注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows Publisher]
    <iDuba Personal FireWall><>  [N/A]
    <Super Rabbit IEPro><D:\杀毒软件\魔法兔子\MagicSet\SRIECLI.EXE /LOAD>  [Super Rabbit Soft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><nwiz.exe /install>  [N/A]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <VTTimer><VTTimer.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <VTTrayp><VTtrayp.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Publisher]
    <LHotkey><LHotkey.exe>  [Chicony]
    <Kavrun><>  [N/A]
    <iDuba Personal FireWall><>  [N/A]
    <KavStart><"C:\KAV2005\KAVStart.exe" -startup>  [Kingsoft Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [(Verified)"RealNetworks, Inc."]
    <runeip><D:\杀毒软件\瑞星卡卡\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <Exprer><C:\WINDOWS\Exprer.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><D:\杀毒软件\瑞星卡卡\RunOnce.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]

启动文件夹
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\ACROBA~1\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[腾讯QQ]
  <C:\Documents and Settings\liu\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\游戏\QQ\QQ.exe [TENCENT]><N>

服务
[Application Management / AppMgmt][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[TCP/IP Check / Hello Download][Stopped/Auto Start]
  <C:\Program Files\Common Files\System\wab32res.exe><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
  <C:\KAV2005\KWatch.EXE><Kingsoft Corporation>
[NVIDIA Display Driver Service / NVSvc][Stopped/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

驱动程序
[abp480n5 / abp480n5][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[adpu160m / adpu160m][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[Aha154x / Aha154x][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[asc / asc][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[asc3550 / asc3550][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[cd20xrnt / cd20xrnt][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[VIA Rhine-Family Fast Ethernet Adapter Driver Service / FETND5BV][Running/Manual Start]
  <system32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[ini910u / ini910u][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ini910u.sys><Microsoft Corporation>
[KWatch3 / KWatch3][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[mraid35x / mraid35x][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[NTSIM / NTSIM][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\ntsim.sys><VIA Networking Technologies, Inc.>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[Sparrow / Sparrow][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[symc810 / symc810][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[TosIde / TosIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\toside.sys><Microsoft Corporation>
[ultra / ultra][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[viagfx / viagfx][Running/Manual Start]
  <system32\DRIVERS\vtmini.sys><Copyright (C) VIA/S3 Graphics Co, Ltd.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>

浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\杀毒软件\魔法兔子\MagicSet\haokanbar.dll, Xiang Feng Technology>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\迅雷\Thunder.exe, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\游戏\QQ\QQ.EXE, TENCENT>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\杀毒软件\魔法兔子\MagicSet\haokanbar.dll, Xiang Feng Technology>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\flash.ocx, Macromedia, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} <D:\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IeHelper Class]
  {0D42E1BD-09DD-4873-A826-9C7E793EB7B6} <D:\迅雷\Components\ResWorker\DSIeHelper.dll, Thunder Networking Technologies,LTD>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\杀毒软件\魔法兔子\MagicSet\haokanbar.dll, Xiang Feng Technology>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\杀毒软件\魔法兔子\MagicSet\haokanbar.dll, Xiang Feng Technology>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\flash.ocx, Macromedia, Inc.>
[上传到QQ网络硬盘]
  <D:\游戏\QQ\AddToNetDisk.htm, N/A>
[使用迅雷下载]
  <D:\迅雷\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\迅雷\Program\getallurl.htm, N/A>
[添加到QQ自定义面板]
  <D:\游戏\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\游戏\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\游戏\QQ\SendMMS.htm, N/A>

