用卡卡，sreng修复后一会又回来了．hao123上不去，其他正常．用卡卡，sreng修复后一会又回来了．hao123上不去，其他正常．
Logfile of HijackThis v1.99.1
Scan saved at 10:32:24, on 2006-11-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\KAV2007\KWatch.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\KAV2007\KAVStart.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\KAV2007\KPFW32.EXE
D:\ranjian\hijackthis_16091\HijackThis.exe
C:\KAV2007\KMailMon.EXE
C:\KAV2007\KPfwSvc.EXE
C:\Program Files\Tencent\TT\TTraveler.exe
D:\ranjian\hijackthis_16091\HijackThis.exe

O1 - Hosts: 61.141.31.11 www.kzdh.com
O1 - Hosts: 61.141.31.11 www.7255.com
O1 - Hosts: 61.141.31.11 www.7322.com
O1 - Hosts: 61.141.31.11 www.7939.com
O1 - Hosts: 61.141.31.11 www.piaoxue.com
O1 - Hosts: 61.141.31.11 www.feixu.net
O1 - Hosts: 61.141.31.11 www.6781.com
O1 - Hosts: 61.141.31.11 www.7b.com.cn
O1 - Hosts: 61.141.31.11 7b.com.cn
O1 - Hosts: 61.141.31.11 www.918188.com
O1 - Hosts: 61.141.31.11 hao.allxue.com
O1 - Hosts: 61.141.31.11 good.allxue.com
O1 - Hosts: 61.141.31.11 baby.allxue.com
O1 - Hosts: 61.141.31.11 www.allxue.com
O1 - Hosts: 61.141.31.11 about.lank.la
O1 - Hosts: 61.141.31.11 www.x114x.com
O1 - Hosts: 61.141.31.11 www.37ss.com
O1 - Hosts: 61.141.31.11 www.7k.cc
O1 - Hosts: 61.141.31.11 www.73ss.com
O1 - Hosts: 125.91.14.230 www.hao123.com
O1 - Hosts: 61.141.31.11 www.81915.com
O1 - Hosts: 61.141.31.11 222.88.90.22
O1 - Hosts: 61.141.31.11 www.9991.com
O1 - Hosts: 61.141.31.11 www.my123.com
O1 - Hosts: 61.141.31.11 www.haokan123.com
O1 - Hosts: 61.141.31.11 www.5566.net
O1 - Hosts: 61.141.31.11 www.gjj.cc
O1 - Hosts: 61.141.31.11 www.2345.com
O1 - Hosts: 61.141.31.11 dl.hao318.com
O1 - Hosts: 61.141.31.11 www.123wa.com
O1 - Hosts: 61.141.31.11 www.ku886.com
O1 - Hosts: 61.141.31.11 www.5icrack.com
O1 - Hosts: 61.141.31.11 www.jjol.cn
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: KAVAntiFishing - {55302805-482E-470E-8A57-6795A1487F90} - C:\KAV2007\KAVAFish.DLL
O2 - BHO: 卡卡上网安全助手 - {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} - C:\WINDOWS\system32\kakatool.dll
O2 - BHO: (no name) - {C14393E1-95FF-4DFF-9BE0-EA008D4EF930} - (no file)
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [KavStart] "C:\KAV2007\KAVStart.exe" -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KavPFW] "C:\KAV2007\KPFW32.EXE"
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: 用比特精灵下载(&B) - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D022DB9-C976-4C0F-9C0F-09455556F12F}: NameServer = 202.102.192.68 202.102.199.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{2D022DB9-C976-4C0F-9C0F-09455556F12F}: NameServer = 202.102.192.68 202.102.199.68
O23 - Service: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - C:\KAV2007\KPfwSvc.EXE
O23 - Service: Kingsoft Antivirus KWatch Service (KWatchSvc) - Kingsoft Corporation - C:\KAV2007\KWatch.EXE

