【求助】还是关于QQ空间的 bbs.ikaka.com

小哇咿 - 2007-7-2 1:09:00

打开QQ空间一会时间后,空就转到了这个http://www.163888.net/pp/网页上.现我已用你们提供的工具扫描了,请帮忙看看,还请看一下还有其他什么病毒不.谢谢...内容如下:
2007-07-02,00:30:25

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<KavStart><"C:\KAV2007\KAVStart.exe" -startup> [Kingsoft Corporation]
<TCmem><C:\Program Files\NS_TOOLS\js\TCmem\TCmem.exe> [天才梦工作室 www.tcmeng.com]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\Userinit.exe> [(Verified)Microsoft Corporation]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<KavStart><; "C:\KAV2007\KAVStart.exe" -startup> [Kingsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
<Load><; > [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [NVIDIA Corporation]
<nwiz><; nwiz.exe /install> [N/A]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
<"C:\KAV2007\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
<C:\KAV2007\KWatch.EXE><Kingsoft Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[P4P Service / P4P Service][Running/Auto Start]
<C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>
[VnetSecurityService 互联星空安全服务 / VnetSecurityService][Running/Auto Start]
<C:\Program Files\VnetComp\vnetsecsvc.exe><中国电信股份有限公司>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\adpu160m.sys><N/A>
[ADPU320 / ADPU320][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[AEC6210 / AEC6210][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aec6210.sys><ACARD Technology Corp.>
[AEC6260 / AEC6260][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aec6260.sys><ACARD Technology Corp.>
[AEC6280 / AEC6280][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aec6280.sys><ACARD Technology Corp.>
[AEC67160 / AEC67160][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aec67160.sys><ACARD Technology Corp.>
[AEC671X / AEC671X][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\AEC671X.sys><ACARD Technology Corp.>
[AEC68X5 / AEC68X5][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aec68x5.sys><ACARD Technology Corp.>