正在运行的进程
[PID: 540][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 600][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 632][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 676][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 688][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 840][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1652][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Acrobatchs\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.7184]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\WINDOWS\HKNTDLL.dll]  [N/A, ]
    [C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\TEMP\LgSy0.dll]  [N/A, ]
    [C:\WINDOWS\TEMP\Msxo0.dll]  [N/A, ]
    [C:\WINDOWS\TEMP\Kavs0.dll]  [N/A, ]
    [C:\WINDOWS\system32\Exprer.dll]  [N/A, ]
[PID: 1780][C:\WINDOWS\system32\VTTimer.exe]  [S3 Graphics, Inc., 2.00.01-0307]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1800][C:\WINDOWS\system32\VTtrayp.exe]  [S3 Graphics Co., Ltd., 2.00.36-0308B]
    [C:\WINDOWS\system32\VTDisply.dll]  [S3 Graphics Co., Ltd., 2.00.51-0308]
    [C:\WINDOWS\system32\VTGamma2.dll]  [S3 Graphics Co., Ltd., 2.00.21-0308B]
    [C:\WINDOWS\system32\VTInfo2.dll]  [S3 Graphics Co., Ltd., 2.00.26-0308B]
    [C:\WINDOWS\system32\VTOvrlay.dll]  [S3 Graphics Co., Ltd., 2.00.23-0308B]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1808][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.42]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1820][C:\WINDOWS\LHotkey.exe]  [Chicony, 1. 0. 0. 1]
    [C:\WINDOWS\HKNTDLL.dll]  [N/A, ]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1828][C:\KAV2005\KAVStart.exe]  [Kingsoft Corporation, 2005, 10, 10, 150]
    [C:\KAV2005\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2005\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\KAV2005\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2005\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2005\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\KAV2005\KAVPassp.dll]  [Kingsoft Corporation, 2005, 7, 29, 212]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1840][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3760]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1852][D:\杀毒软件\瑞星卡卡\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
    [D:\杀毒软件\瑞星卡卡\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1868][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 1904][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.3000]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1936][D:\杀毒软件\魔法兔子\MagicSet\SRIECLI.EXE]  [Super Rabbit Soft, 7.98]
    [C:\WINDOWS\system32\msvbvm60.dll]  [Microsoft Corporation, 6.00.9690]
    [C:\WINDOWS\system32\vb6chs.dll]  [Microsoft Corporation, 6.00.8988]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [D:\杀毒软件\魔法兔子\MagicSet\shlobj71.ocx]  [Sky Software (http://www.ssware.com), 7, 1, 0, 0]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\HKNTDLL.dll]  [N/A, ]
[PID: 1944][C:\KAV2005\KMailMon.EXE]  [Kingsoft Corporation, 2005, 6, 30, 74]
    [C:\KAV2005\KAntiSpm.dll]  [, 1, 0, 0, 2]
    [C:\KAV2005\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\KAV2005\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\KAV2005\KAECall2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 7]
    [C:\KAV2005\KAEPlat.DLL]  [Kingsoft Corp., 2004, 11, 26, 53]
    [C:\KAV2005\KAEMem.DAT]  [Kingsoft, 2004, 11, 9, 11]
    [C:\KAV2005\KAConfig.DLL]  [Kingsoft Corporation, 2005, 3, 23, 30]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]

