[code]2008-05-04,17:04:41
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <KANGUI.EXE><"C:\KavNet\KANGUI.EXE" -s>  [Kingsoft Corporation]
    <360Safetray><; C:\Documents and Settings\000\桌面\360安全卫士\safemon\360Tray.exe /start>  [奇虎网]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <SoundMAX><; "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <SoundMAXPnP><; C:\Program Files\Analog Devices\Core\smax4pnp.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\UserInit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
==================================
启动文件夹
N/A
==================================
服务
[Human Intexxxce Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Antivirus Net Communication / KANetCommService][Running/Disabled]
  <C:\KavNet\KANSvr.EXE><Kingsoft Corporation>
[Qycx Manager Service / qwpmService][Running/Disabled]
  <"C:\Program Files\qycx\qwm\\bin\qWPMgr.exe"><N/A>
[Qycx Network Agent / Qycx Network Agent][Running/Auto Start]
  <"C:\WINDOWS\system32\qwmSvr.EXE"><>
[UfAutoLoadService / UfAutoLoadService][Running/Disabled]
  <C:\WINDOWS\system32\UfAutoLoadService.exe><>
[UfMsgGhost / UfMsgGhost][Stopped/Disabled]
  <C:\WINDOWS\system32\MsgGhost.exe><>
[U8AuthServer / UFNet][Running/Disabled]
  <C:\WINDOWS\system32\ServerNT.exe><N/A>
==================================
驱动程序
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
  <system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[AEAudio Service / AEAudioService][Running/Manual Start]
  <system32\drivers\AEAudio.sys><Andrea Electronics Corporation>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Stopped/Manual Start]
  <system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Kingsoft AntiARP NIDS Driver / KAntiarp][Running/Manual Start]
  <system32\DRIVERS\kantiarp.sys><Kingsoft Corporation>
[KAVBootC / KAVBootC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[KAVSafe / KAVSafe][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
[KWatch / KWatch][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\KWatch.Sys><Kingsoft Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[S3GIGP / S3GIGP][Running/Manual Start]
  <system32\DRIVERS\S3gIGPm.sys><S3 Graphics Co., Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SenFilt Service / SenFiltService][Running/Manual Start]
  <system32\drivers\Senfilt.sys><Sensaura>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
==================================
浏览器加载项
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\Program Files\Holdfast\Platform\GameClient.exe, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[GerneralPeerID Class]
  {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\peerid.dll, >
[FG2CatchUrl]
  {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <d:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll, FlashGet>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin15.dll, Thunder Networking Technologies,LTD>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Documents and Settings\000\桌面\360安全卫士\live.dll, 360.cn>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Thunder DapCtrl]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.1.6.5710.37.219.dll, ShenZhen Thunder Networking Technologies Ltd.>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SetupAct Class]
  {B18ED293-6C4D-4B74-9598-E2C9543AEA02} <C:\Program Files\Common Files\Kingsoft\SetupActiveX.dll, kingsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.44.68.202.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[FG2CatchUrl]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B525} <d:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll, FlashGet>
[&使用快车(FlashGet)下载]
  <D:\Program Files\FlashGet Network\Flashget\ComDlls\Bholink.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
  <D:\Program Files\FlashGet Network\Flashget\ComDlls\Bhoall.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <d:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
==================================

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)

正在运行的进程
[PID: 776 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 824 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 848 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\imaadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msg711.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msgsm32.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\msg723.acm]  [Microsoft Corporation, 4.4.3400]
    [C:\WINDOWS\system32\msaud32.acm]  [Microsoft Corporation, 8.00.00.4487]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\WINDOWS\system32\vorbis.acm]  [HMS http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]

