我的机子过上几分钟就会弹出一个网页，是一个手机铃声的网站。还有就是会弹出一个叫电鹰影视网的小框。这是怎么回事呀？

请下载SREng2（最新版） ，使用“智能扫描”，按下“扫描”按钮进行扫描，
扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，请不要修改。

下载地址
http://free5.ys168.com/?ufwihgu168
http://www.kztechs.com/sreng/sreng2.zip

[CODE]

2007-01-30,22:04:12

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <KavPFW><"C:\KAV2006\KPFW32.EXE">  [Kingsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SunJavaUpdateSched><C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe>  [Sun Microsystems, Inc.]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot>  [RealNetworks, Inc.]
    <KavStart><"C:\KAV2006\KAVStart.exe" -startup>  [Kingsoft Corporation]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{2D49692C-A5FD-4E29-A3CD-37E9B182FCC6}><C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys>  [N/A]
    <{1A404685-7563-4d02-B0F6-58B308A406A9}><c:\program files\analog devices\soundmax\lnnzwyan.dll>  [N/A]
    <{99F1D023-7CEB-4586-80F7-BB1A98DB7602}><C:\Program Files\Internet Explorer\IEXPLORE.Sys>  [N/A]
    <{FEB94F5A-69F3-4645-8C2B-9E71D270AF2E}><C:\Program Files\Internet Explorer\IEXPLORE.Dat>  [N/A]
    <{923509F1-45CB-4EC0-BDE0-1DED35B8FD60}><C:\Program Files\Internet Explorer\IEXPLORE.win>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[18B6553D / 18B6553D][Stopped/Auto Start]
  <C:\WINDOWS\system32\18B6553D.EXE -service><Microsoft Corporation>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[DCOM Server Process Launher / DC0r][Stopped/Auto Start]
  <C:\WINDOWS\system32\kl.exe><N/A>
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard][Stopped/Auto Start]
  <C:\Program Files\ewido anti-spyware 4.0\guard.exe><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
  <"C:\KAV2006\KPfwSvc.EXE"><キングソフト株式会社>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
  <C:\KAV2006\KWatch.EXE><Kingsoft Corporation>
[Macromedia Licensing Service / Macromedia Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[Network Location Manager / Nlm][Stopped/Auto Start]
  <C:\Program Files\NetMeeting\NetMeeting.exe><N/A>
[Remote Procedure Call System(RPCSI) / RpcSI][Stopped/Auto Start]
  <C:\WINDOWS\system32\Rpcsi.exe><N/A>
[Remote Procedure Call System(RPCSk) / RpcSk][Stopped/Auto Start]
  <C:\WINDOWS\system32\Rpcsk.exe><N/A>
[SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[Network Management Center Task / W32Tasks][Stopped/Auto Start]
  <C:\WINDOWS\system32\taskman32.exe><N/A>
[Win32 Display Driver / Win32DDS][Stopped/Auto Start]
  <C:\WINDOWS\system32\\rundll32.exe windds32.dll,input><Microsoft Corporation>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
  <C:\WINDOWS\system32\\rundll32.exe windhcp.ocx,input><Microsoft Corporation>
[Windows Management Instrumentation Driver / WMID][Running/Auto Start]
  <C:\WINDOWS\system32\wmid.exe><Microsoft Corporation>

==================================
驱动程序
[aeaudio / aeaudio][Running/Manual Start]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[CnsMinKP / CnsMinKP][Running/]
  <2 - 系统找不到指定的文件。
><N/A>
[IdeBusDr / IdeBusDr][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\IdeBusDr.sys><Intel Corporation>
[Intel(R) Ultra ATA Controller / IdeChnDr][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\IdeChnDr.sys><Intel Corporation>
[kmsinput / kmsinput][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[KNetWch / KNetWch][Running/System Start]
  <\??\C:\KAV2006\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[Netgroup Packet Filter / NPF][Running/Manual Start]
  <system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\Program Files\Tencent\QQ\npkycryp.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[smwdm / smwdm][Running/Manual Start]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[squella / squella][Running/Manual Start]
  <2 - 系统找不到指定的文件。
><N/A>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[DyMiniToolbarObj Class]
  {AFA9B55A-7CC8-4851-B8DB-26408A2907FF} <C:\WINDOWS\system32\DyMiniToolbar20060411.dll, N/A>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <C:\Program Files\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司>

