HijackThis_815汉化版扫描日志 V1.99.1
保存于      9:57:59, 日期 2005-5-6
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\KAV2007\KWatch.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\KAV2007\KPfwSvc.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\LHotkey.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Rising\AntiSpyware\runiep.exe
C:\KAV2007\KAVStart.exe
C:\WINDOWS\shualai.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\KAV2007\KPFW32.EXE
C:\KAV2007\KMailMon.EXE
C:\Progra~1\Eset\1explore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.422\HijackThis1991zww.exe

O1 - Hosts: 61.152.169.246 www.kuaiso.com
O1 - Hosts: 61.152.169.246 www.my6688.cn
O1 - Hosts: 61.152.169.246 www.union123.com
O1 - Hosts: 61.152.169.246 www.ktan.cn
O1 - Hosts: 61.152.169.246 www.2t2t.cn
O1 - Hosts: 61.152.169.246 www.cq530.com
O1 - Hosts: 61.152.169.246 www.365tc.com
O1 - Hosts: 61.152.169.246 ad.qucha.net
O1 - Hosts: 61.152.169.246 www.tan8.cn
O1 - Hosts: 61.152.169.246 www.itjj.net
O1 - Hosts: 61.152.169.246 www.start188.com
O1 - Hosts: 61.152.169.246 www.at58.cn
O1 - Hosts: 61.152.169.246 union.yxad.com
O1 - Hosts: 61.152.169.246 www.iptan.com
O1 - Hosts: 61.152.169.246 www.ip2008.net
O1 - Hosts: 61.152.169.246 www.yqif.com
O1 - Hosts: 61.152.169.246 www.2t2t.cn
O1 - Hosts: 61.152.169.246 www.17tan8.com
O1 - Hosts: 61.152.169.246 17tan8.com
O1 - Hosts: 61.152.169.246 www.688ip.com
O1 - Hosts: 61.152.169.246 www.17tc.com
O1 - Hosts: 61.152.169.246 www.zztan.com
O1 - Hosts: 61.152.169.246 www.5tanip.com
O1 - Hosts: 61.152.169.246 www.16tc.com
O1 - Hosts: 61.152.169.246 www.163se.net
O1 - Hosts: 61.152.169.246 www.724tc.com
O1 - Hosts: 61.152.169.246 www1.6tan.com
O1 - Hosts: 61.152.169.246 www2.6tan.com
O1 - Hosts: 61.152.169.246 www.6tan.com
O1 - Hosts: 61.152.169.246 quxiuu.com
O1 - Hosts: 61.152.169.246 www.quxiuu.com
O1 - Hosts: 61.152.169.246 www.23b.cn
O1 - Hosts: 61.152.169.246 www.ookkw.com
O1 - Hosts: 61.152.169.246 www.97725.com
O1 - Hosts: 61.152.169.246 down.97725.com
O1 - Hosts: 61.152.169.246 www.54699.com
O1 - Hosts: 61.152.169.246 web.77276.com
O1 - Hosts: 61.152.169.246 www.77276.com
O1 - Hosts: 61.152.169.246 d.77276.com
O1 - Hosts: 61.152.169.246 do.77276.com
O1 - Hosts: 61.152.169.246 i.96981.com
O1 - Hosts: 61.152.169.246 wm.103715.com
O1 - Hosts: 61.152.169.246 www.138505.com
O1 - Hosts: 61.152.169.246 cool.47555.com
O1 - Hosts: 61.152.169.246 www.437799.com
O1 - Hosts: 61.152.169.246 www.168080.com
O1 - Hosts: 61.152.169.246 w.168080.com
O1 - Hosts: 61.152.169.246 q.168080.com
O1 - Hosts: 61.152.169.246 www.baidu8.org
O1 - Hosts: 61.152.169.246 d.qbbd.com
O1 - Hosts: 61.152.169.246 w.qbbd.com
O1 - Hosts: 61.152.169.246 www.npjxjy.com
O1 - Hosts: 61.152.169.246 www.wwwlm.net
O1 - Hosts: 61.152.169.246 new2.jixie123.cn
O1 - Hosts: 61.152.169.246 www.18dmm.com
O1 - Hosts: 61.152.169.246 www.souxse.cn
O1 - Hosts: 61.152.169.246 dm1.yiall.com
O1 - Hosts: 61.152.169.246 www.nze21.com
O1 - Hosts: 61.152.169.246 www.puma163.com
O1 - Hosts: 61.152.169.246 www.hyap98.com
O1 - Hosts: 61.152.169.246 www.51liulan.cn
O1 - Hosts: 61.152.169.246 s.gcuj.com
O1 - Hosts: 61.152.169.246 long.down988.cn
O1 - Hosts: 61.152.169.246 x.vvcyin.com
O1 - Hosts: 61.152.169.246 w.vvcyin.com
O1 - Hosts: 61.152.169.246 cc.wzxqy.com
O1 - Hosts: 61.152.169.246 ip.315hack.com
O1 - Hosts: 61.152.169.246 ip.54liumang.com
O1 - Hosts: 61.152.169.246 www.41ip.com
O1 - Hosts: 61.152.169.246 xulao.com
O1 - Hosts: 61.152.169.246 www.xulao.com
O1 - Hosts: 61.152.169.246 www.heixiou.com
O1 - Hosts: 61.152.169.246 www.9cyy.com
O1 - Hosts: 61.152.169.246 adnx.yygou.cn
O1 - Hosts: 61.152.169.246 www1.cw988.cn
O1 - Hosts: 61.152.169.246 www2.cw988.cn
O1 - Hosts: 61.152.169.246 www.asdwc.com
O1 - Hosts: 61.152.169.246 ceoww.com
O1 - Hosts: 61.152.169.246 boolom.com
O1 - Hosts: 61.152.169.246 www.boolom.com
O1 - Hosts: 61.152.169.246 www.tellumore.com