[PID: 892 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 904 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1076 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\winmn3.dll]  [N/A, ]
[PID: 1164 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1276 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1384 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1468 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1600 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
[PID: 1928 / 000][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\KavNet\KASocket.dll]  [Kingsoft Corporation, 2006, 3, 17, 235]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 17]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\KavNet\KANRMenu.DLL]  [, 2005, 3, 30, 5]
    [C:\WINDOWS\system32\imaadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msg711.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msgsm32.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\msg723.acm]  [Microsoft Corporation, 4.4.3400]
    [C:\WINDOWS\system32\msaud32.acm]  [Microsoft Corporation, 8.00.00.4487]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\WINDOWS\system32\vorbis.acm]  [HMS http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 2004 / 000][C:\Program Files\Analog Devices\Core\smax4pnp.exe]  [Analog Devices, Inc., 6, 0, 0, 20]
    [C:\Program Files\Analog Devices\Core\SMWDMIF.dll]  [Analog Devices, Inc., 6, 0, 4000, 014]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
[PID: 2012 / 000][C:\Program Files\Analog Devices\SoundMAX\Smax4.exe]  [Analog Devices, Inc., 5, 2, 0, 11]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
[PID: 2028 / 000][C:\Documents and Settings\000\桌面\360安全卫士\safemon\360Tray.exe]  [奇虎网, 4, 1, 0, 1004]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\SafeKrnl.dll]  [奇虎网, 4, 1, 0, 1001]
    [C:\Documents and Settings\000\桌面\360安全卫士\AntiAdwa.dll]  [360Safe.com, 4, 1, 0, 1001]
    [C:\Documents and Settings\000\桌面\360安全卫士\live.dll]  [360.cn, 1, 0, 1, 1027]
    [C:\KavNet\KASocket.dll]  [Kingsoft Corporation, 2006, 3, 17, 235]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
[PID: 2040 / 000][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
[PID: 308 / SYSTEM][C:\WINDOWS\system32\inetsrv\inetinfo.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[PID: 328 / SYSTEM][C:\KavNet\KANSvr.EXE]  [Kingsoft Corporation, 2006, 7, 10, 58]
    [C:\KavNet\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [C:\KavNet\dump.dll]  [Kingsoft Co. Ltd., 2007, 7, 25, 10]
    [C:\KavNet\KANSvr.DLL]  [kingsoft, 2005, 9, 30, 7]
    [C:\KavNet\StartKSCE.DLL]  [, 2006, 1, 17, 13]
    [C:\KavNet\KSCESendMsgManage.DLL]  [Kingsoft Corporation, 2006, 2, 16, 11]
    [C:\KavNet\KSCEEssentialModules.DLL]  [, 2005, 8, 18, 5]
    [C:\KavNet\CRecvMsgManage.DLL]  [, 2006, 1, 22, 6]
    [C:\KavNet\KSCEEventSystem.DLL]  [Kingsoft Corporation, 2006, 3, 6, 7]
    [C:\KavNet\KANVirusLogLogicModule.DLL]  [Kingsoft Corporation, 2006, 12, 29, 11]
    [C:\KavNet\CKSCEStream.DLL]  [, 2006, 1, 21, 4]
    [C:\KavNet\BaseModule.DLL]  [, 2007, 4, 25, 29]
    [C:\KavNet\WatchModule.DLL]  [Kingsoft Corporation, 2007, 7, 26, 21]
    [C:\KavNet\KWatchFn2.DLL]  [Kingsoft Corporation, 2007, 7, 31, 103]
    [C:\KavNet\KPluginInteractive.DLL]  [Kingsoft Corp., 2005, 5, 11, 3]
    [C:\KavNet\NetCommunication.DLL]  [, 2007, 8, 8, 137]
    [C:\KavNet\KANCMain.DLL]  [Kingsoft Corporation, 2007, 10, 12, 52]
    [C:\KavNet\KANSAComm.dll]  [kingsoft, 2007, 7, 17, 12]
    [C:\KavNet\RPCRecvMsg.DLL]  [kingsoft, 2006, 5, 19, 9]
    [C:\KavNet\CKSCEDECodeMsg.DLL]  [, 2005, 3, 23, 5]
    [C:\KavNet\KAVTimer.DLL]  [N/A, ]
    [C:\KavNet\KAEPlat.DLL]  [Kingsoft Corp., 2007, 6, 19, 64]