[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[易趣购物]
  {DE607141-AC19-421e-862A-2D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Java Plug-in 1.5.0_04]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
[ChinaCache加速下载客户端]
  {BAC112DD-C51E-4712-A622-77C1D8075072} <C:\WINDOWS\DOWNLO~1\P2SPCP~1.DLL, >
[Java Plug-in 1.5.0_04]
  {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[VqqSpeedDlProxy Class]
  {9ADACAA6-533E-4383-AFA7-F0A66650B6D8} <C:\WINDOWS\vqqsdl10.dll, Tencent Technology (Shenzhen) Company Limited>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[DyMiniToolbarObj Class]
  {AFA9B55A-7CC8-4851-B8DB-26408A2907FF} <C:\WINDOWS\system32\DyMiniToolbar20060411.dll, N/A>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[ChinaCache加速下载客户端]
  {BAC112DD-C51E-4712-A622-77C1D8075072} <C:\WINDOWS\DOWNLO~1\P2SPCP~1.DLL, >
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WVX Moniker Class]
  {CD3AFA95-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>

[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用ChinaCache P2SP 加速下载(&C)]
  <C:\Program Files\p2spcd\\P2SPDown.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[用比特精灵下载(&B)]
  <D:\下载软件\BitSpirit\bsurl.htm, N/A>