O1 - Hosts: 61.152.169.246 www.o1wg.com
O1 - Hosts: 61.152.169.246 www.qq756.com
O1 - Hosts: 61.152.169.246 ll.chinasese.net
O1 - Hosts: 61.152.169.246 www.cnwangmeng.cn
O1 - Hosts: 61.152.169.246 0.82211.net
O1 - Hosts: 61.152.169.246 rising.whatthishome.com
O1 - Hosts: 61.152.169.246 www.canqiou.com
O1 - Hosts: 61.152.169.246 www.if56.cn
O1 - Hosts: 61.152.169.246 woai777.com
O1 - Hosts: 61.152.169.246 www.cz-kc.com
O1 - Hosts: 61.152.169.246 www.f1ash8.net
O1 - Hosts: 61.152.169.246 new.hackpp.com
O1 - Hosts: 61.152.169.246 ad.taoip.cn
O1 - Hosts: 61.152.169.246 www.game53.com
O1 - Hosts: 61.152.169.246 up.boolom.com
O1 - Hosts: 61.152.169.246 t.gcuj.com
O1 - Hosts: 61.152.169.246 w.zpx520.com
O1 - Hosts: 61.152.169.246 www.08325.cn
O1 - Hosts: 61.152.169.246 d.fangni.net
O1 - Hosts: 61.152.169.246 psxiaokan1.mei7.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll
O2 - BHO: KAVAntiFishing - {55302805-482E-470E-8A57-6795A1487F90} - C:\KAV2007\KAVAFish.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [LHotkey] LHotkey.exe
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 启动项HKLM\\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - 启动项HKLM\\Run: [KavStart] "C:\KAV2007\KAVStart.exe" -startup
O4 - 启动项HKLM\\Run: [WebThunder] E:\WEB\web迅雷\WebThunder.exe
O4 - 启动项HKLM\\Run: [ztsa] C:\DOCUME~1\new\LOCALS~1\Temp\ztso.exe
O4 - 启动项HKLM\\Run: [qjsa] C:\DOCUME~1\new\LOCALS~1\Temp\qjso.exe
O4 - 启动项HKLM\\Run: [shualai] C:\WINDOWS\shualai.exe /i
O4 - 启动项HKLM\\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe
O4 - 启动项HKLM\\Run: [winform] C:\WINDOWS\winform.exe
O4 - 启动项HKLM\\Run: [mppds] C:\WINDOWS\mppds.exe
O4 - 启动项HKLM\\Run: [msccrt] C:\WINDOWS\msccrt.exe
O4 - 启动项HKLM\\Run: [Kvsc3] C:\WINDOWS\Kvsc3.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [KavPFW] "C:\KAV2007\KPFW32.EXE"
O4 - HKCU\..\Run: [ravshell] C:\Progra~1\Eset\1explore.exe
O4 - Startup: 腾讯QQ.lnk = F:\QQ2007\2007qq\QQ.exe
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - F:\迅雷 V5.5.5.269\xunlei55\Program\GetUrl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - F:\迅雷 V5.5.5.269\xunlei55\Program\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - F:\QQ2007\2007qq\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用Web迅雷下载 - E:\WEB\web迅雷\GetUrl.htm
O8 - IE右键菜单中的新增项目: 使用Web迅雷下载全部链接 - E:\WEB\web迅雷\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: 使用影音传送带下载 - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - IE右键菜单中的新增项目: 使用影音传送带下载全部链接 - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - F:\QQ2007\2007qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\QQ2007\2007qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - F:\QQ2007\2007qq\SendMMS.htm
O8 - IE右键菜单中的新增项目: 金山毒霸反钓鱼... - C:\KAV2007\KAF\ShowSet.htm
O9 - 浏览器额外的按钮: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - F:\迅雷 V5.5.5.269\xunlei55\Thunder.exe
O9 - 浏览器额外的“工具”菜单项: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - F:\迅雷 V5.5.5.269\xunlei55\Thunder.exe
O9 - 浏览器额外的按钮: 微软 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.microsoft.com/china/index.htm (file missing)
O9 - 浏览器额外的按钮: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - 浏览器额外的按钮: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - 浏览器额外的“工具”菜单项: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\QQ2007\2007qq\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\QQ2007\2007qq\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\QQ2005\QQIEHelper.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\QQ2005\QQIEHelper.dll (file missing)
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{70BBCB37-F923-4415-8283-FD5F93F5329F}: NameServer = 202.101.224.69 202.101.226.68
O23 - NT 服务: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - C:\KAV2007\KPfwSvc.EXE
O23 - NT 服务: Kingsoft Antivirus KWatch Service (KWatchSvc) - Kingsoft Corporation - C:\KAV2007\KWatch.EXE
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

