[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(NvCplDaemon)(; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup) [(Verified)NVIDIA Corporation]
(KAVPersonal50)("d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize) [Kaspersky Lab]
(MSConfig)(C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto) [(Verified)Microsoft Corporation]
(!ewido)(; "D:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized) [Anti-Malware Development a.s.]
(IMJPMIG8.1)(; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) [(Verified)Microsoft Corporation]
(NvMediaCenter)(; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit) [(Verified)NVIDIA Corporation]
(nwiz)(; nwiz.exe /install) [N/A]
(PHIME2002A)(; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [(Verified)Microsoft Corporation]
(PHIME2002ASync)(; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [(Verified)Microsoft Corporation]
(Windows木马防火墙)(; D:\Program Files\ftc\Trojanwall.exe) [N/A]
(YLive.exe)(; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe) [ ]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(KKDelay)(D:\Program Files\Rising\AntiSpyware\RunOnce.exe) [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [(Verified)Microsoft Corporation]
(Userinit)(C:\WINDOWS\SERVICES.EXE,C:\WINDOWS\system32\userinit.exe) [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
({4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A})(C:\PROGRA~1\Yahoo!\ASSIST~1\yclickon.dll) [YAHOO Corporation Limited]




--------------------------------------------------------------------------------



启动文件夹

N/A



--------------------------------------------------------------------------------



服务

[Human Interface Device Access / HidServ]
(C:\WINDOWS\System32\svchost.exe -k netsvcs--)%SystemRoot%\System32\hidserv.dll)(N/A)
[kavsvc / kavsvc]
("d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe")(Kaspersky Lab)
[NVIDIA Display Driver Service / NVSvc]
(C:\WINDOWS\system32\nvsvc32.exe)(NVIDIA Corporation)
[Network Security / Patterns]
(C:\WINDOWS\System32\svchost.exe -k netsvcs--)C:\WINDOWS\system32\sdhcl.dll)(Microsoft Corporation)
[Performance Moniter / SHipING]
(C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WBEM\MFUCU.DLL,Export 1087)(N/A)



--------------------------------------------------------------------------------



驱动程序

[5061312 / 5061312]
(\SystemRoot\System32\drivers\5061312.sys)(北京三七二一科技有限公司)
[a0 / a0]
(\SystemRoot\\SystemRoot\System32\drivers\5061312.sys)(N/A)
[Kl1 / Kl1]
(\SystemRoot\System32\drivers\kl1.sys)(Kaspersky Lab)
[Klif / Klif]
(System32\drivers\klif.sys)(Kaspersky Labs)
[Klmc / Klmc]
(System32\drivers\klmc.sys)(Kaspersky Lab)
[kmsinput / kmsinput]
(\??\C:\WINDOWS\system32\drivers\kmsinput.sys)(N/A)
[nv / nv]
(system32\DRIVERS\nv4_mini.sys)(NVIDIA Corporation)
[nvata / nvata]
(\SystemRoot\system32\DRIVERS\nvata.sys)(NVIDIA Corporation)
[NVIDIA PORT IO Control Driver / nvport]
(\??\C:\WINDOWS\system32\Drivers\nvport.sys)(NVIDIA Corporation.)
[Padus ASPI Shell / pfc]
(system32\drivers\pfc.sys)(Padus, Inc.)
[Direct Parallel Link Driver / Ptilink]
(system32\DRIVERS\ptilink.sys)(Parallel Technologies, Inc.)
[RsAntiSpyware / RsAntiSpyware]
(\SystemRoot\system32\drivers\RsBoot.sys)(Beijing Rising)
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
(system32\DRIVERS\RTL8139.SYS)(Realtek Semiconductor Corporation)
[Secdrv / Secdrv]
(system32\DRIVERS\secdrv.sys)(N/A)