    [C:\KavNet\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\KavNet\KAEUnpack.DAT]  [Kingsoft Corporation, 2008,03,13,209]
    [C:\KavNet\KAVUtils.dll]  [Kingsoft Corp, 2004, 2, 12, 69]
    [C:\KavNet\MFC42.DLL]  [Microsoft Corporation, 6.00.8168.0]
    [C:\KavNet\KAVFilter.DLL]  [kingsoft, 2005, 4, 13, 5]
    [C:\KavNet\KANCFUN.DLL]  [kingsoft, 2006, 12, 29, 10]
    [C:\KavNet\KANSelectIP.DLL]  [Kingsoft Corporation, 2006, 11, 2, 6]
[PID: 492 / SYSTEM][C:\Program Files\qycx\qwm\bin\qWPMgr.exe]  [N/A, ]
[PID: 528 / SYSTEM][C:\WINDOWS\system32\qwmSvr.EXE]  [ , 1, 0, 0, 1]
    [C:\WINDOWS\system32\winmn3.dll]  [N/A, ]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
[PID: 536 / SYSTEM][C:\Program Files\qycx\qwm\bin\qnmScheduler.exe]  [, 1, 0, 0, 1]
    [C:\Program Files\qycx\qwm\bin\schedulerHelp.dll]  [N/A, ]
[PID: 544 / SYSTEM][C:\Program Files\qycx\qwm\bin\qyMcDaemon.exe]  [, 1, 0, 0, 1]
    [C:\Program Files\qycx\qwm\bin\qyMcHelp.dll]  [N/A, ]
    [C:\Program Files\qycx\qwm\bin\netMc2Module.dll]  [, 1, 0, 0, 1]
[PID: 556 / SYSTEM][C:\Program Files\qycx\qwm\bin\qnmResp.exe]  [, 1, 0, 0, 1]
    [C:\Program Files\qycx\qwm\bin\qyMcHelp.dll]  [N/A, ]
    [C:\Program Files\qycx\qwm\bin\netMc2Module.dll]  [, 1, 0, 0, 1]
[PID: 792 / 000][C:\KavNet\KANGUI.EXE]  [Kingsoft Corporation, 2007, 9, 4, 178]
    [C:\KavNet\dump.dll]  [Kingsoft Co. Ltd., 2007, 7, 25, 10]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\KavNet\KASocket.dll]  [Kingsoft Corporation, 2006, 3, 17, 235]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
    [C:\KavNet\KSCESendMsgManage.DLL]  [Kingsoft Corporation, 2006, 2, 16, 11]
    [C:\KavNet\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [C:\KavNet\KSCEEssentialModules.DLL]  [, 2005, 8, 18, 5]
    [C:\KavNet\CRecvMsgManage.DLL]  [, 2006, 1, 22, 6]
    [C:\KavNet\CKSCEStream.DLL]  [, 2006, 1, 21, 4]
    [C:\KavNet\CKSCEDECodeMsg.DLL]  [, 2005, 3, 23, 5]
    [C:\KavNet\RPCRecvMsg.DLL]  [kingsoft, 2006, 5, 19, 9]
[PID: 812 / SYSTEM][C:\KavNet\KMailMon.exe]  [Kingsoft Corporation, 2007, 8, 16, 967]
    [C:\KavNet\KAntiSpm.dll]  [Kingsoft Corporation, 2007, 3, 7, 130]
    [C:\KavNet\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\KavNet\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KavNet\KANCMail.dll]  [kingsoft, 2007, 4, 25, 13]
    [C:\KavNet\KSCESendMsgManage.DLL]  [Kingsoft Corporation, 2006, 2, 16, 11]
    [C:\KavNet\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [C:\KavNet\KSCEEssentialModules.DLL]  [, 2005, 8, 18, 5]
    [C:\KavNet\CRecvMsgManage.DLL]  [, 2006, 1, 22, 6]
    [C:\KavNet\CKSCEStream.DLL]  [, 2006, 1, 21, 4]
    [C:\KavNet\CKSCEDECodeMsg.DLL]  [, 2005, 3, 23, 5]
    [C:\KavNet\RPCRecvMsg.DLL]  [kingsoft, 2006, 5, 19, 9]
    [C:\KavNet\KAVIPC2.DLL]  [Kingsoft Corporation, 2006, 8, 18, 25]
    [C:\KavNet\KAECall2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 7]
    [C:\KavNet\KAEPlat.DLL]  [Kingsoft Corp., 2007, 6, 19, 64]
    [C:\KavNet\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\KavNet\KAEUnpack.DAT]  [Kingsoft Corporation, 2008,03,13,209]
    [C:\KavNet\KASocket.dll]  [Kingsoft Corporation, 2006, 3, 17, 235]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
[PID: 1208 / SYSTEM][C:\WINDOWS\system32\ServerNT.exe]  [N/A, ]
    [C:\WINDOWS\system32\UMiscell.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\M80SGV.dll]  [, 8, 2, 0, 0]
    [C:\WINDOWS\system32\SecuComm.dll]  [N/A, ]
[PID: 1856 / 000][C:\WINDOWS\system32\qwmSvr.EXE]  [ , 1, 0, 0, 1]
    [C:\WINDOWS\system32\winmn3.dll]  [N/A, ]
[PID: 460 / SYSTEM][C:\WINDOWS\system32\UfAutoLoadService.exe]  [, 1, 0, 0, 1]
[PID: 2932 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2244 / 000][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 17]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]