小哇咿 - 2007-7-2 1:25:00

[[aic78u2 / aic78u2][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aic78u2.sys><N/A>
[aic78xx / aic78xx][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\aic78xx.sys><N/A>
[amsint / amsint][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\amsint.sys><N/A>
[asc / asc][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\asc.sys><N/A>
[BUSLOGIC / BUSLOGIC][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\buslogic.sys><Microsoft Corporation>
[CmdIde / CmdIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[CSB6IDE / CSB6IDE][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\csb6ide.sys><ServerWorks Corporation>
[dac960nt / dac960nt][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\dac960nt.sys><N/A>
[DMX3191 / DMX3191][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\DMX3191.sys><Microsoft Corporation>
[DMX3194 / DMX3194][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\dmx3194.sys><Microsoft Corporation>
[DPTSCSI / DPTSCSI][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\dptscsi.sys><Distributed Processing Technology Corp.>
[FASTSX / FASTSX][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fastsx.sys><Promise Technology, Inc.>
[FASTTRAK / FASTTRAK][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fasttrak.sys><Promise Technology, Inc.>
[FASTTX2K / FASTTX2K][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[FTTXR52P / FTTXR52P][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fttxr52P.sys><Promise Technology, Inc.>
[FTTXR54P / FTTXR54P][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fttxr54P.sys><Promise Technology, Inc.>
[FTTXR5_O / FTTXR5_O][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fttxr5_O.sys><Promise Technology, Inc.>
[HPT371 / HPT371][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\HPT371.sys><HighPoint Technologies, Inc.>
[HPT374 / HPT374][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\hpt374.sys><HighPoint Technologies, Inc.>
[HPT3XX / HPT3XX][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\hpt3xx.sys><HighPoint Technologies, Inc.>
[IASTOR / IASTOR][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\iaStor.sys><Intel Corporation>
[ini910u / ini910u][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ini910u.sys><N/A>
[INIA100 / INIA100][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\INIA100.sys><Initio corp.>
[IsPubDrv / IsPubDrv][Running/System Start]
<\SystemRoot\System32\Drivers\IsPubDrv.sys><N/A>
[ITERAID / ITERAID][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\iteraid.sys><Integrated Technology Express, Inc.>
[JAHCI / JAHCI][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\JAHCI.SYS><JMicron>
[KNetWch / KNetWch][Running/System Start]
<\??\C:\KAV2007\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[M5228 / M5228][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\m5228.sys><ALi Corporation.>
[M5281 / M5281][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\m5281.sys><ALi Corporation>
[M5287 / M5287][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\m5287.sys><ULi Electronics Inc.>
[M5288 / M5288][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\m5288.sys><ULi Electronics Inc.>
[M5289 / M5289][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\m5289.sys><ULi Electronics Inc.>
[MEGAIDE / MEGAIDE][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[MSAHCI / MSAHCI][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\msahci.sys><Microsoft Corporation>
[Netgroup Packet Filter / NPF][Running/Manual Start]
<system32\drivers\npf.sys><Politecnico di Torino>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVATABUS / NVATABUS][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\NVATABUS.SYS><NVIDIA Corporation>
[NVRAID / NVRAID][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\NVRAID.SYS><NVIDIA Corporation>
[oreans32 / oreans32][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[PNP649R / PNP649R][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\pnp649r.sys><CMD Technology, Inc.>
[PNP680 / PNP680][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\pnp680.sys><Silicon Image, Inc.>
[PNP680R / PNP680R][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\pnp680r.sys><Silicon Image, Inc>
[Microsoft IntelliPoint Filter Driver / Point32][Stopped/Manual Start]
<system32\DRIVERS\point32.sys><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ql1080.sys><N/A>
[Ql10wnt / Ql10wnt][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ql10wnt.sys><N/A>
[ql12160 / ql12160][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1240 / ql1240][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ql1240.sys><N/A>
[ql1280 / ql1280][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[S150SX8 / S150SX8][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\S150sx8.sys><Promise Technology, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[SI3112 / SI3112][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3112.sys><Silicon Image, Inc.>
[SI3112R / SI3112R][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3112r.sys><Silicon Image, Inc>
[SI3114 / SI3114][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3114.sys><Silicon Image, Inc.>
[SI3114R / SI3114R][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3114R.sys><Silicon Image, Inc>
[SI3114R5 / SI3114R5][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\Si3114r5.sys><Silicon Image, Inc>
[SI3124 / SI3124][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3124.sys><Silicon Image, Inc.>
[SI3124R / SI3124R][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3124R.sys><Silicon Image, Inc>
[SI3124R5 / SI3124R5][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\Si3124r5.sys><Silicon Image, Inc>
[SI3132 / SI3132][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SI3132.sys><Silicon Image, Inc.>
[SI3132R5 / SI3132R5][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\Si3132r5.sys><Silicon Image, Inc>
[SISRAID / SISRAID][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SiSRaid.sys><Silicon Integrated Systems>
[SISRAID2 / SISRAID2][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SiSRaid2.sys><Silicon Integrated Systems Corp>
[SISRAID4 / SISRAID4][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\SiSRaid4.sys><Silicon Integrated Systems>
[PC Camera (602a VGA) / SNPHV71][Running/Manual Start]
<system32\DRIVERS\snphv71.sys><>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[SVKP / SVKP][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\SVKP.sys><N/A>
[symc810 / symc810][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\symc810.sys><N/A>
[symc8xx / symc8xx][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\symc8xx.sys><N/A>
[SYMMPI / SYMMPI][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\symmpi.sys><LSI Logic>
[sym_hi / sym_hi][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TRM3X5 / TRM3X5][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\trm3x5.sys><Tekram Technology Co., Ltd.>
[ULSATA / ULSATA][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ulsata.sys><Promise Technology, Inc.>
[ULSATA2 / ULSATA2][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ulsata2.sys><Promise Technology, Inc.>
[ULTIMA / ULTIMA][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\Ultima.sys><Aralion INC.>
[ULTIMARX / ULTIMARX][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\UltimaRX.sys><Aralion INC.>
[ultra / ultra][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[VIAMRAID / VIAMRAID][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[W2KADV / W2KADV][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\w2kadv.sys><ConnectCom Solutions, Inc.>
[WD7296A / WD7296A][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\wd7296a.sys><Western Digital Corporation>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
浏览器加载项
[QQCycloneHelper Class]
{00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll, 腾讯公司>
[CBrowseStakeout Class]
{55302805-482E-470E-8A57-6795A1487F90} <C:\KAV2007\KAVAFish.DLL, Kingsoft Corporation>
[NavigatMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <E:\360safe\360safe\360safe\safemon\safemon.dll, >
[海啸软件大厅（泡泡西精灵）]
{3FA4FB86-E43A-11D4-B3DD-00E006E25C0B} <D:\Program Files\HXPPSP~1\HXNOTIFY.exe, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[PGEdit Class]
{2BFAA61B-5C83-4865-8281-D8BDBF863061} <C:\WINDOWS\Downloaded Program Files\PG_ATL_Edit.dll, 银联网络支付集团有限公司>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[VnetAnprIns Class]
{74447F9C-5691-4A9A-8BE4-564092E40B03} <C:\Program Files\VnetComp\anprins.dll, 中国电信股份有限公司>
[PicUploadCtrl Class]
{BF8C499A-AC6E-4F58-82EA-9E5FCC41C34B} <C:\WINDOWS\Downloaded Program Files\PicUpload.dll, Sohu.com Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[金山毒霸在线产品升级]
{E847C78C-C210-4195-8799-FBF3BF89797D} <C:\PROGRA~1\KOS\KOSInit.OCX, 金山软件股份有限公司>
[QQCycloneHelper Class]
{00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll, 腾讯公司>
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>

