘软件技术有限公司, 1, 8, 0, 60]
    [C:\Program Files\LtUcx\ucx0.dll]  [北京莲塘软件技术有限公司, 1, 0, 3, 21]
    [C:\Program Files\KV2005\KvShell_1.dll]  [JiangMin Lmt, 9, 0, 5, 1205]
    [C:\Program Files\KV2005\UpdateX.dll]  [JiangMin Ltd., 8, 0, 0, 0]
    [C:\Program Files\KV2005\lang\Kvxp0804_1.lng]  [N/A, N/A]
    [C:\Program Files\KV2005\APIImpl.dll]  [JiangMin Ltd., 9.0.0.500]
    [C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\WINDOWS\DOWNLO~1\CnsMinIO.dll]  [北京三七二一科技有限公司, 1, 0, 3, 7]
    [C:\WINDOWS\DOWNLO~1\cnsio.dll]  [北京三七二一科技有限公司, 1, 0, 2, 8]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Program Files\Thunder\ComDlls\ThunderAgent_003.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 10]
[PID: 1464][C:\Program Files\KV2005\KRegEx.exe]  [Jiangmin, 1.0.1.0413]
    [C:\Program Files\KV2005\KRegEx.dll]  [N/A, N/A]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\Program Files\KV2005\KRegTrust.dll]  [Jiangmin Co. Ltd., 9.0.0.825]
[PID: 1744][C:\WINDOWS\system32\DllHost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\Program Files\KV2005\ComUI.dll]  [Jiangmin Ltd., 9. 5. 5. 20]
    [C:\Program Files\KV2005\UpdateX.dll]  [JiangMin Ltd., 8, 0, 0, 0]
    [C:\Program Files\KV2005\ComUIPS.dll]  [N/A, 9. 5. 5. 20]
    [C:\Program Files\KV2005\GUIExt.dll]  [JiangMin Ltd., 9.0.0.501]
    [C:\Program Files\KV2005\lang\GUIExt0804.lng]  [JiangMin Ltd., 7, 1, 0, 200]
[PID: 2116][C:\Program Files\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.4.0.226]
    [C:\Program Files\Thunder\Program\UpdateDownload.dll]  [N/A, N/A]
    [C:\Program Files\Thunder\Program\msgmanage.dll]  [N/A, N/A]
    [C:\Program Files\Thunder\Program\historyinfo_manage.dll]  [Thunder Networking Technologies,LTD, 5, 2, 0, 148]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\Program Files\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 0, 0, 1]
    [C:\Program Files\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder\Program\log4cplus.dll]  [, 1, 0, 2, 1]
    [C:\Program Files\Thunder\Program\asyn_dns.dll]  [N/A, N/A]
    [C:\Program Files\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 1, 0, 18]
    [C:\Program Files\Thunder\Program\FloatBar.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [C:\WINDOWS\system32\KvWspXp_1.dll]  [JiangMin Ltd., 9, 0, 5, 324]
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\Program Files\Thunder\Program\iTargetAd.dll]  [N/A, N/A]
[PID: 3668][C:\Documents and Settings\Administrator\桌面\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\PROGRA~1\3721\helper.dll]  [, 2, 5, 0, 1003]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 2]
    [C:\WINDOWS\system32\KvWspXp_1.dll]  [JiangMin Ltd., 9, 0, 5, 324]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
    C:\WINDOWS\system32\KvWspXp_1.dll(JiangMin Ltd., KVWspXP)
MSAFD Tcpip [UDP/IP]
    C:\WINDOWS\system32\KvWspXp_1.dll(JiangMin Ltd., KVWspXP)
MSAFD Tcpip [RAW/IP]
    C:\WINDOWS\system32\KvWspXp_1.dll(JiangMin Ltd., KVWspXP)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
0.0.0.0 182838.com
0.0.0.0 204.177.92.68
0.0.0.0 asiafriendfinder.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 www.jpbeauty.com
0.0.0.0 beautishow.com
0.0.0.0 goodmovies88.com
0.0.0.0 hothack.home.chinaren.com
0.0.0.0 hualiao.net
0.0.0.0 iplus.allyes.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com

==================================
API HOOK
N/A

==================================


[/CODE]

顶上去~~~~

我顶~~~

顶上去

清理流氓软件

进C:\WINDOWS\system32\drivers\etc中，用记事本打开Hosts，保留127.0.01 localhost,其他删除

引用:

【高歌猛进的贴子】 清理流氓软件 进C:\WINDOWS\system32\drivers\etc中，用记事本打开Hosts，保留1,其他删除 ………………

127.0.01 localhost 这个是干什么的啊?