[C:\WINDOWS\system32\imaadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msg711.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msgsm32.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\msg723.acm]  [Microsoft Corporation, 4.4.3400]
    [C:\WINDOWS\system32\msaud32.acm]  [Microsoft Corporation, 8.00.00.4487]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\WINDOWS\system32\vorbis.acm]  [HMS http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]
    [C:\WINDOWS\system32\WINWB86.IME]  [Microsoft Corporation, 5.00.2000.3]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 4, 23]
[PID: 2528 / 000][C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.7.7.441]
    [C:\Program Files\Thunder Network\Thunder\Program\BugReport.dll]  [迅雷网络, 1, 0, 1, 4]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 1, 56]
    [C:\Program Files\Thunder Network\Thunder\Program\download_intexxxce.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [C:\Program Files\Thunder Network\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder Network\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [C:\Program Files\Thunder Network\Thunder\Program\streammedialib.dll]  [, 1, 3, 2, 124]
    [C:\Program Files\Thunder Network\Thunder\Program\al.dll]  [, 1, 0, 1, 3]
    [C:\Program Files\Thunder Network\Thunder\Program\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 6]
    [C:\Program Files\Thunder Network\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
    [C:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 8, 26]
    [C:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 3, 34]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\imaadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msg711.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msgsm32.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\msg723.acm]  [Microsoft Corporation, 4.4.3400]
    [C:\WINDOWS\system32\msaud32.acm]  [Microsoft Corporation, 8.00.00.4487]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\WINDOWS\system32\vorbis.acm]  [HMS http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 2, 24]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed15.dll]  [Thunder Networking Technologies,LTD, 3, 4, 6, 99]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\PlayerHelper.dll]  [thunder, 1, 1, 4, 37]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\XLNet.dll]  [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\XLIPC.DLL]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [C:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 5, 70]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
    [C:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 5, 0, 16]
    [C:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
    [C:\Program Files\Thunder Network\Thunder\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Thunder Network\Thunder\Components\Security\ThunderSafe.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 71]
    [C:\Program Files\Thunder Network\Thunder\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Thunder Network\Thunder\Components\Security\XLSafeUI.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 71]
    [C:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 6, 20]
    [C:\Program Files\Thunder Network\Thunder\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 2, 2, 22]
    [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\XLSafeHost.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 57]
    [C:\Program Files\Thunder Network\Thunder\Plugins\KanKanTop\KanKanTop.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
    [C:\Program Files\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 16]
    [C:\Program Files\Thunder Network\Thunder\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 11, 106]
    [C:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VPSHELL.dll]  [迅雷网络, 3, 0, 1, 33]
    [C:\Program Files\Thunder Network\Thunder\Components\UserExperience\UserExperience.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsXlCom.dll]  [, 1, 0, 0, 29]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\MediaWorker.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 22]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Thunder Network\Thunder\Components\Tips\XLIPC.DLL]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [C:\Program Files\Thunder Network\Thunder\Components\DownloadStat\DownloadStat.dll]  [深圳市迅雷网络技术有限公司, 1, 3, 1, 4]
[PID: 2220 / 000][C:\Documents and Settings\000\桌面\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
    [C:\Documents and Settings\000\桌面\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1  yu.8s7.net
127.0.0.1  1.jopanqc.com
127.0.0.1  2.joppnqq.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  xxx.m111.biz
127.0.0.1  1.jopenqc.com
127.0.0.1  1.jopenkk.com
127.0.0.1  xxx.vh7.biz
127.0.0.1  xxx.j41m.com
127.0.0.1  3.joppnqq.com
127.0.0.1  d.93se.com
127.0.0.1  www.868wg.com
127.0.0.1  xxx.mmma.biz
127.0.0.1  ilove.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  www.tomwg.com
127.0.0.1  www.cike007.cn
127.0.0.1  www.22aaa.com
127.0.0.1  xx.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
127.0.0.1  1.jopmmqq.com
127.0.0.1  171817.171817.com
127.0.0.1  d2.llsging.com
127.0.0.1  down.malasc.cn
127.0.0.1  llboss.com
127.0.0.1  nx.51ylb.cn
127.0.0.1  my.531jx.cn
127.0.0.1  qqq.dzydhx.com
127.0.0.1  qqq.hao1658.com
127.0.0.1  www.333292.com
127.0.0.1  down.18dd.net
127.0.0.1  up.22x44.com
127.0.0.1  aaa.faba01.com
127.0.0.1  bad.tqdlt.cn
127.0.0.1  1.chsipo.com
127.0.0.1  c3.aishangai.net
127.0.0.1  c2.aishangai.net
127.0.0.1  xxx.188dm.com
127.0.0.1  x2.1a2b3c1.com
127.0.0.1  d1.163500.net
127.0.0.1  down.google-serv.cn
==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 2012, C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2028, C:\DOCUMENTS AND SETTINGS\000\桌面\360安全卫士\SAFEMON\360TRAY.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 528, C:\WINDOWS\SYSTEM32\QWMSVR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 792, C:\KAVNET\KANGUI.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1208, C:\WINDOWS\SYSTEM32\SERVERNT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1856, C:\WINDOWS\SYSTEM32\QWMSVR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2528, C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\THUNDER5.EXE]
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================[/code]