浏览器加载项

[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China)
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.)
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!)
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, )
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} (C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.)
[实用搜索工具条2.0]
{03465FF5-00AE-411a-9C34-960ED566EC03} (C:\Program Files\superutilbar\superutilbar.dll, www.shiyongsousuo.com)
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!)
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} (C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.)
[Rising Web Scan Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.)
[实用搜索工具条2.0]
{03465FF5-00AE-411A-9C34-960ED566EC03} (C:\Program Files\superutilbar\superutilbar.dll, www.shiyongsousuo.com)
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} (C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation)
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} (%SystemRoot%\system32\mshtml.dll, N/A)
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} (C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation)
[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China)
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.)
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!)
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} (C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com)
[Yahoo!Live]
{57421194-58FB-49AE-9B4F-FD48869B9AD4} (C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll, )
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, )
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} (%SystemRoot%\system32\SHELL32.dll, N/A)
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (C:\WINDOWS\system32\INPUTC~1.DLL, )
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} (C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation)
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (C:\WINDOWS\system32\SUBMIT~1.DLL, )
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} (C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation)
[卡卡上网安全助手]
{AFF6E516-CBE5-4F8A-9C2F-38A68013E766} (C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.)
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} (%SystemRoot%\system32\shdocvw.dll, N/A)
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} (C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.)
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} (C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.)
[Rising Web Scan Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.)
[assist]
{FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo!)
[添加到雅虎订阅(&Y)]
(res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT, N/A)
[雅虎搜索]
(res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246, N/A)

