[code]2008-05-04,17:04:41
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <KANGUI.EXE><"C:\KavNet\KANGUI.EXE" -s>  [Kingsoft Corporation]
    <360Safetray><; C:\Documents and Settings\000\桌面\360安全卫士\safemon\360Tray.exe /start>  [奇虎网]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <SoundMAX><; "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <SoundMAXPnP><; C:\Program Files\Analog Devices\Core\smax4pnp.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\UserInit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
==================================
启动文件夹
N/A
==================================
服务
[Human Intexxxce Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Antivirus Net Communication / KANetCommService][Running/Disabled]
  <C:\KavNet\KANSvr.EXE><Kingsoft Corporation>
[Qycx Manager Service / qwpmService][Running/Disabled]
  <"C:\Program Files\qycx\qwm\\bin\qWPMgr.exe"><N/A>
[Qycx Network Agent / Qycx Network Agent][Running/Auto Start]
  <"C:\WINDOWS\system32\qwmSvr.EXE"><>
[UfAutoLoadService / UfAutoLoadService][Running/Disabled]
  <C:\WINDOWS\system32\UfAutoLoadService.exe><>
[UfMsgGhost / UfMsgGhost][Stopped/Disabled]
  <C:\WINDOWS\system32\MsgGhost.exe><>
[U8AuthServer / UFNet][Running/Disabled]
  <C:\WINDOWS\system32\ServerNT.exe><N/A>
==================================
驱动程序
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
  <system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[AEAudio Service / AEAudioService][Running/Manual Start]
  <system32\drivers\AEAudio.sys><Andrea Electronics Corporation>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Stopped/Manual Start]
  <system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Kingsoft AntiARP NIDS Driver / KAntiarp][Running/Manual Start]
  <system32\DRIVERS\kantiarp.sys><Kingsoft Corporation>
[KAVBootC / KAVBootC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[KAVSafe / KAVSafe][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
[KWatch / KWatch][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\KWatch.Sys><Kingsoft Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[S3GIGP / S3GIGP][Running/Manual Start]
  <system32\DRIVERS\S3gIGPm.sys><S3 Graphics Co., Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SenFilt Service / SenFiltService][Running/Manual Start]
  <system32\drivers\Senfilt.sys><Sensaura>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
==================================
浏览器加载项
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\Program Files\Holdfast\Platform\GameClient.exe, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[GerneralPeerID Class]
  {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\peerid.dll, >
[FG2CatchUrl]
  {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <d:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll, FlashGet>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin15.dll, Thunder Networking Technologies,LTD>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Documents and Settings\000\桌面\360安全卫士\live.dll, 360.cn>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Thunder DapCtrl]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.1.6.5710.37.219.dll, ShenZhen Thunder Networking Technologies Ltd.>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SetupAct Class]
  {B18ED293-6C4D-4B74-9598-E2C9543AEA02} <C:\Program Files\Common Files\Kingsoft\SetupActiveX.dll, kingsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.44.68.202.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[FG2CatchUrl]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B525} <d:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll, FlashGet>
[&使用快车(FlashGet)下载]
  <D:\Program Files\FlashGet Network\Flashget\ComDlls\Bholink.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
  <D:\Program Files\FlashGet Network\Flashget\ComDlls\Bhoall.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <d:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
==================================

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)

正在运行的进程
[PID: 776 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 824 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 848 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\imaadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msg711.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msgsm32.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\msg723.acm]  [Microsoft Corporation, 4.4.3400]
    [C:\WINDOWS\system32\msaud32.acm]  [Microsoft Corporation, 8.00.00.4487]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\WINDOWS\system32\vorbis.acm]  [HMS http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]