2007-05-06,11:41:32

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe>  [(Verified)Google Inc]
    <KavPFW><"C:\KAV2007\KPFW32.EXE">  [Kingsoft Corporation]
    <ravshell><C:\Progra~1\Eset\1explore.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <LHotkey><LHotkey.exe>  [Chicony]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <KavStart><"C:\KAV2007\KAVStart.exe" -startup>  [Kingsoft Corporation]
    <WebThunder><E:\WEB\web迅雷\WebThunder.exe>  [(Verified)ShenZhen Thunder Networking Technologies Ltd.]
    <ztsa><C:\DOCUME~1\new\LOCALS~1\Temp\ztso.exe>  []
    <qjsa><C:\DOCUME~1\new\LOCALS~1\Temp\qjso.exe>  []
    <shualai><C:\WINDOWS\shualai.exe /i>  []
    <cmdbcs><C:\WINDOWS\cmdbcs.exe>  []
    <winform><C:\WINDOWS\winform.exe>  []
    <mppds><C:\WINDOWS\mppds.exe>  []
    <msccrt><C:\WINDOWS\msccrt.exe>  []
    <Kvsc3><C:\WINDOWS\Kvsc3.exe>  []
    <WinXPService><C:\WINDOWS\system32\nero.exe>  [mIRC Co. Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\Userinit.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{42A612A4-4334-4424-4234-42261A31A236}><C:\WINDOWS\system32\pdkpri.dll>  []
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\BLISS.SCR>  [Microsoft]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\new\「开始」菜单\程序\启动\腾讯QQ.lnk --> F:\QQ2007\2007qq\QQ.exe [TENCENT]><N>