附件型试上传上来吧。。

我是如皋的，有空联系联系QQ：469454

说起这事已经很久了，也是一个朋友做的错事！ 

05年的夏天，我在打桌球的时候认识了一个女孩。女孩很清秀，个子也很高！

当时很想认识她，正在我想的时候，和我打球的朋友。他女友正和那个女孩认识，也看到了他朋友，就叫他！

  她们慢慢的走了过来，不知道为什么我的心跳开始加速，魔域私服可能因为她走了过来吧！慢慢的我们开始聊天，一直聊天半夜，都不知道去哪好，我们就找了个地方打牌！没有打一会我朋友和他女友就睡着了，只有和我她还坐着在！

我把电视打开，我和她看电视，完美世界私服边看边聊！魔域私服我开玩笑的说，做我女友好吗？她想了一会答应了，我说真的？她回答的很快，是的！是真的。我说我开玩笑的，她却一下不高兴了，说我聊她玩的，还说她是认真的！没有和我开玩笑！

就这样，我们开始了我们的爱情！后来我去了广州，在那边上班~她在武汉上班~每天晚上我们都通电话，告诉对方今天所做的事，也告诉她我很想她！免费电影到最后，经不主对她的想念，我从广州回到武汉，在武汉找了个事做。

我回来后想给她一个惊喜，魔域私服 就晚上跑到她上班的地方去等她下班！她见到我很吃惊，也很高兴！我上前抱着她，她哭了！

时间过的很快，一晃半年过去了，魔域完美咨迅站我在广州认识的一个朋友来到武汉，我接待了他，他说想见见我的女友。我没有拒绝，晚上我女友一下班就来我这里了，我朋友一见到她就问候她，我们聊了一会天，我女友就要回她住的地方了！我和他送走了我女友后，也把他安排了巨人私服地方睡觉！

过年的时候，我不知道为什么，我女友的妈妈打电话我说她3天没有回去了！我开始心慌了，到处去找她！最后找到了，她在武汉，免费电影和我朋友在一起！我当时心里一阵巨痛。我强忍着，和她说你给家里打个电话，让妈的妈妈放心，说你在上班！她说不打。我没有出声，给她家里打了一个电话，说她在武汉上班~没有什么事。全国小吃网很好的！  这是我第一次帮她向家里说慌！

我朋友告诉我说，她这3天都和我在一起，免费电影我没有多想。说了一声！祝你们幸福！转身就走了！

3个月后，我接到她打给我的电话，说她怀孕了，免费电影 我没有出声，她找我要钱！我说没有。就这样我挂了电话！又过了一个月，她又给我打了一个电话，说他们要结婚了，请我去！我说没有时间，魔域私服我在上班！就这样，我没有参加他们的婚礼！我们就这样结束了！

扫SRENG日志发到论坛来
http://www.kztechs.com/sreng/download.html
下载System Repair Engineer
1 解压缩sreng2.zip（建议解压到系统Windows文件夹里）
2 运行SREng.exe ((将SREng.exe改名为123.com运行))
3 智能扫描=》扫描=》保存报告
4 把报告保存后，直接将日志内容彻底复制到一个空记事本里，然后再保存，就可以以附件的形式xxx坛来了。
一定以附件形式发这论坛来。
点击我这贴右下角的“引用”然后就应该知道怎么发了。

你可以打开日志后，在左上角的“编辑”里选择“全选”再选择“复制”
就可以彻底复制日志内容到另一个空记事本保存了


用附件，别直接贴