小哇咿 - 2007-7-2 1:28:00

[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[PGEdit Class]
{2BFAA61B-5C83-4865-8281-D8BDBF863061} <C:\WINDOWS\Downloaded Program Files\PG_ATL_Edit.dll, 银联网络支付集团有限公司>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[CBrowseStakeout Class]
{55302805-482E-470E-8A57-6795A1487F90} <C:\KAV2007\KAVAFish.DLL, Kingsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VnetAnprIns Class]
{74447F9C-5691-4A9A-8BE4-564092E40B03} <C:\Program Files\VnetComp\anprins.dll, 中国电信股份有限公司>
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <E:\360safe\360safe\360safe\live.dll, 360safe.com>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[NavigatMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <E:\360safe\360safe\360safe\safemon\safemon.dll, >
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[PicUploadCtrl Class]
{BF8C499A-AC6E-4F58-82EA-9E5FCC41C34B} <C:\WINDOWS\Downloaded Program Files\PicUpload.dll, Sohu.com Inc.>
[VBBHO.MyBHO]
{C9123D9E-EA11-4535-9DF7-5DB6F91812D1} <C:\WINDOWS\system32\VBBHO.dll, HXStudio>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__WAV Moniker Class]
{CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\System32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[&使用超级旋风下载]
<C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
<C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
[&使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[金山毒霸反钓鱼...]
<C:\KAV2007\KAF\ShowSet.htm, N/A>

