启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <iDuba Personal FireWall><C:\KAV6\KAVPFW.EXE>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <KAVRun><C:\KAV6\KAVRun.EXE>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Kulansyn><C:\KAV6\Kulansyn.EXE>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <KpopMon><C:\KAV6\KpopMon.EXE>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <iDuba Personal FireWall><C:\KAV6\KAVPFW.EXE>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <SoundMan><SOUNDMAN.EXE>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <BigDogPath><C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL)>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <avicap32><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <advapi32><RUNDLL32 C:\WINDOWS\Downlo~1\_IS_0518\_IS_ISC.DLL,isc>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <ISC_UpDate><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <ISC><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <popo2004><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <thunder_mini><E:\迷你迅雷\ThunderMini.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Super Rabbit SRRestore><C:\Program Files\Super Rabbit\MagicSet\srrest.exe /autosave>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
  <helperdll><Rundll32 C:\WINDOWS\system32\drivers\Pupw.sys,Rundll32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINDOWS\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>

==================================
启动文件夹
[DuDu下载加速器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\DuDu下载加速器.lnk><N>
[腾讯QQ]
  <C:\Documents and Settings\HHP\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[C-DillaSrv / C-DillaSrv]
  <C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE><C-Dilla Ltd>
[Kingsoft AntiVirus Service / KAVSvc]
  <C:\KAV6\KAVSvc.EXE><kingsoft Antivirus>

浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[EyeOnBrowser Class]
  {1272F701-349D-4DB3-BBCD-10CBDCD049FE} <C:\WINDOWS\Downlo~1\_IS_0518\_IS_WEBH.dll, N/A>
[]
  {3D898C55-74CC-4B7C-B5F1-45913F368388} <C:\WINDOWS\system32\mewin.dll, N/A>
[URLMonitor Class]
  {3ED9FFDA-79DB-4B2D-99B7-16EA3C4A3A92} <C:\WINDOWS\system32\hap.dll, Henbang>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <E:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[DownloadValue Class]
  {616D4040-5712-4F0F-BCF1-5C6420A99E14} <C:\WINDOWS\system32\winhtp.dll, >
[MMSAssist BHO]
  {6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL, >
[DDDMon Class]
  {6BDE1669-B490-48E3-B668-456314F2D6C3} <C:\Program Files\DuDu\DddClient\dddiemon.dll, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[T2BHO Class]
  {B1D147E7-873E-4909-8127-695D9BB78728} <C:\WINDOWS\Downloaded Program Files\barhelp22.0.dll, HDT, Inc.>
[IEHlprObj Class]
  {CE7C3CF0-4B15-11D1-ABED-709549C10000} <C:\WINDOWS\system32\qylhelper.dll, N/A>
[MMSAssistMenu]
  {6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL, >
[金山卓越]
  {8DE0FCD4-5EB5-11D3-AD25-00002100131B} <url:http://www.joyo.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\QQ\QQ.EXE, TENCENT>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[易趣购物]
  {DE60714F-AC17-427e-861A-FD60CBDF119A} <http://adfarm.mediaplex.com/ad/ck/4080-23171-9517-219?cn=song;icon;hp&mpro=http://www.ebay.com.cn, N/A>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[金山毒霸网站]