==================================
服务
[CoolWare / CoolWare][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\struts.dll><N/A>
[F1959A0A / F1959A0A][Stopped/Auto Start]
  <C:\WINDOWS\system32\2DE760.EXE -d><Microsoft Corporation>
[Google Updater Service / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
  <"C:\KAV2007\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
  <C:\KAV2007\KWatch.EXE><Kingsoft Corporation>
[Windows lxnq RunThem / lxnq][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\gsil\qcsv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Serv-U FTP Server / Serv-U][Running/Auto Start]
  <C:\WINDOWS\system32\MSupdate.exe><N/A>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[VIA Rhine-Family Fast Ethernet Adapter Driver Service / FETND5BV][Running/Manual Start]
  <system32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.>
[HWiNFO32 Kernel Driver / HWiNFO32][Running/Auto Start]
  <\??\C:\Program Files\HWiNFO32\HWiNFO32.SYS><REALiX(tm)>
[KNetWch / KNetWch][Running/System Start]
  <\??\C:\KAV2007\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[MegaIDE / MegaIDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\D:\Program Files\QQ2005\npkcrypt.sys><N/A>
[NTSIM / NTSIM][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\ntsim.sys><VIA Networking Technologies, Inc.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[oreans32 / oreans32][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[CBrowseStakeout Class]
  {55302805-482E-470E-8A57-6795A1487F90} <C:\KAV2007\KAVAFish.DLL, Kingsoft Corporation>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <F:\迅雷 V5.5.5.269\xunlei55\Thunder.exe, Thunder Networking Technologies,LTD>
[微软]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\QQ2007\2007qq\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <d:\Program Files\QQ2005\QQIEHelper.dll, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\KAV2007\Flash.OCX, Macromedia, Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[CBrowseStakeout Class]
  {55302805-482E-470E-8A57-6795A1487F90} <C:\KAV2007\KAVAFish.DLL, Kingsoft Corporation>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\KAV2007\Flash.OCX, Macromedia, Inc.>
[&使用迅雷下载]
  <F:\迅雷 V5.5.5.269\xunlei55\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <F:\迅雷 V5.5.5.269\xunlei55\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <F:\QQ2007\2007qq\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <E:\WEB\web迅雷\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <E:\WEB\web迅雷\GetAllUrl.htm, N/A>
[使用影音传送带下载]
  <C:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
  <C:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <F:\QQ2007\2007qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\QQ2007\2007qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <F:\QQ2007\2007qq\SendMMS.htm, N/A>
[金山毒霸反钓鱼...]
  <C:\KAV2007\KAF\ShowSet.htm, N/A>

正在运行的进程
[PID: 592][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 652][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 676][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 720][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 732][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 896][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 964][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1080][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1684][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\pdkpri.dll]  [N/A, ]
    [C:\WINDOWS\HKNTDLL.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\Program Files\Acrobatchs\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.7184]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.7184]
    [C:\WINDOWS\system32\nvshell.dll]  [NVIDIA Corporation, 6.14.10.10035]
[PID: 176][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.10.7184]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.7184]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 184][C:\WINDOWS\LHotkey.exe]  [Chicony, 1. 0. 0. 1]
    [C:\WINDOWS\HKNTDLL.dll]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 172][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.34]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 224][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 272][C:\KAV2007\KAVStart.exe]  [Kingsoft Corporation, 2007, 4, 9, 269]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KAVIPC2.DLL]  [Kingsoft Corporation, 2007, 1, 15, 30]
    [C:\KAV2007\SvcTimer.DLL]  [Kingsoft Corporation, 2006.12.22.84]
    [C:\KAV2007\KAVPassp.dll]  [Kingsoft Corporation, 2006, 12, 30, 271]
    [C:\KAV2007\PopSprt3.dll]  [Kingsoft Corporation, 2007, 1, 16, 45]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 1160][C:\WINDOWS\shualai.exe]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
[PID: 336][C:\WINDOWS\system32\nero.exe]  [mIRC Co. Ltd., 6.03]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\WINDOWS\system32\pdkpri.dll]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1692][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1256][C:\KAV2007\KMailMon.EXE]  [Kingsoft Corporation, 2007, 2, 25, 948]
    [C:\KAV2007\KAntiSpm.dll]  [Kingsoft Corporation, 2007, 2, 25, 129]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KAVIPC2.DLL]  [Kingsoft Corporation, 2007, 1, 15, 30]
    [C:\KAV2007\KAECall2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 7]
    [C:\KAV2007\KAEPlat.DLL]  [Kingsoft Corp., 2007, 2, 4, 61]
    [C:\KAV2007\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\KAV2007\KAEUnpack.DAT]  [Kingsoft Corp., 2007, 3, 12, 114]
    [C:\KAV2007\KAConfig.DLL]  [Kingsoft Corporation, 2007, 1, 11, 41]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1352][C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe]  [Google Inc., 1, 2, 1128, 5462]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\res_zh-CN.dll]  [Google Inc., 1, 2, 1128, 5462]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg.dll]  [Google Inc., 1, 2, 1128, 5462]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd.,

