主要症状:下载完了系统补丁,系统无法完成安装!大部分外来程序会被关闭(已安装了的QQ可以正常使用,txt文件可以打开)!

依次使用过sreng,冰刃。

第一次使用sreng，被提示遇到问题需要关闭。

第二次使用sreng，没被关闭。sreng报警appinit_dlls值非空，你的电脑可能中毒

使用sreng删除了一些启动项及一个hook勾子:
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\

Appinit_dlls键值被修改（非空）

冰刃，刚刚打开，过几秒，自动关闭！

【回复“过客2007”的帖子】
请把日志粘贴到本论坛

或修复系统

或重装系统

系统重装过..


以下是日志:

2006-11-27,16:45:57

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Advanced Server Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
    <MSNShell><C:\Program Files\MSNShell\Bin\MSNShell.exe autorun>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <KavStart><"C:\KAV2006\KAVStart.exe" -startup>  [Kingsoft Corporation]
    <SKYNET Personal FireWall><C:\PROGRA~1\SkyNet\FireWall\pfw.exe>  [广州众达天网技术有限公司]
    <VStart5.0><D:\Program Files\音速启动\VStart.exe>  [3L软件工作室(3LSoft)]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><(无)>  [N/A]

==================================
启动文件夹
[服务管理器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务管理器.lnk --> C:\PROGRA~1\MICROS~4\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N>
[内存扫把]
  <C:\Documents and Settings\XiaoBo\「开始」菜单\程序\启动\内存扫把.lnk --> C:\PROGRA~1\内存扫把\ram.exe [jfzlnyf]><N>

==================================
服务
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[GrayPigeonServer / GrayPigeonServer]
  <C:\WINNT\System32\FLASH8.exe><N/A>
[Kingsoft Personal Firewall Service / KPfwSvc]
  <"C:\KAV2006\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc]
  <C:\KAV2006\KWatch.EXE><Kingsoft Corporation>
[Microsoft Search / MSSEARCH]
  <"C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe"><Microsoft Corporation>
[MSSQLSERVER / MSSQLSERVER]
  <C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[SQLSERVERAGENT / SQLSERVERAGENT]
  <C:\Program Files\Microsoft SQL Server\MSSQL\binn\sqlagent.exe -i MSSQLSERVER><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\mspmsnsv.dll><Microsoft Corporation>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Cdr4_2K / Cdr4_2K]
  <C:\WINNT\SYSTEM32\DRIVERS\Cdr4_2K.SYS><Roxio>
[Cdralw2k / Cdralw2k]
  <C:\WINNT\SYSTEM32\DRIVERS\Cdralw2k.SYS><Roxio>
[CnsMinKP / CnsMinKP]
  <\SystemRoot\system32\drivers\CnsMinKP.sys><Copyright (C) 3721 Corporation.>
[dmboot / dmboot]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[VIA Rhine-Family Fast Ethernet Adapter Driver Service / FETND5BV]
  <system32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.>
[KNetWch / KNetWch]
  <\??\C:\KAV2006\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3]
  <\??\C:\WINNT\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[ATK0110 ACPI UTILITY / MTsensor]
  <system32\DRIVERS\ASACPI.sys><>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[SKNFW / SKNFW]
  <\??\C:\WINNT\system32\Drivers\SKNFW.sys><N/A>
[SkyProcs / SkyProcs]
  <\??\C:\PROGRA~1\SkyNet\FireWall\SkyProcs.sys><N/A>
[VIA AGP Filter / viaagp1]
  <\SystemRoot\system32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[viagfx / viagfx]
  <system32\DRIVERS\vtmini.sys><Copyright (C) VIA/S3 Graphics Co, Ltd.>
[VIA USB Host Controller Lower Filter / vulfnths]
  <\SystemRoot\System32\Drivers\vulfnth.sys><VIA Technologies, Inc.>

==================================

2006-11-27,16:45:57

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Advanced Server Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
    <MSNShell><C:\Program Files\MSNShell\Bin\MSNShell.exe autorun>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <KavStart><"C:\KAV2006\KAVStart.exe" -startup>  [Kingsoft Corporation]
    <SKYNET Personal FireWall><C:\PROGRA~1\SkyNet\FireWall\pfw.exe>  [广州众达天网技术有限公司]
    <VStart5.0><D:\Program Files\音速启动\VStart.exe>  [3L软件工作室(3LSoft)]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><(无)>  [N/A]