  {e1fc9760-7b95-49cd-80b9-8c9e41017b93} <url:http://www.duba.net, N/A>
[在线查毒]
  {f58d36c3-40be-4418-a786-d8fbe3eb3554} <C:\KAV6\kavie.HTM, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[金山毒霸]
  {A9BE2902-C447-420A-BB7F-A5DE921E6138} <C:\KAV6\KAIEPlus.DLL, >
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll, >
[完美网译通]
  {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} <C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll, 北京完美时空有限公司>
[天下搜索]
  {56A7DC70-E102-4408-A34A-AE06FEF01586} <C:\WINDOWS\DOWNLO~1\IEBAR2~1.DLL, >
[WebActivater Control]
  {3D8F74EE-8692-4F8F-B8D2-7522E732519E} <C:\WINDOWS\system32\WEBACT~1.OCX, QQ>
[PortalCom AAA 1.0]
  {414E7D87-8073-4EFB-9E4B-C8DF04C979EE} <C:\WINDOWS\DOWNLO~1\PORTAL~1.OCX, Huawei Co. Ltd.>
[天下搜索]
  {56A7DC70-E102-4408-A34A-AE06FEF01586} <C:\WINDOWS\DOWNLO~1\IEBAR2~1.DLL, >
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash.ocx, Macromedia, Inc.>
[Ravonline]
  {DA984A6D-508E-11D6-AA49-0050FF3C628D} <C:\WINDOWS\Downloaded Program Files\RsOnline.dll, Beijing Rising Tech. Co., Ltd.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[EyeOnBrowser Class]
  {1272F701-349D-4DB3-BBCD-10CBDCD049FE} <C:\WINDOWS\Downlo~1\_IS_0518\_IS_WEBH.dll, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\System32\tdc.ocx, Microsoft Corporation>
[]
  {3D898C55-74CC-4B7C-B5F1-45913F368388} <C:\WINDOWS\system32\mewin.dll, N/A>
[URLMonitor Class]
  {3ED9FFDA-79DB-4B2D-99B7-16EA3C4A3A92} <C:\WINDOWS\system32\hap.dll, Henbang>
[PortalCom AAA 1.0]
  {414E7D87-8073-4EFB-9E4B-C8DF04C979EE} <C:\WINDOWS\DOWNLO~1\PORTAL~1.OCX, Huawei Co. Ltd.>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <E:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\System32\shdocvw.dll, N/A>
[天下搜索]
  {56A7DC70-E102-4408-A34A-AE06FEF01586} <C:\WINDOWS\DOWNLO~1\IEBAR2~1.DLL, >
[DownloadValue Class]
  {616D4040-5712-4F0F-BCF1-5C6420A99E14} <C:\WINDOWS\system32\winhtp.dll, >
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[MMSAssist BHO]
  {6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL, >
[DDDMon Class]
  {6BDE1669-B490-48E3-B668-456314F2D6C3} <C:\Program Files\DuDu\DddClient\dddiemon.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[金山快译(&K)]
  {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[金山毒霸]
  {A9BE2902-C447-420A-BB7F-A5DE921E6138} <C:\KAV6\KAIEPlus.DLL, >
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
[T2BHO Class]
  {B1D147E7-873E-4909-8127-695D9BB78728} <C:\WINDOWS\Downloaded Program Files\barhelp22.0.dll, HDT, Inc.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[IEHlprObj Class]
  {CE7C3CF0-4B15-11D1-ABED-709549C10000} <C:\WINDOWS\system32\qylhelper.dll, N/A>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash.ocx, Macromedia, Inc.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[]
  {E1FC9760-7B95-49CD-80B9-8C9E41017B93} <C:\KAV6\KAVEXT.DLL, Kingsoft Corp.>
[完美网译通]
  {F43BD772-ABDD-43B7-A96A-3E9E61946EC0} <C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll, 北京完美时空有限公司>
[  >> 彩信发送 <<]
  <res://C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL/mms.htm, N/A>
[&使用迷你迅雷下载]
  <E:\迷你迅雷\geturl.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <E:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\QQ\SendMMS.htm, N/A>

正在运行的进程