[PID: 1824][C:\KAV2007\KPFW32.EXE]  [Kingsoft Corporation, 2007, 2, 2, 687]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\KAV2007\KAVIPC2.DLL]  [Kingsoft Corporation, 2007, 1, 15, 30]
    [C:\KAV2007\KAConfig.DLL]  [Kingsoft Corporation, 2007, 1, 11, 41]
    [C:\KAV2007\FiltList.dll]  [N/A, ]
    [C:\KAV2007\KAVPassp.DLL]  [Kingsoft Corporation, 2006, 12, 30, 271]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
[PID: 2316][C:\Progra~1\Eset\1explore.exe]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3524][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1204][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\KAV2007\KAVAFish.DLL]  [Kingsoft Corporation, 2006, 10, 25, 27]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\KAV2007\KAScript.DLL]  [Kingsoft Corporation, 2007, 3, 6, 75]
    [C:\KAV2007\KAEPlat.DLL]  [Kingsoft Corp., 2007, 2, 4, 61]
    [C:\KAV2007\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\KAV2007\KAEUnpack.DAT]  [Kingsoft Corp., 2007, 3, 12, 114]
    [C:\WINDOWS\HKNTDLL.dll]  [N/A, ]
    [C:\KAV2007\Flash.OCX]  [Macromedia, Inc., 7,0,19,0]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
[PID: 3920][E:\WEB\web迅雷\WebThunder.exe]  [深圳市迅雷网络技术有限公司, 1, 7, 2, 107]
    [E:\WEB\web迅雷\taskmanage.dll]  [Thunder Networking Technologies,LTD, 1, 7, 2, 107]
    [E:\WEB\web迅雷\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 14, 2, 79]
    [E:\WEB\web迅雷\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [E:\WEB\web迅雷\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 14, 2, 79]
    [E:\WEB\web迅雷\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 13, 4, 58]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [E:\WEB\web迅雷\historyinfo_manage.dll]  [Thunder Networking Technologies,LTD, 5, 3, 0, 228]
    [E:\WEB\web迅雷\iEmbedShell.dll]  [　, 1, 0, 0, 17]
    [E:\WEB\web迅雷\iEmbed09.dll]  [　, 3, 3, 0, 78]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\KAV2007\KAScript.DLL]  [Kingsoft Corporation, 2007, 3, 6, 75]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
    [C:\KAV2007\Flash.OCX]  [Macromedia, Inc., 7,0,19,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\HKNTDLL.dll]  [N/A, ]
[PID: 3320][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Acrobatchs\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\KAV2007\KAVAFish.DLL]  [Kingsoft Corporation, 2006, 10, 25, 27]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
    [C:\KAV2007\KAScript.DLL]  [Kingsoft Corporation, 2007, 3, 6, 75]
    [C:\KAV2007\KAEPlat.DLL]  [Kingsoft Corp., 2007, 2, 4, 61]
    [C:\KAV2007\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\KAV2007\KAEUnpack.DAT]  [Kingsoft Corp., 2007, 3, 12, 114]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]