==================================
启动文件夹
[服务管理器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务管理器.lnk --> C:\PROGRA~1\MICROS~4\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N>
[内存扫把]
  <C:\Documents and Settings\XiaoBo\「开始」菜单\程序\启动\内存扫把.lnk --> C:\PROGRA~1\内存扫把\ram.exe [jfzlnyf]><N>

==================================
服务
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[GrayPigeonServer / GrayPigeonServer]
  <C:\WINNT\System32\FLASH8.exe><N/A>
[Kingsoft Personal Firewall Service / KPfwSvc]
  <"C:\KAV2006\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc]
  <C:\KAV2006\KWatch.EXE><Kingsoft Corporation>
[Microsoft Search / MSSEARCH]
  <"C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe"><Microsoft Corporation>
[MSSQLSERVER / MSSQLSERVER]
  <C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[SQLSERVERAGENT / SQLSERVERAGENT]
  <C:\Program Files\Microsoft SQL Server\MSSQL\binn\sqlagent.exe -i MSSQLSERVER><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\mspmsnsv.dll><Microsoft Corporation>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Cdr4_2K / Cdr4_2K]
  <C:\WINNT\SYSTEM32\DRIVERS\Cdr4_2K.SYS><Roxio>
[Cdralw2k / Cdralw2k]
  <C:\WINNT\SYSTEM32\DRIVERS\Cdralw2k.SYS><Roxio>
[CnsMinKP / CnsMinKP]
  <\SystemRoot\system32\drivers\CnsMinKP.sys><Copyright (C) 3721 Corporation.>
[dmboot / dmboot]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[VIA Rhine-Family Fast Ethernet Adapter Driver Service / FETND5BV]
  <system32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.>
[KNetWch / KNetWch]
  <\??\C:\KAV2006\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3]
  <\??\C:\WINNT\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[ATK0110 ACPI UTILITY / MTsensor]
  <system32\DRIVERS\ASACPI.sys><>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[SKNFW / SKNFW]
  <\??\C:\WINNT\system32\Drivers\SKNFW.sys><N/A>
[SkyProcs / SkyProcs]
  <\??\C:\PROGRA~1\SkyNet\FireWall\SkyProcs.sys><N/A>
[VIA AGP Filter / viaagp1]
  <\SystemRoot\system32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[viagfx / viagfx]
  <system32\DRIVERS\vtmini.sys><Copyright (C) VIA/S3 Graphics Co, Ltd.>
[VIA USB Host Controller Lower Filter / vulfnths]
  <\SystemRoot\System32\Drivers\vulfnth.sys><VIA Technologies, Inc.>

==================================

浏览器加载项
[Yahoo!Photo]
  {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
  {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, >
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>
[MSN Shell 4]
  {0713E8D2-850A-101B-AFC0-4210102A8DA7} <C:\Program Files\MSNShell\Bin\MSNShell.exe, N/A>
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, Amaze Soft>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\Program Files\FastAIT\IEBand.dll, 金山软件股份有限公司>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[!搜一搜]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246, N/A>
[使用网际快车下载]
  <C:\PROGRA~1\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\PROGRA~1\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到雅虎订阅(&Y)]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT, N/A>
[设为 Messenger Live 头像]
  <C:\Program Files\MSNShell\Bin\SetMSNDP.htm, N/A>