==================================
正在运行的进程
[PID: 448][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 504][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 528][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 572][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 592][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 736][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
[PID: 804][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 916][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 968][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 1044][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 1156][C:\KAV2006\KWatch.EXE]  [Kingsoft Corporation, 2005, 9, 27, 51]
    [C:\KAV2006\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
[PID: 1284][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 1784][C:\KAV2006\KPfwSvc.EXE]  [キングソフト株式会社, 2005, 12, 27, 889]
[PID: 1876][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 248][C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe]  [Sun Microsystems, Inc., 5.0.40.5]
[PID: 260][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.1622]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
[PID: 272][C:\KAV2006\KAVStart.exe]  [Kingsoft Corporation, 2006, 7, 30, 905]
    [C:\KAV2006\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\KAV2006\PopSprt3.dll]  [Kingsoft Corporation, 2006, 8, 12, 908]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
[PID: 268][C:\WINDOWS\Systemt.exe]  [N/A, N/A]
[PID: 720][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
[PID: 752][C:\KAV2006\KPFW32.EXE]  [Kingsoft Corporation, 2006, 9, 28, 919]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\KAV2006\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\KAV2006\FiltList.dll]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
[PID: 940][C:\KAV2006\KMailMon.EXE]  [Kingsoft Corporation, 2005, 10, 8, 85]
    [C:\KAV2006\KAntiSpm.dll]  [N/A, 1, 0, 0, 2]
    [C:\KAV2006\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\KAV2006\KAECall2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 7]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
    [C:\KAV2006\KAConfig.DLL]  [Kingsoft Corporation, 2005, 10, 20, 35]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
[PID: 1240][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.win]  [N/A, N/A]
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xunleibho_v8.dll]  [, 4, 5, 1, 33]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
[PID: 2552][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 3080][C:\Program Files\ChinaNetSn\bin\Dialterminal.exe]  [陕西电信有限公司, 0, 0, 1, 8]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\ChinaNetSn\plugin\remote\remoteRequest.dll]  [西安信利软件科技有限公司, 1, 7, 0, 0]
    [C:\Program Files\ChinaNetSn\bin\detector.dll]  [西安信利软件系统有限公司, 1, 0, 0, 2]
    [C:\WINDOWS\system32\wpcap.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\system32\packet.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\system32\WanPacket.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\KAV2006\KAScript.DLL]  [Kingsoft Corporation, 2006, 2, 10, 60]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
[PID: 3772][D:\下载软件\BitSpirit\BitSpirit.exe]  [LANSPIRIT.NET, 3.1.0.77]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [D:\下载软件\BitSpirit\plugin\peerid.dll]  [N/A, N/A]
    [D:\下载软件\BitSpirit\plugin\tracker.dll]  [N/A, N/A]
[PID: 1472][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\WINDOWS\system32\xunleibho_v8.dll]  [, 4, 5, 1, 33]
    [C:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\WINDOWS\system32\DyMiniToolbar20060411.dll]  [N/A, 1, 0, 0, 1]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\KAV2006\KAScript.DLL]  [Kingsoft Corporation, 2006, 2, 10, 60]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 1732][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\WINDOWS\system32\xunleibho_v8.dll]  [, 4, 5, 1, 33]
    [C:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\WINDOWS\system32\DyMiniToolbar20060411.dll]  [N/A, 1, 0, 0, 1]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\KAV2006\KAScript.DLL]  [Kingsoft Corporation, 2006, 2, 10, 60]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
[PID: 3356][C:\Program Files\浩方对战平台\GameClient.exe]  [上海浩方在线信息技术有限公司, 4.7.2.0]
    [C:\Program Files\浩方对战平台\GameShell.dll]  [上海浩方在线信息技术有限公司, 4.7.2.0]
    [C:\Program Files\浩方对战平台\Proxy.dll]  [上海浩方在线信息技术有限公司, 4.7.0.0]
    [C:\Program Files\浩方对战平台\MeteorCheck.dll]  [N/A, N/A]
    [C:\Program Files\浩方对战平台\ComCtrlLib.dll]  [上海浩方在线信息技术有限公司, 4.7.0.0]
    [C:\Program Files\浩方对战平台\SkinPlusPlusDLL.dll]  [上海浩方在线信息技术有限公司, 4.7.0.0]
    [C:\Program Files\浩方对战平台\GameData.dll]  [上海浩方在线信息技术有限公司, 4.7.2.0]
    [C:\Program Files\浩方对战平台\UserAvatar.dll]  [上海浩方在线信息技术有限公司, 4.7.2.0]
    [C:\Program Files\浩方对战平台\IShowSocket.dll]  [上海浩方在线信息技术有限公司, 4.7.0.0]
    [C:\Program Files\浩方对战平台\IMUIDll.dll]  [上海浩方在线信息技术有限公司, 4.7.2.0]
    [C:\Program Files\浩方对战平台\IMbase.dll]  [上海浩方在线信息技术有限公司, 4.7.0.0]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\Program Files\浩方对战平台\IMRes.dll]  [上海浩方在线信息技术有限公司, 4.7.2.0]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\浩方对战平台\GameRes.dll]  [上海浩方在线信息技术有限公司, 4.7.2.0]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\浩方对战平台\AdsManager.dll]  [上海浩方在线信息技术有限公司, 4.7.2.0]