[PID: 2044][D:\游戏\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [D:\游戏\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\BasicCtrlDll.dll]  [Tencent, 7, 0, 101, 80]
    [D:\游戏\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [D:\游戏\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [D:\游戏\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [D:\游戏\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [D:\游戏\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [D:\游戏\QQ\LoginCtrl.dll]  [N/A, ]
    [D:\游戏\QQ\LoginCtrlRes.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\HKNTDLL.dll]  [N/A, ]
    [D:\游戏\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [D:\游戏\QQ\WizardCtrl.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\QQMainFrame.dll]  [N/A, ]
    [C:\WINDOWS\system32\Macromed\Flash\flash.ocx]  [Macromedia, Inc., 7,0,19,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\游戏\QQ\CQQApplication.dll]  [N/A, ]
    [D:\游戏\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\QQKnowledgeSearch.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\QQAllInOne.dll]  [N/A, ]
    [D:\游戏\QQ\GroupLive.dll]  [N/A, ]
    [D:\游戏\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [D:\游戏\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\游戏\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\游戏\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\QQPlugin.dll]  [N/A, ]
    [D:\游戏\QQ\QQCustomFace.dll]  [N/A, ]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\游戏\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\QRingMng.dll]  [N/A, ]
    [D:\游戏\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [D:\游戏\QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\游戏\QQ\QQMagicFace.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\QQSceneMng.dll]  [N/A, ]
    [D:\游戏\QQ\QQAvatar.dll]  [N/A, ]
    [D:\游戏\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [D:\游戏\QQ\QQFileTransfer.dll]  [Tencent, 0, 3, 3, 5]
    [D:\游戏\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [D:\游戏\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 280]
    [D:\游戏\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [D:\游戏\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [D:\游戏\QQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [D:\游戏\QQ\BQQApplication.dll]  [N/A, ]
    [D:\游戏\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [D:\游戏\QQ\QQSettingCtrl.dll]  [, 1, 0, 0, 1]
    [D:\游戏\QQ\QQSysMsgMng.dll]  [N/A, ]
    [D:\游戏\QQ\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 1, 8, 81]
    [C:\WINDOWS\TEMP\LgSy0.dll]  [N/A, ]
    [C:\WINDOWS\TEMP\Msxo0.dll]  [N/A, ]
    [C:\WINDOWS\TEMP\Kavs0.dll]  [N/A, ]
    [C:\WINDOWS\system32\Exprer.dll]  [N/A, ]
[PID: 420][D:\游戏\QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [D:\游戏\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 432][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [D:\杀毒软件\魔法兔子\MagicSet\haokanbar.dll]  [Xiang Feng Technology, 2, 2, 0, 1612]
    [C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\HKNTDLL.dll]  [N/A, ]
    [C:\KAV2005\KAScript.DLL]  [Kingsoft Corporation, 2005, 4, 1, 53]
    [C:\KAV2005\KAEPlat.DLL]  [Kingsoft Corp., 2004, 11, 26, 53]
    [C:\KAV2005\KAEMem.DAT]  [Kingsoft, 2004, 11, 9, 11]
    [C:\WINDOWS\TEMP\Msxo0.dll]  [N/A, ]
    [C:\WINDOWS\TEMP\LgSy0.dll]  [N/A, ]
    [C:\WINDOWS\TEMP\Kavs0.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\Exprer.dll]  [N/A, ]

[PID: 2368][C:\WINDOWS\system32\notepad.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2812][D:\杀毒软件\aaaaaaaaaaa\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\KAV2005\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [D:\杀毒软件\瑞星卡卡\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\Exprer.dll]  [N/A, ]
    [C:\WINDOWS\TEMP\Kavs0.dll]  [N/A, ]
    [C:\WINDOWS\TEMP\Msxo0.dll]  [N/A, ]
    [C:\WINDOWS\TEMP\LgSy0.dll]  [N/A, ]

文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

HOSTS 文件
127.0.0.1      localhost
127.0.0.1      mmm.caifu18.net
127.0.0.1      www.18dmm.com
127.0.0.1      d.qbbd.com
127.0.0.1      www.5117music.com
127.0.0.1      www.union123.com
127.0.0.1      www.wu7x.cn
127.0.0.1      www.54699.com
127.0.0.1      www1.6tan.com
127.0.0.1      www2.6tan.com
127.0.0.1      www.97725.com
127.0.0.1      down.97725.com
127.0.0.1      ip.315hack.com
127.0.0.1      ip.54liumang.com
127.0.0.1      www.41ip.com
127.0.0.1      xulao.com
127.0.0.1      www.heixiou.com
127.0.0.1      www.9cyy.com
127.0.0.1      www.hunll.com
127.0.0.1      www.down.hunll.com
127.0.0.1      do.77276.com
127.0.0.1      www.baidulink.com
127.0.0.1      adnx.yygou.cn
127.0.0.1      222.73.220.45
127.0.0.1      www.f5game.com
127.0.0.1      www.guazhan.cn
127.0.0.1      wm,103715.com
127.0.0.1      www.my6688.cn
127.0.0.1      i.96981.com
127.0.0.1      d.77276.com
127.0.0.1      www1.cw988.cn
127.0.0.1      cool.47555.com
127.0.0.1      www.asdwc.com
127.0.0.1      55880.cn
127.0.0.1      61.152.169.234
127.0.0.1      cc.wzxqy.com
127.0.0.1      www.54699.com
127.0.0.1      t.gcuj.com
127.0.0.1      www.puma163.com
127.0.0.1      ceoww.com
127.0.0.1      boolom.com
127.0.0.1      adult-novel.cn
127.0.0.1      ll.chinasese.net
127.0.0.1      www.tellumore.com
127.0.0.1      www.o1wg.com
127.0.0.1      www.qq756.com
127.0.0.1      ll.chinasese.net