瑞星在我的电脑里发现，在 C:\WINNT\system32\YEYOPBBI.D1L 中发现 Backdoor/PcClient.lk 病毒, 清除失败。然后我在安全模式里杀，依然清除不了，在DOS里把它复制在D盘杀毒，可以清除，但连YEYOPBBI.D1L 这个文件都删掉了，在开机时系统特别特别的慢，只好又把YEYOPBBI.D1L 放回原处，请问YEYOPBBI.D1L 这个系统文件是怎样的用处，还有这个病毒怎样才能删掉，我的操作是2000。多谢了

2006-05-30,19:14:07

System Repair Engineer 2.0.12.350 (2.0 RC 1)
    Windows 2000 Professional Service Pack 4 - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <internat.exe><internat.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <KvMonXP><"C:\Program Files\KV2005\KVMonXP_2.kxp" /auto>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Synchronization Manager><mobsync.exe /logon>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINNT\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>

==================================
启动文件夹
[河南网通宽带用户客户端]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\河南网通宽带用户客户端.lnk><N>
[腾讯QQ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[ewido security suite control / ewido security suite control]
  <C:\Program Files\ewido\security suite\ewidoctrl.exe><ewido networks>
[InterBase Guardian / InterBaseGuardian]
  <d:\Program Files\InterBase Corp\InterBase\bin\ibguard.exe -s><InterBase Software Corp.>
[InterBase Server / InterBaseServer]
  <d:\Program Files\InterBase Corp\InterBase\bin\ibserver.exe -s -g><InterBase Software Corp.>
[KVSrvXP / KVSrvXP]
  <C:\PROGRA~1\KV2005\KVSrvXP.exe -Service><JiangMin New Tech Ltd.>
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[P4P Service / P4P Service]
  <C:\Program Files\P4P\p2psvr.exe><N/A>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[StdService / StdService]
  <C:\WINNT\system32\rundll32.exe C:\WINNT\System32\STDSVER.DLL,Service><N/A>

==================================
浏览器加载项
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\qq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[BrowseHelper Class]
  {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\KV2005\KvShell.dll, JiangMin Lmt>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <C:\Program Files\浩方对战平台\GameClient.exe, N/A>
[MMSAssistMenu]
  {6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\Mmsass~1.dll, >
[易趣购物]
  {DE607141-AC19-421e-862A-2D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\qq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[江民杀毒工具栏]
  {B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\KV2005\KvShell.dll, JiangMin Lmt>
[Filetran Control]
  {88734439-46D0-42C0-A13F-7E881EE550CF} <C:\WINNT\DOWNLO~1\filetran.ocx, Bluesky Studio(http://www.bluesky.cn)>
[MediaGatewayX]
  {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} <C:\WINNT\Downloaded Program Files\MediaGatewayX.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\qq\SendMMS.htm, N/A>
[百度-搜索MP3]
  <res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUMP3.HTM, N/A>
[百度-搜索图片]
  <res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUIMG.HTM, N/A>
[百度-搜索新闻]
  <res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUNEWS.HTM, N/A>
[百度-搜索歌词]
  <res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDULYRIC.HTM, N/A>
[百度-搜索网页]