[PID: 892 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 904 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1076 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\winmn3.dll]  [N/A, ]
[PID: 1164 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1276 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1384 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1468 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1600 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
[PID: 1928 / 000][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\KavNet\KASocket.dll]  [Kingsoft Corporation, 2006, 3, 17, 235]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 17]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\KavNet\KANRMenu.DLL]  [, 2005, 3, 30, 5]
    [C:\WINDOWS\system32\imaadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msg711.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msgsm32.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\msg723.acm]  [Microsoft Corporation, 4.4.3400]
    [C:\WINDOWS\system32\msaud32.acm]  [Microsoft Corporation, 8.00.00.4487]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\WINDOWS\system32\vorbis.acm]  [HMS http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 2004 / 000][C:\Program Files\Analog Devices\Core\smax4pnp.exe]  [Analog Devices, Inc., 6, 0, 0, 20]
    [C:\Program Files\Analog Devices\Core\SMWDMIF.dll]  [Analog Devices, Inc., 6, 0, 4000, 014]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
[PID: 2012 / 000][C:\Program Files\Analog Devices\SoundMAX\Smax4.exe]  [Analog Devices, Inc., 5, 2, 0, 11]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
[PID: 2028 / 000][C:\Documents and Settings\000\桌面\360安全卫士\safemon\360Tray.exe]  [奇虎网, 4, 1, 0, 1004]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\SafeKrnl.dll]  [奇虎网, 4, 1, 0, 1001]
    [C:\Documents and Settings\000\桌面\360安全卫士\AntiAdwa.dll]  [360Safe.com, 4, 1, 0, 1001]
    [C:\Documents and Settings\000\桌面\360安全卫士\live.dll]  [360.cn, 1, 0, 1, 1027]
    [C:\KavNet\KASocket.dll]  [Kingsoft Corporation, 2006, 3, 17, 235]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
[PID: 2040 / 000][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
[PID: 308 / SYSTEM][C:\WINDOWS\system32\inetsrv\inetinfo.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[PID: 328 / SYSTEM][C:\KavNet\KANSvr.EXE]  [Kingsoft Corporation, 2006, 7, 10, 58]
    [C:\KavNet\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [C:\KavNet\dump.dll]  [Kingsoft Co. Ltd., 2007, 7, 25, 10]
    [C:\KavNet\KANSvr.DLL]  [kingsoft, 2005, 9, 30, 7]
    [C:\KavNet\StartKSCE.DLL]  [, 2006, 1, 17, 13]
    [C:\KavNet\KSCESendMsgManage.DLL]  [Kingsoft Corporation, 2006, 2, 16, 11]
    [C:\KavNet\KSCEEssentialModules.DLL]  [, 2005, 8, 18, 5]
    [C:\KavNet\CRecvMsgManage.DLL]  [, 2006, 1, 22, 6]
    [C:\KavNet\KSCEEventSystem.DLL]  [Kingsoft Corporation, 2006, 3, 6, 7]
    [C:\KavNet\KANVirusLogLogicModule.DLL]  [Kingsoft Corporation, 2006, 12, 29, 11]
    [C:\KavNet\CKSCEStream.DLL]  [, 2006, 1, 21, 4]
    [C:\KavNet\BaseModule.DLL]  [, 2007, 4, 25, 29]
    [C:\KavNet\WatchModule.DLL]  [Kingsoft Corporation, 2007, 7, 26, 21]
    [C:\KavNet\KWatchFn2.DLL]  [Kingsoft Corporation, 2007, 7, 31, 103]
    [C:\KavNet\KPluginInteractive.DLL]  [Kingsoft Corp., 2005, 5, 11, 3]
    [C:\KavNet\NetCommunication.DLL]  [, 2007, 8, 8, 137]
    [C:\KavNet\KANCMain.DLL]  [Kingsoft Corporation, 2007, 10, 12, 52]
    [C:\KavNet\KANSAComm.dll]  [kingsoft, 2007, 7, 17, 12]
    [C:\KavNet\RPCRecvMsg.DLL]  [kingsoft, 2006, 5, 19, 9]
    [C:\KavNet\CKSCEDECodeMsg.DLL]  [, 2005, 3, 23, 5]
    [C:\KavNet\KAVTimer.DLL]  [N/A, ]
    [C:\KavNet\KAEPlat.DLL]  [Kingsoft Corp., 2007, 6, 19, 64]
    [C:\KavNet\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\KavNet\KAEUnpack.DAT]  [Kingsoft Corporation, 2008,03,13,209]
    [C:\KavNet\KAVUtils.dll]  [Kingsoft Corp, 2004, 2, 12, 69]
    [C:\KavNet\MFC42.DLL]  [Microsoft Corporation, 6.00.8168.0]
    [C:\KavNet\KAVFilter.DLL]  [kingsoft, 2005, 4, 13, 5]
    [C:\KavNet\KANCFUN.DLL]  [kingsoft, 2006, 12, 29, 10]
    [C:\KavNet\KANSelectIP.DLL]  [Kingsoft Corporation, 2006, 11, 2, 6]
[PID: 492 / SYSTEM][C:\Program Files\qycx\qwm\bin\qWPMgr.exe]  [N/A, ]
[PID: 528 / SYSTEM][C:\WINDOWS\system32\qwmSvr.EXE]  [ , 1, 0, 0, 1]
    [C:\WINDOWS\system32\winmn3.dll]  [N/A, ]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
[PID: 536 / SYSTEM][C:\Program Files\qycx\qwm\bin\qnmScheduler.exe]  [, 1, 0, 0, 1]
    [C:\Program Files\qycx\qwm\bin\schedulerHelp.dll]  [N/A, ]
[PID: 544 / SYSTEM][C:\Program Files\qycx\qwm\bin\qyMcDaemon.exe]  [, 1, 0, 0, 1]
    [C:\Program Files\qycx\qwm\bin\qyMcHelp.dll]  [N/A, ]