==================================
正在运行的进程
[PID: 536][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 592][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 632][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 676][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 688][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 832][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 904][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 968][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 996][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1036][C:\KAV2007\KWatch.EXE] [Kingsoft Corporation, 2007, 2, 12, 84]
[C:\KAV2007\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\KAV2007\KAEPlat.DLL] [Kingsoft Corp., 2007, 2, 4, 61]
[C:\KAV2007\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[C:\KAV2007\KAEUnpack.DAT] [Kingsoft Corp., 2007, 6, 7, 122]
[C:\KAV2007\KAVQuara.DLL] [Kingsoft Corporation, 2007, 1, 25, 1]
[PID: 1108][C:\KAV2007\KPfwSvc.EXE] [Kingsoft Corporation, 2007, 2, 2, 31]
[PID: 1136][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.9131]
[PID: 1164][C:\Program Files\Common Files\Sogou PXP\p2psvr.exe] [Sohu.com Inc., 2, 0, 0, 20]
[C:\Program Files\P4P\p4pipc.dll] [Sohu.com Inc., 1, 0, 0, 11]
[PID: 1184][C:\Program Files\VnetComp\vnetsecsvc.exe] [中国电信股份有限公司, 1, 0, 0, 1]
[C:\Program Files\VnetComp\secplgmod.dll] [中国电信股份有限公司, 1, 0, 0, 5]
[PID: 1460][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.9131]
[C:\WINDOWS\system32\nvshell.dll] [N/A, N/A]
[E:\360safe\360safe\360safe\safemon\safemon.dll] [, 3, 4, 0, 1001]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\KAV2007\KAVEXT.DLL] [Kingsoft Corporation, 2007, 5, 11, 28]
[PID: 1664][C:\KAV2007\KAVStart.exe] [Kingsoft Corporation, 2007, 5, 9, 272]
[C:\KAV2007\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\KAV2007\SvcTimer.DLL] [Kingsoft Corporation, 2006.12.22.84]
[C:\KAV2007\KAVPassp.dll] [Kingsoft Corporation, 2006, 12, 30, 271]
[C:\KAV2007\PopSprt3.dll] [Kingsoft Corporation, 2007, 1, 16, 45]
[C:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 1680][C:\Program Files\NS_TOOLS\js\TCmem\TCmem.exe] [天才梦工作室 www.tcmeng.com, 2.00]
[C:\Program Files\NS_TOOLS\js\TCmem\TCBar.ocx] [SOTECH, 1.00]
[C:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[PID: 1716][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 1812][C:\KAV2007\KMailMon.EXE] [Kingsoft Corporation, 2007, 2, 25, 948]
[C:\KAV2007\KAntiSpm.dll] [Kingsoft Corporation, 2007, 2, 25, 129]
[C:\KAV2007\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\KAV2007\KAECall2.DLL] [Kingsoft Corporation, 2004, 12, 28, 7]
[C:\KAV2007\KAEPlat.DLL] [Kingsoft Corp., 2007, 2, 4, 61]
[C:\KAV2007\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[C:\KAV2007\KAEUnpack.DAT] [Kingsoft Corp., 2007, 6, 7, 122]
[C:\KAV2007\KAConfig.DLL] [Kingsoft Corporation, 2007, 1, 11, 41]
[C:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[PID: 1884][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 412][C:\Program Files\ChinaNet\VnetClient.exe] [, 2007, 4, 16, 8]
[C:\Program Files\ChinaNet\Communicate.dll] [GDCN, 2006, 2, 15, 1]
[C:\Program Files\ChinaNet\DialModule.dll] [GDCN, 2007, 4, 4, 16]
[C:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\PROGRA~1\ChinaNet\CLIENT~1.DLL] [, 2004, 2, 28, 1]
[C:\PROGRA~1\ChinaNet\PLUGIN~1.OCX] [, 2006, 6, 2, 14]
[C:\PROGRA~1\ChinaNet\sign.dll] [0, 2004, 12, 1, 1]
[C:\PROGRA~1\ChinaNet\WEBPLU~1.DLL] [, 2005, 8, 18, 1]
[C:\Program Files\ChinaNet\SysPlug\93d07ada-d3ac-485a-85eb-12ca3cee8375\Vnetsafe114.DLL] [, 1, 0, 0, 1]
[C:\PROGRA~1\ChinaNet\ADVERT~1.OCX] [, 2007, 3, 28, 16]
[C:\PROGRA~1\ChinaNet\VnetBs.ocx] [, 2004, 11, 18, 1]
[C:\PROGRA~1\ChinaNet\VnetSkin.ocx] [GDDC, 2006, 9, 6, 15]
[C:\PROGRA~1\ChinaNet\DialogStyle.dll] [, 1, 0, 0, 1]
[C:\PROGRA~1\ChinaNet\BDSearch.ocx] [gdcn, 2007, 4, 16, 8]
[C:\PROGRA~1\ChinaNet\PageFram.ocx] [Workgroup, 2007, 4, 11, 14]
[C:\PROGRA~1\ChinaNet\ACCOUN~1.OCX] [Workgroup, 2006, 10, 31, 16]
[C:\PROGRA~1\ChinaNet\AccountMgr.dll] [, 2006, 10, 30, 16]
[C:\PROGRA~1\ChinaNet\Gif89a.dll] [, 2005, 6, 21, 1]
[C:\PROGRA~1\ChinaNet\NOTIFY~1.OCX] [Workgroup, 2006, 9, 15, 16]
[C:\PROGRA~1\ChinaNet\IcosBar.ocx] [Workgroup, 2006, 9, 25, 9]
[C:\PROGRA~1\ChinaNet\Timer.ocx] [, 2006, 9, 8, 17]
[C:\PROGRA~1\ChinaNet\PLUGIN~2.OCX] [, 2006, 4, 4, 1]
[C:\PROGRA~1\ChinaNet\NEWMES~1.DLL] [, 2006, 9, 23, 16]
[C:\PROGRA~1\ChinaNet\PassCtrl.dll] [GDCN, 2006, 3, 1, 16]