==================================

正在运行的进程
[PID: 176][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 200][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 220][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6997]
[PID: 248][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.7035]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 260][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.7011]
[PID: 456][C:\KAV2006\KWatch.EXE]  [Kingsoft Corporation, 2005, 9, 27, 51]
    [C:\KAV2006\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
[PID: 488][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 516][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.7059]
[PID: 548][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 584][C:\KAV2006\KPfwSvc.EXE]  [Kingsoft Corporation, 2005, 9, 5, 28]
[PID: 592][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]  [Yahoo! China, 1, 1, 3, 1035]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll]  [Yahoo., 1, 0, 2, 1002]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll]  [Yahoo!, 2, 1, 8, 1048]
    [D:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]  [, 1, 2, 7, 1006]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
[PID: 620][C:\WINNT\System32\llssrv.exe]  [Microsoft Corporation, 5.00.2195.7021]
[PID: 664][C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe]  [Microsoft Corporation, 2005.090.1399.00]
[PID: 768][C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.2039.00]
[PID: 808][C:\WINNT\system32\regsvc.exe]  [Microsoft Corporation, 5.00.2195.6701]
[PID: 832][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6972]
[PID: 856][C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe]  [Microsoft Corporation, 2005.090.1399.00]
[PID: 916][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
[PID: 952][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 980][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 1020][C:\WINNT\system32\Dfssvc.exe]  [Microsoft Corporation, 5.00.2195.6664]
[PID: 1088][C:\WINNT\system32\inetsrv\inetinfo.exe]  [Microsoft Corporation, 5.00.0984]
[PID: 1140][C:\WINNT\system32\msdtc.exe]  [Microsoft Corporation, 1999.9.3421.3]
[PID: 1264][C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe]  [Microsoft Corporation, 9.107.8320.9]
[PID: 1572][C:\KAV2006\KAVStart.exe]  [Kingsoft Corporation, 2006, 7, 6, 198]
    [C:\KAV2006\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\KAV2006\PopSprt3.dll]  [Kingsoft Corporation, 2005, 12, 6, 30]
    [C:\KAV2006\KAVPassp.dll]  [Kingsoft Corporation, 2006, 6, 7, 252]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
[PID: 1652][D:\Program Files\音速启动\VStart.exe]  [3L软件工作室(3LSoft), 5.20.0017]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1684][C:\Program Files\MSN Messenger\MsnMsgr.Exe]  [Microsoft Corporation, 7.0.0816]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\Program Files\MSNShell\Bin\ShellDll02.dll]  [MSNShell Team, 4.2.27.9]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\MSNShell\Bin\Skin\SkinPlusPlusDLL.dll]  [, 1, 0, 0, 1]
    [C:\WINNT\system32\devenum.dll]  [N/A, N/A]
    [C:\KAV2006\KAScript.DLL]  [Kingsoft Corporation, 2006, 2, 10, 60]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]