  <res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM, N/A>
[百度-搜索贴吧]
  <res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUPOST.HTM, N/A>
[百度-词典搜索]
  <res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_DIC.HTM, N/A>

正在运行的进程
[PID: 136][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 160][\??\C:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 156][\??\C:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6898>
[PID: 208][C:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.6700>
    [C:\WINNT\system32\KvWspXp.dll]  <JiangMin Ltd.><9, 0, 5, 324>
    [C:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.6605.297.3>
[PID: 220][C:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.6902>
    [C:\WINNT\system32\KvWspXp.dll]  <JiangMin Ltd.><9, 0, 5, 324>
[PID: 392][c:\program files\rising\rfw\rfwsrv.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 30>
    [c:\program files\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 12>
    [c:\program files\rising\rfw\rfwlog.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
    [c:\program files\rising\rfw\Rfwdrv.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
    [c:\program files\rising\rfw\MonDrv.dll]  <rs><1, 0, 0, 4>
    [c:\program files\rising\rfw\ProcLib.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 460][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
    [c:\winnt\system32\yeyopbbi.d1l]  <N/A><N/A>
    [C:\WINNT\system32\KvWspXp.dll]  <JiangMin Ltd.><9, 0, 5, 324>
[PID: 480][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\System32\Yeyopbbi.d1l]  <N/A><N/A>
[PID: 504][C:\WINNT\system32\spoolsv.exe]  <Microsoft Corporation><5.00.2195.7059>
    [C:\WINNT\system32\KvWspXp.dll]  <JiangMin Ltd.><9, 0, 5, 324>
[PID: 540][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 572][C:\Program Files\ewido\security suite\ewidoctrl.exe]  <ewido networks><3, 0, 0, 1>
    [C:\Program Files\ewido\security suite\lang.dll]  <privat><1, 0, 0, 1>
[PID: 608][d:\Program Files\InterBase Corp\InterBase\bin\ibguard.exe]  <InterBase Software Corp.><WI-V5.6.0.29>
    [C:\WINNT\system32\gds32.dll]  <InterBase Software Corp.><WI-V5.6.0.29>
[PID: 628][C:\PROGRA~1\KV2005\KVSrvXP.exe]  <JiangMin New Tech Ltd.><9, 0, 5, 720>
    [C:\PROGRA~1\KV2005\UpdateX.dll]  <JiangMin Ltd.><8, 0, 0, 0>
    [C:\Program Files\KV2005\KVEnhD.dll]  <JiangMin Ltd.><9, 1, 5, 423>
    [C:\Program Files\KV2005\KvSPI.dll]  <JiangMin New Tech. Ltd.><9, 0, 5, 720>
    [C:\PROGRA~1\KV2005\PProtect.dll]  <北京江民新科技术公司><1.0.121>
    [C:\Program Files\KV2005\KVEnhP.dll]  <JiangMin Ltd.><9, 0, 5, 405>
    [C:\Program Files\KV2005\KVEnhM.dll]  <JiangMin Ltd.><9.0.0.500>
    [C:\Program Files\KV2005\KvSpiPS.dll]  <JiangMin Ltd.><9.0.0.501>
    [C:\WINNT\system32\KvWspXp.dll]  <JiangMin Ltd.><9, 0, 5, 324>
    [C:\Program Files\KV2005\KVEnhC.DLL]  <JiangMin Ltd.><9, 1, 5, 603>
    [C:\Program Files\KV2005\KVEnhO.dll]  <JiangMin New Tech Ltd.><9, 0, 5, 507>
    [C:\Program Files\KV2005\KVEnhS.dll]  <JiangMin New Tech Ltd.><9, 0, 5, 607>
    [C:\Program Files\KV2005\KVEnhJ.dll]  <JiangMin New Tech. Ltd.><9, 1, 5, 508>