正在运行的进程

[PID: 444][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 508][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 532][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 588][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 732][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 780][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 848][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 900][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 960][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1280][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1292][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yclickon.dll] [YAHOO Corporation Limited, 2, 0, 1, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 1, 1018]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.9148]
[C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.9148]
[C:\WINDOWS\system32\nvapi.dll] [N/A, N/A]
[C:\WINDOWS\system32\nvshell.dll] [N/A, N/A]
[d:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll] [Kaspersky Lab, 5.0.388.1]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [, 2, 1, 6, 1046]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [ , 2, 0, 1, 1007]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 1, 1, 3, 1035]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] [Yahoo!, 2, 1, 8, 1048]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] [, 1, 2, 7, 1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ywiper.dll] [N/A, 1, 0, 1, 1014]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll] [Kaspersky Lab, 5.0.1.18]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrch_ag.dll] [Kaspersky Lab, 5.0.388.1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll] [Kaspersky Lab, 5.0.388.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\pr_rmt.dll] [Kaspersky Lab, 5.0.388.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ccclient.dll] [Kaspersky Lab, 5.0.388.1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll] [Kaspersky Lab, 5.0.388.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLUtil.dll] [Kaspersky Lab, 5.0.388.1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\rpt.dll] [Kaspersky Lab, 5.0.388.2]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CCIFACE.dll] [Kaspersky Lab, 5.0.388.1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prloader.dll] [Kaspersky Lab, 5.0.388.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prkernel.ppl] [Kaspersky Lab, 5.0.388.0]
[d:\program files\kaspersky lab\kaspersky anti-virus personal\prstring.ppl] [Kaspersky Lab, 5.0.388.0]
[d:\program files\kaspersky lab\kaspersky anti-virus personal\pr_srv.ppl] [Kaspersky Lab, 5.0.388.0]
[d:\program files\kaspersky lab\kaspersky anti-virus personal\pr_clnt.ppl] [Kaspersky Lab, 5.0.388.0]
[d:\program files\kaspersky lab\kaspersky anti-virus personal\tempfile.ppl] [Kaspersky Lab, 5.0.388.0]
[PID: 1720][C:\WINDOWS\system32\com\smss.exe] [N/A, N/A]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yclickon.dll] [YAHOO Corporation Limited, 2, 0, 1, 1002]
[PID: 168][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe] [ , 2, 0, 0, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 1, 1018]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [, 2, 1, 6, 1046]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [ , 2, 0, 1, 1007]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Ynotifier.dll] [, 1, 0, 0, 5]
[PID: 212][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 1, 1018]
[PID: 3884][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.9148]
[C:\WINDOWS\system32\nvapi.dll] [N/A, N/A]
[PID: 2644][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 4044][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 1, 1018]
[PID: 1952][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 1, 1018]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] [Yahoo, 1, 0, 2, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [, 2, 1, 6, 1046]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [ , 2, 0, 1, 1007]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] [Yahoo!, 2, 1, 8, 1048]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasnoad.dll] [, 1, 1, 4, 1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yzsNetProto.dll] [Yahoo, 1, 0, 0, 1]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 1, 1, 3, 1035]
[C:\Program Files\superutilbar\superutilbar.dll] [www.shiyongsousuo.com, 2, 1, 8, 24]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll] [Yahoo., 1, 0, 5, 1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] [, 1, 2, 7, 1006]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll] [Kaspersky Lab, 5.0.1.18]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrch_ag.dll] [Kaspersky Lab, 5.0.388.1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll] [Kaspersky Lab, 5.0.388.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\pr_rmt.dll] [Kaspersky Lab, 5.0.388.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ccclient.dll] [Kaspersky Lab, 5.0.388.1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll] [Kaspersky Lab, 5.0.388.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLUtil.dll] [Kaspersky Lab, 5.0.388.1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\rpt.dll] [Kaspersky Lab, 5.0.388.2]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CCIFACE.dll] [Kaspersky Lab, 5.0.388.1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prloader.dll] [Kaspersky Lab, 5.0.388.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prkernel.ppl] [Kaspersky Lab, 5.0.388.0]
[d:\program files\kaspersky lab\kaspersky anti-virus personal\prstring.ppl] [Kaspersky Lab, 5.0.388.0]
[d:\program files\kaspersky lab\kaspersky anti-virus personal\pr_srv.ppl] [Kaspersky Lab, 5.0.388.0]
[d:\program files\kaspersky lab\kaspersky anti-virus personal\pr_clnt.ppl] [Kaspersky Lab, 5.0.388.0]
[d:\program files\kaspersky lab\kaspersky anti-virus personal\tempfile.ppl] [Kaspersky Lab, 5.0.388.0]
[c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll] [ , 1, 0, 3, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrepair.dll] [Yahoo, 1, 0, 8, 1321]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yoptimum.dll] [Yahoo, 1, 0, 1, 1001]
[C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll] [Yahoo, 1, 0, 2, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yXPStyle.dll] [Yahoo, 1, 0, 2, 1309]
[C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yprockg.dll] [Yahoo!, 1, 0, 6, 1007]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[PID: 3264][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 1, 1018]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll] [Yahoo, 1, 0, 2, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll] [, 2, 1, 6, 1046]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll] [ , 2, 0, 1, 1007]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] [Yahoo!, 2, 1, 8, 1048]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yaswiper.dll] [Yahoo, 1, 0, 1, 1004]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasiesec.dll] [Yahoo, 1, 0, 2, 1003]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasnoad.dll] [, 1, 1, 4, 1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yzsNetProto.dll] [Yahoo, 1, 0, 0, 1]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll] [Yahoo! China, 1, 1, 3, 1035]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll] [Yahoo! China, 1, 0, 1, 1015]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yclickon.dll] [YAHOO Corporation Limited, 2, 0, 1, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll] [Yahoo., 1, 0, 5, 1006]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL] [, 1, 2, 7, 1006]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll] [Kaspersky Lab, 5.0.1.18]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrch_ag.dll] [Kaspersky Lab, 5.0.388.1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll] [Kaspersky Lab, 5.0.388.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\pr_rmt.dll] [Kaspersky Lab, 5.0.388.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ccclient.dll] [Kaspersky Lab, 5.0.388.1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll] [Kaspersky Lab, 5.0.388.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLUtil.dll] [Kaspersky Lab, 5.0.388.1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\rpt.dll] [Kaspersky Lab, 5.0.388.2]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CCIFACE.dll] [Kaspersky Lab, 5.0.388.1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prloader.dll] [Kaspersky Lab, 5.0.388.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prkernel.ppl] [Kaspersky Lab, 5.0.388.0]
[d:\program files\kaspersky lab\kaspersky anti-virus personal\prstring.ppl] [Kaspersky Lab, 5.0.388.0]
[d:\program files\kaspersky lab\kaspersky anti-virus personal\pr_srv.ppl] [Kaspersky Lab, 5.0.388.0]
[d:\program files\kaspersky lab\kaspersky anti-virus personal\pr_clnt.ppl] [Kaspersky Lab, 5.0.388.0]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[d:\program files\kaspersky lab\kaspersky anti-virus personal\tempfile.ppl] [Kaspersky Lab, 5.0.388.0]
[c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll] [ , 1, 0, 3, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrepair.dll] [Yahoo, 1, 0, 8, 1321]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yoptimum.dll] [Yahoo, 1, 0, 1, 1001]
[C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll] [Yahoo, 1, 0, 2, 1002]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yXPStyle.dll] [Yahoo, 1, 0, 2, 1309]
[C:\WINDOWS\system32\msdmo.dll] [N/A, N/A]
[C:\Program Files\superutilbar\superutilbar.dll] [www.shiyongsousuo.com, 2, 1, 8, 24]
[PID: 2008][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[PID: 424][C:\WINDOWS\system32\com\lsass.exe] [N/A, N/A]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 1, 1018]
[C:\PROGRA~1\Yahoo!\ASSIST~1\yclickon.dll] [YAHOO Corporation Limited, 2, 0, 1, 1002]
[PID: 432][D:\Downloads\kill\sreng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll] [, 2, 0, 1, 1018]