[PID: 556][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 616][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 640][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 684][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 696][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 864][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 932][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1040][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1112][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1268][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1468][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1764][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  <Macrovision><4.20.020>
[PID: 1812][C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE]  <C-Dilla Ltd><3.23.000>
[PID: 1844][C:\KAV6\KAVSvc.EXE]  <kingsoft Antivirus><2003, 11, 12, 70>
    [C:\KAV6\SvcComm.dll]  <kingsoft Antivirus><2004, 7, 28, 1>
    [C:\KAV6\SvcTimer.DLL]  <Kingsoft><2004.4.29.79>
    [C:\KAV6\KavComm.dll]  <Kingsoft Corporation><2003, 11, 12, 66>
    [C:\KAV6\RpcBrge.DLL]  <kingsoft><2003, 11, 12, 64>
    [C:\KAV6\KWatchFn2.dll]  <kingsoft Corporation><2004, 8, 24, 25>
    [C:\KAV6\KAEPlat.DLL]  <Kingsoft Corp.><2004, 8, 18, 48>
    [C:\KAV6\KAEMem.DAT]  <Kingsoft><2004, 8, 18, 10>
    [C:\KAV6\KAVUtils.dll]  <Kingsoft Corp><2004, 2, 12, 69>
    [C:\KAV6\KAVDlg.DLL]  <><2004.7.20.81>
    [C:\KAV6\KAVLogFn.dll]  <N/A><2003, 11, 26, 16>
[PID: 1888][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 192][C:\KAV6\KWatchUI.EXE]  <><2004.1.6.119>
    [C:\KAV6\kavcomm.dll]  <Kingsoft Corporation><2003, 11, 12, 66>
    [C:\KAV6\kavdlg.dll]  <><2004.7.20.81>
    [C:\KAV6\KAVMLM.DLL]  <Kingsoft Corporation><2003.11.12.10>
    [C:\KAV6\RpcBrge.DLL]  <kingsoft><2003, 11, 12, 64>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 204][C:\KAV6\KpopMon.EXE]  <><2004, 2, 2, 31>
    [C:\KAV6\KAVMLM.DLL]  <Kingsoft Corporation><2003.11.12.10>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 244][C:\WINDOWS\SOUNDMAN.EXE]  <Realtek Semiconductor Corp.><5.1.00>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 252][C:\WINDOWS\VM_STI.EXE]  <Vimicro><4, 2, 1124, 6>
    [C:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\VM31bPrp.Ax]  <Vimicro><1.00.01.00>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 288][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3208>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 324][C:\WINDOWS\system32\RUNDLL32.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\Downlo~1\_IS_0518\_IS_ISC.DLL]  <ISC><5, 5, 9, 0>
    [C:\WINDOWS\Downlo~1\_IS_0518\_IS_LOIE.dll]  <ISC><5, 0, 1, 0>
    [C:\WINDOWS\Downlo~1\_IS_0518\_IS_UPD.dll]  <N/A><N/A>
    [C:\WINDOWS\Downlo~1\_IS_0518\_IS_BSYS.dll]  <N/A><N/A>
    [C:\WINDOWS\Downlo~1\_IS_0518\_IS_7ZD.DLL]  <N/A><N/A>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [C:\KAV6\KAVEXT.DLL]  <Kingsoft Corp.><2002, 5, 24, 6>
    [C:\WINDOWS\DOWNLO~1\PORTAL~1.OCX]  <Huawei Co. Ltd.><1.0.1.4>
    [C:\WINDOWS\system32\macromed\flash\Flash.ocx]  <Macromedia, Inc.><7,0,19,0>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 356][E:\迷你迅雷\ThunderMini.exe]  <Thunder Network Technologies Inc.><1, 2, 1, 9>
    [E:\迷你迅雷\boost_thread-vc6-mt-1_31.dll]  <N/A><N/A>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 408][C:\KAV6\MailMon.EXE]  <Kingsoft Co., Ltd><2004, 2, 6, 245>