    [C:\Program Files\KV2005\KVExtCab.dll]  <JiangMin New Tech. Ltd.><9, 0, 5, 621>
    [C:\Program Files\KV2005\KVExtEml.dll]  <JiangMin New Tech. Ltd.><9, 0, 0, 503>
    [C:\Program Files\KV2005\KVExtLZH.dll]  <N/A><N/A>
    [C:\Program Files\KV2005\KvExtRar.dll]  <JiangMin Ltd.><9, 1, 0, 804>
    [C:\Program Files\KV2005\KvExtZip.dll]  <JiangMin Ltd.><9, 0, 5, 420>
    [C:\Program Files\KV2005\KVExtZ.dll]  <Jiangmin New Tech.><9.1.0.503>
    [C:\Program Files\KV2005\KVExtGz.dll]  <Jiangmin New Tech.><9, 0, 5, 420>
    [C:\Program Files\KV2005\KVExtTar.dll]  <Jiangmin New Tech.><9, 0, 5, 420>
    [C:\Program Files\KV2005\KVEnhK.dll]  <JiangMin Ltd.><9, 1, 5, 507>
    [C:\Program Files\KV2005\lang\PrivateCfg0804.lng]  <TODO: <Company name>><1.0.0.1>
[PID: 676][C:\WINNT\system32\regsvc.exe]  <Microsoft Corporation><5.00.2195.6701>
[PID: 720][C:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6704>
    [C:\WINNT\system32\KvWspXp.dll]  <JiangMin Ltd.><9, 0, 5, 324>
[PID: 772][C:\WINNT\system32\stisvc.exe]  <Microsoft Corporation><5.00.2195.6656>
    [C:\WINNT\system32\VM31bSTI.dll]  <VM><4.2.1.21>
[PID: 860][C:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0100>
[PID: 880][C:\WINNT\system32\mspmspsv.exe]  <Microsoft Corporation><7.10.00.3059>
[PID: 892][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
    [C:\WINNT\system32\KvWspXp.dll]  <JiangMin Ltd.><9, 0, 5, 324>
[PID: 724][c:\program files\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 48>
    [c:\program files\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [c:\program files\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [c:\program files\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\KV2005\KVMonXP_2.kxp]  <JiangMin Co.Ltd><9, 2, 0, 60118>
    [C:\Program Files\KV2005\UpdateX.dll]  <JiangMin Ltd.><8, 0, 0, 0>
    [C:\Program Files\KV2005\lang\Kvxp0804.lng]  <N/A><N/A>
    [C:\Program Files\KV2005\GUIExt.dll]  <JiangMin Ltd.><9.0.0.501>
    [C:\Program Files\KV2005\lang\GUIExt0804.lng]  <JiangMin Ltd.><7, 1, 0, 200>
    [C:\Program Files\KV2005\KVEnhP.dll]  <JiangMin Ltd.><9, 0, 5, 405>
    [C:\Program Files\KV2005\KvSpiPS.dll]  <JiangMin Ltd.><9.0.0.501>
    [C:\Program Files\KV2005\KvOffice.dll]  <JiangMin New Tech.><9.0.0.1213>
    [C:\Program Files\KV2005\lang\KVOffice0804.lng]  <N/A><N/A>
    [C:\Program Files\KV2005\VirusUpload.dll]  <N/A><2, 0, 0, 0>
    [C:\Program Files\KV2005\lang\PrivateCfg0804.lng]  <TODO: <Company name>><1.0.0.1>
    [C:\Program Files\KV2005\PProtect.dll]  <北京江民新科技术公司><1.0.121>
    [C:\Program Files\KV2005\ComUIPS.dll]  <N/A><9. 5. 5. 20>
[PID: 1144][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3292>
[PID: 1132][C:\WINNT\system32\internat.exe]  <Microsoft Corporation><5.00.2920.0000>
[PID: 904][d:\Program Files\InterBase Corp\InterBase\bin\ibserver.exe]  <InterBase Software Corp.><WI-V5.6.0.29>
    [d:\Program Files\InterBase Corp\InterBase\bin\gdsintl.dll]  <InterBase Software Corp.><WI-V5.6.0.29>
    [C:\Program Files\KV2005\TrojDie.kxp]  <Jiangmin Co.Ltd><9, 0, 5, 916>