    [C:\Program Files\qycx\qwm\bin\netMc2Module.dll]  [, 1, 0, 0, 1]
[PID: 556 / SYSTEM][C:\Program Files\qycx\qwm\bin\qnmResp.exe]  [, 1, 0, 0, 1]
    [C:\Program Files\qycx\qwm\bin\qyMcHelp.dll]  [N/A, ]
    [C:\Program Files\qycx\qwm\bin\netMc2Module.dll]  [, 1, 0, 0, 1]
[PID: 792 / 000][C:\KavNet\KANGUI.EXE]  [Kingsoft Corporation, 2007, 9, 4, 178]
    [C:\KavNet\dump.dll]  [Kingsoft Co. Ltd., 2007, 7, 25, 10]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\KavNet\KASocket.dll]  [Kingsoft Corporation, 2006, 3, 17, 235]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
    [C:\KavNet\KSCESendMsgManage.DLL]  [Kingsoft Corporation, 2006, 2, 16, 11]
    [C:\KavNet\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [C:\KavNet\KSCEEssentialModules.DLL]  [, 2005, 8, 18, 5]
    [C:\KavNet\CRecvMsgManage.DLL]  [, 2006, 1, 22, 6]
    [C:\KavNet\CKSCEStream.DLL]  [, 2006, 1, 21, 4]
    [C:\KavNet\CKSCEDECodeMsg.DLL]  [, 2005, 3, 23, 5]
    [C:\KavNet\RPCRecvMsg.DLL]  [kingsoft, 2006, 5, 19, 9]
[PID: 812 / SYSTEM][C:\KavNet\KMailMon.exe]  [Kingsoft Corporation, 2007, 8, 16, 967]
    [C:\KavNet\KAntiSpm.dll]  [Kingsoft Corporation, 2007, 3, 7, 130]
    [C:\KavNet\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\KavNet\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KavNet\KANCMail.dll]  [kingsoft, 2007, 4, 25, 13]
    [C:\KavNet\KSCESendMsgManage.DLL]  [Kingsoft Corporation, 2006, 2, 16, 11]
    [C:\KavNet\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [C:\KavNet\KSCEEssentialModules.DLL]  [, 2005, 8, 18, 5]
    [C:\KavNet\CRecvMsgManage.DLL]  [, 2006, 1, 22, 6]
    [C:\KavNet\CKSCEStream.DLL]  [, 2006, 1, 21, 4]
    [C:\KavNet\CKSCEDECodeMsg.DLL]  [, 2005, 3, 23, 5]
    [C:\KavNet\RPCRecvMsg.DLL]  [kingsoft, 2006, 5, 19, 9]
    [C:\KavNet\KAVIPC2.DLL]  [Kingsoft Corporation, 2006, 8, 18, 25]
    [C:\KavNet\KAECall2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 7]
    [C:\KavNet\KAEPlat.DLL]  [Kingsoft Corp., 2007, 6, 19, 64]
    [C:\KavNet\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\KavNet\KAEUnpack.DAT]  [Kingsoft Corporation, 2008,03,13,209]
    [C:\KavNet\KASocket.dll]  [Kingsoft Corporation, 2006, 3, 17, 235]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
[PID: 1208 / SYSTEM][C:\WINDOWS\system32\ServerNT.exe]  [N/A, ]
    [C:\WINDOWS\system32\UMiscell.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\M80SGV.dll]  [, 8, 2, 0, 0]
    [C:\WINDOWS\system32\SecuComm.dll]  [N/A, ]
[PID: 1856 / 000][C:\WINDOWS\system32\qwmSvr.EXE]  [ , 1, 0, 0, 1]
    [C:\WINDOWS\system32\winmn3.dll]  [N/A, ]
[PID: 460 / SYSTEM][C:\WINDOWS\system32\UfAutoLoadService.exe]  [, 1, 0, 0, 1]
[PID: 2932 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2244 / 000][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 17]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]

[C:\WINDOWS\system32\imaadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msg711.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msgsm32.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\msg723.acm]  [Microsoft Corporation, 4.4.3400]
    [C:\WINDOWS\system32\msaud32.acm]  [Microsoft Corporation, 8.00.00.4487]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\WINDOWS\system32\vorbis.acm]  [HMS http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]
    [C:\WINDOWS\system32\WINWB86.IME]  [Microsoft Corporation, 5.00.2000.3]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 4, 23]
[PID: 2528 / 000][C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.7.7.441]
    [C:\Program Files\Thunder Network\Thunder\Program\BugReport.dll]  [迅雷网络, 1, 0, 1, 4]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 1, 56]
    [C:\Program Files\Thunder Network\Thunder\Program\download_intexxxce.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [C:\Program Files\Thunder Network\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder Network\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [C:\Program Files\Thunder Network\Thunder\Program\streammedialib.dll]  [, 1, 3, 2, 124]
    [C:\Program Files\Thunder Network\Thunder\Program\al.dll]  [, 1, 0, 1, 3]
    [C:\Program Files\Thunder Network\Thunder\Program\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 6]
    [C:\Program Files\Thunder Network\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
    [C:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 8, 26]
    [C:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 3, 34]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\imaadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msg711.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msgsm32.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\msg723.acm]  [Microsoft Corporation, 4.4.3400]