    [C:\KAV6\KMFilter.DLL]  <><2004, 3, 1, 37>
    [C:\KAV6\parse822.dll]  <Quiksoft Corporation><2, 0, 0, 9>
    [C:\KAV6\KAVLogFn.dll]  <N/A><2003, 11, 26, 16>
    [C:\KAV6\KAVMLM.DLL]  <Kingsoft Corporation><2003.11.12.10>
    [C:\KAV6\KAMsgBox.DLL]  <><2002.9.27.30>
    [C:\KAV6\KAVComm.dll]  <Kingsoft Corporation><2003, 11, 12, 66>
    [C:\KAV6\RpcBrge.DLL]  <kingsoft><2003, 11, 12, 64>
    [C:\KAV6\KAVIPC.DLL]  <Kingsoft Corp.><2002, 3, 29, 8>
    [C:\KAV6\KAVDlg.DLL]  <><2004.7.20.81>
    [C:\KAV6\KAECall.DLL]  <Kingsoft Corporation><2003, 11, 14, 66>
    [C:\KAV6\KAEScan.DLL]  <Kingsoft Corp.><2003, 5, 24, 36>
    [C:\KAV6\KAEPlat.DLL]  <Kingsoft Corp.><2004, 8, 18, 48>
    [C:\KAV6\KAEMem.DAT]  <Kingsoft><2004, 8, 18, 10>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>

[PID: 464][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 888][C:\KAV6\KAVPlus.EXE]  <><2004, 3, 3, 71>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 1016][E:\迷你迅雷\TDUpdate.exe]  <N/A><N/A>
[PID: 1948][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2188][C:\WINDOWS\system32\wuauclt.exe]  <Microsoft Corporation><5.8.0.2469 built by: lab01_n(wmbla)>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 2624][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 3528][C:\Documents and Settings\HHP\My Documents\Huawei\PortalServer\202.109.117.146\PortalClient.exe]  <Huawei Co. Ltd.><1.0.1.6>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 3640][E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\main.exe]  <><1, 0, 0, 1>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\keydll3.dll]  <N/A><N/A>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 4072][E:\QQ\QQ.exe]  <TENCENT><13, 97, 0, 8229>
    [E:\QQ\QQBaseClassInDll.dll]  <><1, 0, 0, 1>
    [E:\QQ\QQHelperDll.dll]  <><1, 0, 0, 1>
    [E:\QQ\BasicCtrlDll.dll]  <Tencent><0, 3, 1, 0>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\QQ\QQAPI.dll]  <><1, 0, 0, 1>
    [E:\QQ\TIMProxy.dll]  <tencent><2.05>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
    [E:\QQ\HostingMgr.dll]  <><1, 0, 0, 1>
    [E:\QQ\LoginCtrl.dll]  <><1, 0, 0, 1>
    [E:\QQ\QQRes.dll]  <tencent><1, 0, 0, 1>
    [E:\QQ\QQMainFrame.dll]  <N/A><N/A>
    [E:\QQ\CQQApplication.dll]  <N/A><N/A>
    [E:\QQ\NewSkin.dll]  <><1, 0, 0, 1>
    [E:\QQ\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
    [E:\QQ\QQAddr.dll]  <深圳市腾讯计算机系统有限公司><0, 3, 0, 42>
    [E:\QQ\QQSpace.dll]  <><1, 0, 0, 1>
    [E:\QQ\BQQApplication.dll]  <N/A><N/A>
    [E:\QQ\VideoDevice.dll]  <Tencent><1.4.0.1>
    [E:\QQ\inplus.dll]  <Tencent><1.4.0.1>
    [C:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
    [E:\QQ\QQPlugin.dll]  <N/A><N/A>
    [E:\QQ\UserDefinedHead.dll]  <><1, 0, 0, 1>
    [E:\QQ\QQAvatar.dll]  <N/A><N/A>
    [E:\QQ\FlashAvatarDll.dll]  <><1, 4, 0, 1>
    [E:\QQ\QQConfigPlugin.dll]  <><1, 0, 0, 1>
    [E:\QQ\PhoneAPI.dll]  <><1, 0, 0, 1>
    [E:\QQ\DialerAllinOne.dll]  <tencent><1, 4, 0, 0>
    [E:\QQ\QRingMng.dll]  <N/A><N/A>
    [E:\QQ\LongConnection.dll]  <tencent><0, 3, 1, 7>
    [E:\QQ\QQPet.dll]  <><1, 0, 0, 1>
    [E:\QQ\QQUdpGetFileLib.dll]  <tencent><0, 2, 2, 3>
    [E:\QQ\QQZip.dll]  <tencent><2.05>
    [E:\QQ\QQSceneMng.dll]  <N/A><N/A>
    [E:\QQ\QQSysMsgMng.dll]  <N/A><N/A>
    [E:\QQ\QQAllInOne.dll]  <N/A><N/A>