[PID: 3812][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]
    [C:\WINDOWS\system32\pdkpri.dll]  [N/A, ]
[PID: 2348][C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.235\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2006, 12, 21, 241]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\shualai.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\qjso0.dll]  [N/A, ]
    [C:\DOCUME~1\new\LOCALS~1\Temp\ztso0.dll]  [N/A, ]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1        localhost
127.0.0.1        popwin.9983.com
61.152.169.246    www.kuaiso.com
61.152.169.246    www.my6688.cn
61.152.169.246    www.union123.com
61.152.169.246    www.ktan.cn
61.152.169.246    www.2t2t.cn
61.152.169.246    www.cq530.com
61.152.169.246    www.365tc.com
61.152.169.246    ad.qucha.net
61.152.169.246    www.tan8.cn
61.152.169.246    www.itjj.net
61.152.169.246    www.start188.com
61.152.169.246    www.at58.cn
61.152.169.246    union.yxad.com
61.152.169.246    www.iptan.com
61.152.169.246    www.ip2008.net
61.152.169.246    www.yqif.com
61.152.169.246    www.2t2t.cn
61.152.169.246    www.17tan8.com
61.152.169.246    17tan8.com
61.152.169.246    www.688ip.com
61.152.169.246    www.17tc.com
61.152.169.246    www.zztan.com
61.152.169.246    www.5tanip.com
61.152.169.246    www.16tc.com
61.152.169.246    www.163se.net
61.152.169.246    www.724tc.com
61.152.169.246    www1.6tan.com
61.152.169.246    www2.6tan.com
61.152.169.246    www.6tan.com
61.152.169.246    quxiuu.com
61.152.169.246    www.quxiuu.com
61.152.169.246    www.23b.cn
61.152.169.246    www.ookkw.com
61.152.169.246    www.97725.com
61.152.169.246    down.97725.com
61.152.169.246    www.54699.com
61.152.169.246    web.77276.com
61.152.169.246    www.77276.com
61.152.169.246    d.77276.com
61.152.169.246    do.77276.com
61.152.169.246    i.96981.com
61.152.169.246    wm.103715.com
61.152.169.246    www.138505.com
61.152.169.246    cool.47555.com
61.152.169.246    www.437799.com
61.152.169.246    www.168080.com
61.152.169.246    w.168080.com
61.152.169.246    q.168080.com
61.152.169.246    www.baidu8.org
61.152.169.246    d.qbbd.com
61.152.169.246    w.qbbd.com
61.152.169.246    www.npjxjy.com
61.152.169.246    www.wwwlm.net
61.152.169.246    new2.jixie123.cn
61.152.169.246    www.18dmm.com
61.152.169.246    www.souxse.cn
61.152.169.246    dm1.yiall.com
61.152.169.246    www.nze21.com
61.152.169.246    www.puma163.com
61.152.169.246    www.hyap98.com
61.152.169.246    www.51liulan.cn
61.152.169.246    s.gcuj.com
61.152.169.246    long.down988.cn
61.152.169.246    x.vvcyin.com
61.152.169.246    w.vvcyin.com
61.152.169.246    cc.wzxqy.com
61.152.169.246    ip.315hack.com
61.152.169.246    ip.54liumang.com
61.152.169.246    www.41ip.com
61.152.169.246    xulao.com
61.152.169.246    www.xulao.com
61.152.169.246    www.heixiou.com
61.152.169.246    www.9cyy.com
61.152.169.246    adnx.yygou.cn
61.152.169.246    www1.cw988.cn
61.152.169.246    www2.cw988.cn
61.152.169.246    www.asdwc.com
61.152.169.246    ceoww.com
61.152.169.246    boolom.com
61.152.169.246    www.boolom.com
61.152.169.246    www.tellumore.com
61.152.169.246    www.o1wg.com
61.152.169.246    www.qq756.com
61.152.169.246    ll.chinasese.net
61.152.169.246    www.cnwangmeng.cn
61.152.169.246    0.82211.net
61.152.169.246    rising.whatthishome.com
61.152.169.246    www.canqiou.com
61.152.169.246    www.if56.cn
61.152.169.246    woai777.com
61.152.169.246    www.cz-kc.com
61.152.169.246    www.f1ash8.net
61.152.169.246    new.hackpp.com
61.152.169.246    ad.taoip.cn
61.152.169.246    www.game53.com
61.152.169.246    up.boolom.com
61.152.169.246    t.gcuj.com
61.152.169.246    w.zpx520.com
61.152.169.246    www.08325.cn
61.152.169.246    d.fangni.net
61.152.169.246    psxiaokan1.mei7.com
61.152.169.246    jd.54liumang.com
61.152.169.246    www.ipvip.info
61.152.169.246    www.tao168188.com

==================================
API HOOK
入口点错误：LoadLibraryExW (危险等级: 一般,  被下面模块所HOOK: C:\KAV2007\KASocket.dll)

==================================
隐藏进程
N/A

==================================


[/CODE]