    [C:\Program Files\KV2005\UpdateX.dll]  <JiangMin Ltd.><8, 0, 0, 0>
    [C:\Program Files\KV2005\lang\TrojDie0804.lng]  <N/A><N/A>
    [C:\Program Files\KV2005\GUIExt.dll]  <JiangMin Ltd.><9.0.0.501>
    [C:\Program Files\KV2005\lang\GUIExt0804.lng]  <JiangMin Ltd.><7, 1, 0, 200>
    [C:\Program Files\KV2005\PProtect.dll]  <北京江民新科技术公司><1.0.121>
    [C:\Program Files\KV2005\ComUIPS.dll]  <N/A><9. 5. 5. 20>
    [C:\Program Files\KV2005\KVWPSet.dll]  <N/A><9, 0, 0, 505>

[PID: 1008][C:\Program Files\KV2005\KRegEx.exe]  <Jiangmin><1.0.1.0413>
    [C:\Program Files\KV2005\KRegEx.dll]  <N/A><N/A>
    [C:\Program Files\KV2005\KRegTrust.dll]  <Jiangmin Co. Ltd.><9.0.0.825>
[PID: 1552][C:\WINNT\system32\DllHost.exe]  <Microsoft Corporation><5.00.2195.6692>
    [C:\Program Files\KV2005\ComUI.dll]  <Jiangmin Ltd.><9. 5. 5. 20>
    [C:\Program Files\KV2005\UpdateX.dll]  <JiangMin Ltd.><8, 0, 0, 0>
    [C:\Program Files\KV2005\ComUIPS.dll]  <N/A><9. 5. 5. 20>
    [C:\Program Files\KV2005\GUIExt.dll]  <JiangMin Ltd.><9.0.0.501>
    [C:\Program Files\KV2005\lang\GUIExt0804.lng]  <JiangMin Ltd.><7, 1, 0, 200>
[PID: 1540][C:\WINNT\system32\conime.exe]  <Microsoft Corporation><5.00.2195.6655>
[PID: 936][C:\Program Files\racer-henan-cnc\racer.exe]  <Putian Runway><2,0,44,83>
    [C:\Program Files\racer-henan-cnc\rwxre.dll]  <Mozilla Foundation><1.7.3: 2005031010>
    [C:\Program Files\racer-henan-cnc\nspr4.dll]  <Netscape Communications Corporation><4.5 Beta>
    [C:\Program Files\racer-henan-cnc\xpcom.dll]  <Mozilla Foundation><1.7.3: 2005031010>
    [C:\Program Files\racer-henan-cnc\nss3.dll]  <Netscape Communications Corporation><3.9.1>
    [C:\Program Files\racer-henan-cnc\softokn3.dll]  <Netscape Communications Corporation><3.9.1>
    [C:\Program Files\racer-henan-cnc\gkgfx.dll]  <Mozilla Foundation><1.7.3: 2005031010>
    [C:\Program Files\racer-henan-cnc\js3250.dll]  <Netscape Communications Corporation><4.0>
    [C:\Program Files\racer-henan-cnc\components\racer_base_comp.dll]  <Putian Runway><2,0,44,83>
    [C:\Program Files\racer-henan-cnc\xpcom_compat.dll]  <Mozilla Foundation><1.7.3: 2005031010>
    [C:\Program Files\racer-henan-cnc\racer_base.dll]  <Putian Runway><2,0,44,83>
    [C:\WINNT\system32\KvWspXp.dll]  <JiangMin Ltd.><9, 0, 5, 324>
    [C:\Program Files\racer-henan-cnc\components\pipnss.dll]  <Mozilla Foundation><1.7.3: 2005031010>
    [C:\Program Files\racer-henan-cnc\components\gklayout.dll]  <Mozilla Foundation><1.7.3: 2005031010>
    [C:\Program Files\racer-henan-cnc\components\jar50.dll]  <Mozilla Foundation><1.7.3: 2005031010>
    [C:\Program Files\racer-henan-cnc\components\xpcom_compat_c.dll]  <Mozilla Foundation><1.7.3: 2005031010>
    [C:\Program Files\racer-henan-cnc\components\racer_ad_comp.dll]  <Putian Runway><2,0,44,83>
    [C:\Program Files\racer-henan-cnc\components\racer_access_dhcpplus.dll]  <Putian Runway><2,0,44,83>
    [C:\Program Files\racer-henan-cnc\dhcpplus.dll]  <北京润汇科技有限公司><0, 10, 19, 43>
    [C:\Program Files\racer-henan-cnc\wpcap.dll]  <Politecnico di Torino><3, 0, 0, 18>