[PID: 1696][C:\WINNT\system32\mdm.exe]  [Microsoft Corporation, 6.00.8424]
[PID: 1712][C:\Program Files\MSNShell\Bin\MSNShell.exe]  [N/A, N/A]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1736][C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1768][C:\Program Files\内存扫把\ram.exe]  [jfzlnyf, 1.09.0004]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\Program Files\内存扫把\Command.ocx]  [随想软件工作室 Capricciososoft, 3.00.0915]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\内存扫把\TrayForm.ocx]  [Eduardo Morcillo, 1.03.0007]
[PID: 1788][C:\KAV2006\KMailMon.EXE]  [Kingsoft Corporation, 2006, 4, 12, 106]
    [C:\KAV2006\KAntiSpm.dll]  [N/A, 1, 0, 0, 2]
    [C:\KAV2006\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\KAV2006\KAECall2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 7]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
    [C:\KAV2006\KAConfig.DLL]  [Kingsoft Corporation, 2005, 3, 23, 30]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1792][C:\WINNT\system32\ctfmon.exe]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[PID: 2028][C:\WINNT\system32\conime.exe]  [Microsoft Corporation, 5.00.2195.6655]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 2208][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 944][D:\Program Files\Tencent\TT\TTraveler.exe]  [腾讯公司, 3.1.0.261]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [D:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll]  [腾讯公司, 1, 1, 0, 5]
    [D:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll]  [, 1, 0, 0, 3]
    [D:\Program Files\Tencent\TT\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 4]
    [C:\KAV2006\KAScript.DLL]  [Kingsoft Corporation, 2006, 2, 10, 60]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
    [C:\WINNT\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 1528][C:\WINNT\system32\dllhost.exe]  [Microsoft Corporation, 5.00.2195.6692]
    [C:\KAV2006\KAScript.DLL]  [Kingsoft Corporation, 2006, 2, 10, 60]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
[PID: 2336][C:\WINNT\system32\dllhost.exe]  [Microsoft Corporation, 5.00.2195.6692]
[PID: 2540][D:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe]  [Macromedia, Inc., 8.0.0.2766]
    [D:\Program Files\Macromedia\Dreamweaver 8\xerces-c_2_6.dll]  [Apache Software Foundation, 2, 6, 0]
    [D:\Program Files\Macromedia\Dreamweaver 8\Fireworks Library.dll]  [Macromedia Inc., 7.0]
    [D:\Program Files\Macromedia\Dreamweaver 8\NetIO.dll]  [N/A, N/A]
    [D:\Program Files\Macromedia\Dreamweaver 8\CoreTypes.dll]  [N/A, N/A]
    [D:\Program Files\Macromedia\Dreamweaver 8\icuuc30.dll]  [IBM Corporation and others, 3, 0, 0, 0]
    [D:\Program Files\Macromedia\Dreamweaver 8\icudt30.dll]  [IBM Corporation and others, 3, 0, 0, 0]
    [D:\Program Files\Macromedia\Dreamweaver 8\LIBEAY32.dll]  [N/A, N/A]
    [D:\Program Files\Macromedia\Dreamweaver 8\SSLEAY32.dll]  [N/A, N/A]
    [D:\Program Files\Macromedia\Dreamweaver 8\LIBCURL.dll]  [N/A, N/A]
    [D:\Program Files\Macromedia\Dreamweaver 8\Workspace.dll]  [N/A, N/A]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [D:\Program Files\Macromedia\Dreamweaver 8\Configuration\Resources.dll]  [Macromedia, Inc., 2.0]
    [D:\Program Files\Macromedia\Dreamweaver 8\MMxptResources.dll]  [Macromedia, Inc., 5, 0, 0, 44]
    [D:\Program Files\Macromedia\Dreamweaver 8\Configuration\JSExtensions\MMNotes.dll]  [Macromedia, Inc., 3, 0, 2, 0]
    [D:\Program Files\Macromedia\Dreamweaver 8\Configuration\JSExtensions\SWFFile.dll]  [N/A, N/A]
    [D:\Program Files\Macromedia\Dreamweaver 8\Configuration\JSExtensions\MM.dll]  [N/A, N/A]
    [D:\Program Files\Macromedia\Dreamweaver 8\Configuration\JSExtensions\DWfile.dll]  [N/A, N/A]
    [D:\Program Files\Macromedia\Dreamweaver 8\Configuration\Flash Player\FlashPlayerW.dll]  [N/A, N/A]
    [D:\Program Files\Macromedia\Dreamweaver 8\Configuration\JSExtensions\TSL.dll]  [N/A, N/A]
[PID: 2076][C:\WINNT\system32\NOTEPAD.EXE]  [Microsoft Corporation, 5.00.2140.1]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 2568][C:\WINNT\system32\taskmgr.exe]  [Microsoft Corporation, 5.00.2195.6620]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1968][C:\WINNT\explorer.exe]  [Microsoft Corporation, 5.00.3700.6690]

    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]  [Yahoo! China, 1, 1, 3, 1035]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]  [, 1, 2, 7, 1006]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\KAV2006\KAVEXT.DLL]  [Kingsoft Corporation, 2005, 8, 5, 16]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ywiper.dll]  [N/A, 1, 0, 1, 1014]
    [C:\Program Files\ACDSee\picaview.dll]  [ACD Systems, Ltd., 2, 0, 0, 78]
    [C:\Program Files\ACDSee\PlugIns\IDE_ACDStd.apl]  [ACD Systems, Ltd., 1, 3, 4, 22]
    [C:\WINNT\system32\contmenu.dll]  [N/A, N/A]
[PID: 2592][D:\Program Files\Tencent\TT\TCPlus.exe]  [腾讯公司, 1, 0, 0, 5]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [D:\Program Files\Tencent\TT\QQDownload.dll]  [Tencent Technology (Shenzhen) Company Limited, 1, 0, 101, 28]
    [D:\Program Files\Tencent\TT\TNProxy.dll]  [Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 60]
[PID: 1432][C:\Documents and Settings\XiaoBo\桌面\sreng2_PConline\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]

==================================
文件关联
.TXT  Error. [emeditor.txt]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================

日志已发完,请各路高手予以关注为盼!


敬礼!

顶上去,请各位帮忙看看啊!都好几天了.