    [C:\WINDOWS\system32\msaud32.acm]  [Microsoft Corporation, 8.00.00.4487]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\WINDOWS\system32\vorbis.acm]  [HMS http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 2, 24]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed15.dll]  [Thunder Networking Technologies,LTD, 3, 4, 6, 99]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\PlayerHelper.dll]  [thunder, 1, 1, 4, 37]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\XLNet.dll]  [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\XLIPC.DLL]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [C:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 5, 70]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
    [C:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 5, 0, 16]
    [C:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
    [C:\Program Files\Thunder Network\Thunder\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Thunder Network\Thunder\Components\Security\ThunderSafe.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 71]
    [C:\Program Files\Thunder Network\Thunder\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Thunder Network\Thunder\Components\Security\XLSafeUI.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 71]
    [C:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 6, 20]
    [C:\Program Files\Thunder Network\Thunder\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 2, 2, 22]
    [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\XLSafeHost.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 57]
    [C:\Program Files\Thunder Network\Thunder\Plugins\KanKanTop\KanKanTop.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
    [C:\Program Files\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 16]
    [C:\Program Files\Thunder Network\Thunder\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 11, 106]
    [C:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VPSHELL.dll]  [迅雷网络, 3, 0, 1, 33]
    [C:\Program Files\Thunder Network\Thunder\Components\UserExperience\UserExperience.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsXlCom.dll]  [, 1, 0, 0, 29]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\MediaWorker.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 22]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Thunder Network\Thunder\Components\Tips\XLIPC.DLL]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [C:\Program Files\Thunder Network\Thunder\Components\DownloadStat\DownloadStat.dll]  [深圳市迅雷网络技术有限公司, 1, 3, 1, 4]
[PID: 2220 / 000][C:\Documents and Settings\000\桌面\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\Documents and Settings\000\桌面\360安全卫士\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\qwmHelp.dll]  [N/A, ]
    [C:\Documents and Settings\000\桌面\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1  yu.8s7.net
127.0.0.1  1.jopanqc.com
127.0.0.1  2.joppnqq.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  xxx.m111.biz
127.0.0.1  1.jopenqc.com
127.0.0.1  1.jopenkk.com
127.0.0.1  xxx.vh7.biz
127.0.0.1  xxx.j41m.com
127.0.0.1  3.joppnqq.com
127.0.0.1  d.93se.com
127.0.0.1  www.868wg.com
127.0.0.1  xxx.mmma.biz
127.0.0.1  ilove.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  www.tomwg.com
127.0.0.1  www.cike007.cn
127.0.0.1  www.22aaa.com
127.0.0.1  xx.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
127.0.0.1  1.jopmmqq.com
127.0.0.1  171817.171817.com
127.0.0.1  d2.llsging.com
127.0.0.1  down.malasc.cn
127.0.0.1  llboss.com
127.0.0.1  nx.51ylb.cn
127.0.0.1  my.531jx.cn
127.0.0.1  qqq.dzydhx.com
127.0.0.1  qqq.hao1658.com
127.0.0.1  www.333292.com
127.0.0.1  down.18dd.net
127.0.0.1  up.22x44.com
127.0.0.1  aaa.faba01.com
127.0.0.1  bad.tqdlt.cn
127.0.0.1  1.chsipo.com
127.0.0.1  c3.aishangai.net
127.0.0.1  c2.aishangai.net
127.0.0.1  xxx.188dm.com
127.0.0.1  x2.1a2b3c1.com
127.0.0.1  d1.163500.net
127.0.0.1  down.google-serv.cn
==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 2012, C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2028, C:\DOCUMENTS AND SETTINGS\000\桌面\360安全卫士\SAFEMON\360TRAY.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 528, C:\WINDOWS\SYSTEM32\QWMSVR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 792, C:\KAVNET\KANGUI.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1208, C:\WINDOWS\SYSTEM32\SERVERNT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1856, C:\WINDOWS\SYSTEM32\QWMSVR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2528, C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\THUNDER5.EXE]
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================[/code]