    [E:\QQ\CameraDll.dll]  <><1, 0, 0, 1>
    [E:\QQ\SCCore.dll]  <N/A><N/A>
    [E:\QQ\QQCustomFace.dll]  <N/A><N/A>
    [E:\QQ\ImageOle.dll]  <TODO: <Company name>><1.0.0.1>
    [C:\WINDOWS\system32\macromed\flash\Flash.ocx]  <Macromedia, Inc.><7,0,19,0>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\keydll3.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\NQX.IME]  <nianqing.163.net><4.00.950>
    [E:\QQ\VqqAllInOne.dll]  <Tencent><1.4.0.1>
    [E:\QQ\tencent-proto1.dll]  <Tencent><1.4.0.1>
    [E:\QQ\tencent-comlib.dll]  <Tencent><1.4.0.1>
    [E:\QQ\tencent-proto2.dll]  <Tencent><1.4.0.1>
    [E:\QQ\audioengine.dll]  <TENCENT><1, 4, 0, 1>
    [E:\QQ\GIPSVoiceEngineDLL.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><16.0.0.86>
    [E:\QQ\QQFileTransfer.dll]  <Tencent><0, 3, 1, 16>
    [C:\KAV6\KAVEXT.DLL]  <Kingsoft Corp.><2002, 5, 24, 6>
    [C:\WINDOWS\Downloaded Program Files\RsOnline.dll]  <Beijing Rising Tech. Co., Ltd.><2, 0, 3, 56>
[PID: 1880][E:\QQ\TIMPlatform.exe]  <tencent><3.17>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
    [E:\QQ\TIMProxy.dll]  <tencent><2.05>
[PID: 964][C:\KAV6\KAVPFW.EXE]  <Kingsoft Corporation><2004, 8, 16, 295>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [C:\KAV6\KAVMLM.DLL]  <Kingsoft Corporation><2003.11.12.10>
    [C:\KAV6\PFWScanC.dll]  <KingSoft><2002, 4, 12, 3>
    [C:\KAV6\KAMsgBox.dll]  <><2002.9.27.30>
    [C:\KAV6\NetShare.dll]  <Kingsoft Antivirus><2004, 2, 20, 67>
    [C:\KAV6\KAEPlat.DLL]  <Kingsoft Corp.><2004, 8, 18, 48>
    [C:\KAV6\KAEMem.DAT]  <Kingsoft><2004, 8, 18, 10>
    [C:\KAV6\KAEQSCAN.DLL]  <Kingsoft Corp><2004, 3, 26, 69>
    [C:\KAV6\KAVLogFn.dll]  <N/A><2003, 11, 26, 16>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
[PID: 3124][C:\Program Files\Maxthon\Maxthon.exe]  <MY Soft Technology><1, 3, 3, 50>
    [C:\Program Files\Maxthon\maxzlib.dll]  < ><1, 0, 0, 2>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><16.0.0.86>
    [C:\WINDOWS\Downlo~1\_IS_0518\_IS_WEBH.dll]  <N/A><2, 0, 0, 2>
    [C:\WINDOWS\Downlo~1\_IS_0518\_IS_UPD.DLL]  <N/A><N/A>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
    [C:\Program Files\Maxthon\Services\RealTime\real_time.dll]  <><1, 0, 0, 1>
    [C:\WINDOWS\system32\macromed\flash\Flash.ocx]  <Macromedia, Inc.><7,0,19,0>
    [E:\中游外挂\淘宝旺旺\WangWangX.dll]  <><1, 0, 0, 1>
[PID: 3156][C:\WINDOWS\system32\msiexec.exe]  <Microsoft Corporation><3.1.4000.1823>
[PID: 2560][C:\WINDOWS\explorer.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\Downlo~1\_IS_0518\_IS_LNBK.dll]  <ISC><5, 0, 1, 2>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><16.0.0.86>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  <Autodesk><16.0.0.86>
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [C:\WINDOWS\system32\xunleibho_v8.dll]  <><4, 5, 1, 33>
    [C:\WINDOWS\system32\mewin.dll]  <N/A><N/A>
    [C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL]  <><1, 2, 0, 2>
[PID: 3600][E:\QQ\421245080\MyRecvFiles\SREng.exe]  <Smallfrogs Studio><2.0.12.350>
    [C:\KAV6\KMailFun.dll]  <Kingsoft Co., Ltd><2005, 4, 28, 227>
    [E:\凯旋\凯旋外挂\绝影凯旋1.62\新版绝影凯旋vip1.62版\HookTool.Dll]  <N/A><N/A>

文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  Error. [AutoCADScriptFile]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

刚从QQ发过来的，在线等，谢谢。

当时我一看也吓一跳，许多文件夹、文件在这里常看到，而且是被列为清除的对象，在清理中。