小哇咿 - 2007-7-2 1:29:00

[C:\WINDOWS\system32\wpcap.dll] [Politecnico di Torino, 3, 0, 0, 18]
[C:\WINDOWS\system32\pthreadVC.dll] [N/A, N/A]
[C:\WINDOWS\system32\packet.dll] [Politecnico di Torino, 3, 0, 0, 18]
[C:\PROGRA~1\ChinaNet\PlugPush.dll] [, 2004, 12, 21, 1]
[C:\PROGRA~1\ChinaNet\ALLINT~1.DLL] [, 2006, 11, 20, 11]
[C:\PROGRA~1\ChinaNet\VNETLO~1.OCX] [, 2005, 10, 9, 1]
[C:\PROGRA~1\ChinaNet\StatNum.dll] [, 2006, 3, 1, 1]
[C:\PROGRA~1\ChinaNet\VNETON~1.OCX] [, 2005, 3, 2, 1]
[C:\PROGRA~1\ChinaNet\ALLFUN~1.DLL] [GDCN, 2006, 10, 31, 10]
[C:\PROGRA~1\ChinaNet\VnetOptLog.dll] [ , 2006, 9, 18, 10]
[C:\PROGRA~1\ChinaNet\Favorite.ocx] [, 2006, 12, 26, 10]
[C:\PROGRA~1\ChinaNet\VNETSE~1.OCX] [, 2006, 10, 31, 16]
[C:\KAV2007\KAScript.DLL] [Kingsoft Corporation, 2007, 3, 6, 75]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\Program Files\ChinaNet\Base64.dll] [N/A, N/A]
[PID: 1756][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll] [腾讯公司, 1, 1, 0, 5]
[C:\KAV2007\KAVAFish.DLL] [Kingsoft Corporation, 2006, 10, 25, 27]
[E:\360safe\360safe\360safe\safemon\safemon.dll] [, 3, 4, 0, 1001]
[C:\KAV2007\KAScript.DLL] [Kingsoft Corporation, 2007, 3, 6, 75]
[C:\KAV2007\KAEPlat.DLL] [Kingsoft Corp., 2007, 2, 4, 61]
[C:\KAV2007\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[C:\KAV2007\KAEUnpack.DAT] [Kingsoft Corp., 2007, 6, 7, 122]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\WINABCX.IME] [PKUETI, 5.22.216]
[PID: 308][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll] [腾讯公司, 1, 1, 0, 5]
[C:\KAV2007\KAVAFish.DLL] [Kingsoft Corporation, 2006, 10, 25, 27]
[E:\360safe\360safe\360safe\safemon\safemon.dll] [, 3, 4, 0, 1001]
[C:\KAV2007\KAScript.DLL] [Kingsoft Corporation, 2007, 3, 6, 75]
[C:\KAV2007\KAEPlat.DLL] [Kingsoft Corp., 2007, 2, 4, 61]
[C:\KAV2007\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[C:\KAV2007\KAEUnpack.DAT] [Kingsoft Corp., 2007, 6, 7, 122]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[E:\360safe\360safe\360safe\live.dll] [360safe.com, 1, 0, 1, 1015]
[PID: 252][E:\sreng2\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\KAV2007\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\KAV2007\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]

==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP Error. [winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================
API HOOK
警告！System Repair Engineer 提醒
你下面的函数内容与预期值不符，他
们可能被一些恶意的软件所修改：
入口点错误：LoadLibraryExW

==================================

瑞星卡卡安全论坛