[C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\KAV2006\KAScript.DLL]  [Kingsoft Corporation, 2006, 2, 10, 60]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
    [C:\Program Files\浩方对战平台\FNSocket.dll]  [, 4, 0, 1, 0]
[PID: 384][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\WINDOWS\system32\xunleibho_v8.dll]  [, 4, 5, 1, 33]
    [C:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\WINDOWS\system32\DyMiniToolbar20060411.dll]  [N/A, 1, 0, 0, 1]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\KAV2006\KAScript.DLL]  [Kingsoft Corporation, 2006, 2, 10, 60]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
[PID: 4380][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINDOWS\system32\xunleibho_v8.dll]  [, 4, 5, 1, 33]
    [C:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\WINDOWS\system32\DyMiniToolbar20060411.dll]  [N/A, 1, 0, 0, 1]
    [C:\KAV2006\KAScript.DLL]  [Kingsoft Corporation, 2006, 2, 10, 60]
    [C:\KAV2006\KAEPlat.DLL]  [Kingsoft Corp., 2006, 4, 25, 58]
    [C:\KAV2006\KAEMem.DAT]  [Kingsoft, 2006, 5, 17, 14]
    [C:\KAV2006\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 5280][D:\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\KAV2006\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
60.169.1.178      hyap98.com
60.169.1.178      www.hyap98.com
60.169.1.178      82087871.com
60.169.1.178      www.82087871.com
60.169.1.178      y1599.com
60.169.1.178      www.y1599.com
60.169.1.178      47555.cn
60.169.1.178      nc.47555.cn
60.169.1.178      cn.47555.cn
60.169.1.178      crsky.47555.cn
60.169.1.178      www.47555.cn
60.169.1.178      kirinkwy.com.cn
60.169.1.178      www.kirinkwy.com.cn
60.169.1.178      goujiao.e34.163ns.com
60.169.1.178      sybaby2.c67.zgsj.com
60.169.1.178      jygame88.com
60.169.1.178      sybaby3.a33.zgsj.com
60.169.1.178      baibu.com
60.169.1.178      www.baidu.com
60.169.1.178      www.yy520ly.cn
60.169.1.178      huiyuan.hz09.9iis.com
60.169.1.178      www.888muma.com
60.169.1.178      urlmon.isxv.com
60.169.1.178      www.feifeicqq.com
60.169.1.178      wow.wow88.cn
60.169.1.178      bbs.v369v.com
60.169.1.178      www.58aa.cn
60.169.1.178      www.zhiminglu.com
60.169.1.178      www.bfsou.net
60.169.1.178      www.daisf.cn
60.169.1.178      www.10223.com

大哥 麻烦你了

重新启动电脑，自动检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式(Safe Mode)进入Windows。）


运行(双击)SRENG2，点“启动项目，服务，点“驱动程序”
勾选“隐藏已认证的微软项目”选中病毒服务npkycryp选择“删除服务”
点“设置”选择“否”


运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
18B6553D
DCOM Server Process Launher
Remote Procedure Call System(RPCSI
Remote Procedure Call System(RPCSk)
Network Management Center Task
Win32 Display Driver
Windows DHCP Service
Windows Management Instrumentation Driver
，选择“删除服务”
点“设置”选择“否”


关闭所有浏览窗口以及一些不必要的程序
运行SREng2,使用“启动项目”－－注册表－－选中以下的项删除
C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys> [N/A]
c:\program files\analog devices\soundmax\lnnzwyan.dll> [N/A]
C:\Program Files\Internet Explorer\IEXPLORE.Sys> [N/A]
C:\Program Files\Internet Explorer\IEXPLORE.Dat> [N/A]
C:\Program Files\Internet Explorer\IEXPLORE.win


显示隐藏文件
删除：
C:\WINDOWS\system32\18B6553D.EXE
C:\WINDOWS\system32\kl.exe
C:\WINDOWS\system32\Rpcsi.exe
C:\WINDOWS\system32\Rpcsk.exe
C:\WINDOWS\system32\taskman32.exe
C:\WINDOWS\system32\windds32.dll
C:\WINDOWS\system32\windhcp.ocx
C:\WINDOWS\system32\wmid.exe
C:\Program Files\Tencent\QQ\npkycryp.sys
C:\WINDOWS\Systemt.exe
C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys> [N/A]
c:\program files\analog devices\soundmax\lnnzwyan.dll> [N/A]
C:\Program Files\Internet Explorer\IEXPLORE.Sys> [N/A]
C:\Program Files\Internet Explorer\IEXPLORE.Dat> [N/A]
C:\Program Files\Internet Explorer\IEXPLORE.win


在C:\WINDOWS\system32\drivers\etc下,用记事本打开HOSTS文件,将里面的内容清空,
留下这一项：127.0.0.1      ，保存