    [C:\Program Files\racer-henan-cnc\pthreadVC.dll]  <N/A><N/A>
    [C:\Program Files\racer-henan-cnc\packet.dll]  <Politecnico di Torino><3, 0, 0, 18>
    [C:\Program Files\racer-henan-cnc\components\racer_nss4_comp.dll]  <Putian Runway><2,0,44,83>
    [C:\Program Files\racer-henan-cnc\nss4.dll]  <北京普天润汇科技有限公司><1, 0, 0, 3>
[PID: 1096][C:\Program Files\racer-henan-cnc\RacerKp.exe]  <北京润汇科技有限公司><1, 0, 0, 1>
[PID: 1684][C:\Program Files\TouchNet Browser\TouchNet.exe]  <江南烟雨 hcjdx><1, 0, 0, 0>
    [C:\WINNT\system32\KvWspXp.dll]  <JiangMin Ltd.><9, 0, 5, 324>
    [C:\WINNT\system32\Macromed\Flash\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
[PID: 1640][C:\Program Files\Real\RealPlayer\realplay.exe]  <RealNetworks, Inc.><6.0.12.1235>
    [C:\WINNT\system32\PNCRT.dll]  <Real Networks, Inc><6.0.0.0>
    [C:\Program Files\Common Files\Real\Update_OB\rnms3270.dll]  <RealNetworks, Inc.><7.0.1.3116>
    [C:\Program Files\Common Files\Real\Common\objb3201.dll]  <RealNetworks, Inc.><0.1.0.6109>
    [C:\Program Files\Common Files\Real\RCAPlugins\uisy3201.dll]  <RealNetworks, Inc.><0.1.0.3614>
    [C:\Program Files\Real\RealPlayer\lang\gemctl_cn.dll]  <RealNetworks, Inc.><6.0.12.298>
    [C:\Program Files\Common Files\Real\Common\pnrs3260.dll]  <RealNetworks, Inc.><6.0.9.3850>
    [C:\Program Files\Common Files\Real\Update_OB\rnad3201.dll]  <RealNetworks, Inc.><0.1.0.3292>
    [C:\Program Files\Common Files\Real\Update_OB\rnqu3270.dll]  <RealNetworks, Inc.><7.0.0.3536>
    [C:\Program Files\Common Files\Real\Update_OB\setu3270.dll]  <RealNetworks, Inc.><7.0.0.4151>
    [C:\WINNT\system32\KvWspXp.dll]  <JiangMin Ltd.><9, 0, 5, 324>
    [C:\Program Files\Common Files\Real\Plugins\httpfsys.dll]  <RealNetworks, Inc.><10.0.0.2486>
[PID: 1156][C:\WINNT\explorer.exe]  <Microsoft Corporation><5.00.3700.6690>
    [C:\Program Files\ewido\security suite\shellhook.dll]  <N/A><N/A>
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  <Baidu.com, Inc.><2, 0, 2, 51>
    [C:\Program Files\KV2005\KvShell.dll]  <JiangMin Lmt><9, 0, 5, 1205>
    [C:\Program Files\KV2005\UpdateX.dll]  <JiangMin Ltd.><8, 0, 0, 0>
    [C:\Program Files\KV2005\lang\Kvxp0804.lng]  <N/A><N/A>
    [C:\Program Files\KV2005\APIImpl.dll]  <JiangMin Ltd.><9.0.0.500>
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL]  <WinZip Computing LP><4.1 (32-bit)>
    [C:\WINNT\System32\igfxpph.dll]  <Intel Corporation><1, 1, 0, 32>
    [C:\WINNT\System32\hccutils.DLL]  <Intel Corporation><1, 1, 0, 32>
[PID: 1732][C:\Program Files\FlashGet\flashget.exe]  <Amaze Soft><1, 6, 5, 0>
    [C:\WINNT\system32\KvWspXp.dll]  <JiangMin Ltd.><9, 0, 5, 324>
[PID: 960][D:\download.files\驱动程序\sreng2\SREng.exe]  <Smallfrogs Studio><2.0.12.350>
    [C:\WINNT\system32\KvWspXp.dll]  <JiangMin Ltd.><9, 0, 5, 324>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
    C:\WINNT\system32\KvWspXp.dll(JiangMin Ltd., KVWspXP)
MSAFD Tcpip [UDP/IP]
    C:\WINNT\system32\KvWspXp.dll(JiangMin Ltd., KVWspXP)
MSAFD Tcpip [RAW/IP]
    C:\WINNT\system32\KvWspXp.dll(JiangMin Ltd., KVWspXP)

==================================