210.74.232.156 music.yaho,.com.cn
210.74.232.156 d.sogou.com
210.74.232.156 www.qq163.com
210.74.232.156 www.haoting.com
210.74.232.156 www.nowok.net
210.74.232.156 www.yymp3.com
210.74.232.156 music.feifa.com
210.74.232.156 www.tt67.com
210.74.232.156 www.kugoo.com
210.74.232.156 www.9sky.com
210.74.232.156 www.13139.com
210.74.232.156 www.mtvtop.com
210.74.232.156 www.6621.com
210.74.232.156 www.1ting.com
210.74.232.156 www.cococ.com
210.74.232.156 www.520music.com
210.74.232.156 www.7xi.net
210.74.232.156 www.st020.cn
210.74.232.156 www.9flash.com
210.74.232.156 www.7t7t.com
210.74.232.156 www.chinamp3.com
210.74.232.156 verycd.com
210.74.232.156 www.verycd.com
210.74.232.156 movie.poco.cn
210.74.232.156 pp365.net
210.74.232.156 www.pp365.net
210.74.232.156 btchina.net
210.74.232.156 bbs.btbbt.com
210.74.232.156 btz.cn
210.74.232.156 www.btz.cn
210.74.232.156 fkee.com
210.74.232.156 www.fkee.com
210.74.232.156 bt.kaicn.com
210.74.232.156 bt.acnow.net
210.74.232.156 movie.pcpop.com
210.74.232.156 bbs.cnxp.com
210.74.232.156 bt.sogua.com
210.74.232.156 gamedown.yesky.com
210.74.232.156 games.enet.com.cn
210.74.232.156 download.pchome.net
210.74.232.156 www.yxdown.com
210.74.232.156 movie.baidu.com
210.74.232.156 vagaa.com
210.74.232.156 www.vagaa.com
210.74.232.156 hnnn.net
210.74.232.156 www.hnnn.net
210.74.232.156 cn-see.com
210.74.232.156 www.cn-see.com
210.74.232.156 100bao.com
210.74.232.156 www.100bao.com

运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
Network Security
[Performance Moniter
，选择“删除服务”
点“设置”选择“否”

运行(双击)SRENG2，点“启动项目，服务，点“驱动程序”
勾选“隐藏微软服务”选中病毒服务
5061312
a0
kmsinput
，选择“删除服务”
点“设置”选择“否”

重启按F８进入安全模式下
显示隐藏文件
删除：   
C:\WINDOWS\system32\sdhcl.dll
C:\WINDOWS\SYSTEM32\WBEM\MFUCU.DLL
\SystemRoot\System32\drivers\5061312.sys
C:\WINDOWS\system32\drivers\kmsinput.sys
SystemRoot\\SystemRoot\System32\drivers\5061312.sys

查找HOSTS文件，用记事打开，清除里面的
只留这一项：127.0.0.1

推荐使用360安全卫士清理一下流氓

.360下载地址:
http://www.360safe.com/
http://www.xdowns.com/soft/8/9/2006/Soft_31554.html
使用后删除360安全卫士

360，不好使的，我的按照要求做了，可是照样出现！不知道为什么那么难清除！

看看学习