在等，高手给个答复

修复：
O1 - Hosts: 61.141.31.11 www.kzdh.com
O1 - Hosts: 61.141.31.11 www.7255.com
O1 - Hosts: 61.141.31.11 www.7322.com
O1 - Hosts: 61.141.31.11 www.7939.com
O1 - Hosts: 61.141.31.11 www.piaoxue.com
O1 - Hosts: 61.141.31.11 www.feixu.net
O1 - Hosts: 61.141.31.11 www.6781.com
O1 - Hosts: 61.141.31.11 www.7b.com.cn
O1 - Hosts: 61.141.31.11 7b.com.cn
O1 - Hosts: 61.141.31.11 www.918188.com
O1 - Hosts: 61.141.31.11 hao.allxue.com
O1 - Hosts: 61.141.31.11 good.allxue.com
O1 - Hosts: 61.141.31.11 baby.allxue.com
O1 - Hosts: 61.141.31.11 www.allxue.com
O1 - Hosts: 61.141.31.11 about.lank.la
O1 - Hosts: 61.141.31.11 www.x114x.com
O1 - Hosts: 61.141.31.11 www.37ss.com
O1 - Hosts: 61.141.31.11 www.7k.cc
O1 - Hosts: 61.141.31.11 www.73ss.com
O1 - Hosts: 125.91.14.230 www.hao123.com
O1 - Hosts: 61.141.31.11 www.81915.com
O1 - Hosts: 61.141.31.11 222.88.90.22
O1 - Hosts: 61.141.31.11 www.9991.com
O1 - Hosts: 61.141.31.11 www.my123.com
O1 - Hosts: 61.141.31.11 www.haokan123.com
O1 - Hosts: 61.141.31.11 www.5566.net
O1 - Hosts: 61.141.31.11 www.gjj.cc
O1 - Hosts: 61.141.31.11 www.2345.com
O1 - Hosts: 61.141.31.11 dl.hao318.com
O1 - Hosts: 61.141.31.11 www.123wa.com
O1 - Hosts: 61.141.31.11 www.ku886.com
O1 - Hosts: 61.141.31.11 www.5icrack.com
O1 - Hosts: 61.141.31.11 www.jjol.cn
C:WINDOWS\SYSTE32\DRIVERS\ETC\下,用记事本打开HOSTS,清空,在里面写下127.0.0.1 localhost,保存!
如果未解决,扫SRENG日志贴上来.

2006-11-22,10:58:13

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <KavPFW><"C:\KAV2007\KPFW32.EXE">  [Kingsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <KavStart><"C:\KAV2007\KAVStart.exe" -startup>  [Kingsoft Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\Userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[DCOM Server Process Launcher / DcomLaunch]
  <C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Personal Firewall Service / KPfwSvc]
  <"C:\KAV2007\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc]
  <C:\KAV2007\KWatch.EXE><Kingsoft Corporation>
[Server / lanmanserver]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\srvsvc.dll><Microsoft Corporation>
[Windows Installer / MSIServer]
  <C:\WINDOWS\system32\msiexec.exe /V><Microsoft Corporation>
[Remote Procedure Call (RPC) / RpcSs]
  <C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\mspmsnsv.dll><Microsoft Corporation>

==================================
驱动程序
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HTTP / HTTP]
  <System32\Drivers\HTTP.sys><Microsoft Corporation>
[IP Network Address Translator / IpNat]
  <system32\DRIVERS\ipnat.sys><Microsoft Corporation>
[KNetWch / KNetWch]
  <\??\C:\KAV2007\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3]
  <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[MRxSmb / MRxSmb]
  <system32\DRIVERS\mrxsmb.sys><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rdbss / Rdbss]
  <system32\DRIVERS\rdbss.sys><Microsoft Corporation>
[RsAntiSpyware / RsAntiSpyware]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[S3SavageNB / S3SavageNB]
  <system32\DRIVERS\s3gnbm.sys><S3 Graphics, Inc.>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[Microcode Update Driver / Update]
  <system32\DRIVERS\update.sys><Microsoft Corporation>
[ViaIde / ViaIde]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>

==================================
浏览器加载项
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[CBrowseStakeout Class]
  {55302805-482E-470E-8A57-6795A1487F90} <C:\KAV2007\KAVAFish.DLL, Kingsoft Corporation>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\PROGRA~1\FlashGet\getflash.dll, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, FlashGet.com>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[CBrowseStakeout Class]
  {55302805-482E-470E-8A57-6795A1487F90} <C:\KAV2007\KAVAFish.DLL, Kingsoft Corporation>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\PROGRA~1\FlashGet\getflash.dll, N/A>
[Download Using &BitSpirit]
  <C:\Program Files\BitSpirit\bsurl.htm, N/A>
[使用网际快车下载]
  <C:\PROGRA~1\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\PROGRA~1\FlashGet\jc_all.htm, N/A>
[用比特精灵下载(&B)]
  <C:\Program Files\BitSpirit\bsurl.htm, N/A>

==================================

正在运行的进程
[PID: 532][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 604][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 628][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 672][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 684][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 840][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 904][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1000][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1048][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1160][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1328][C:\KAV2007\KWatch.EXE]  [Kingsoft Corporation, 2005, 9, 27, 51]
    [C:\KAV2007\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\KAV2007\KAEPlat.DLL]  [Kingsoft Corp., 2006, 8, 29, 60]
    [C:\KAV2007\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\KAV2007\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 10, 26, 69]
[PID: 1384][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1656][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\x07ah.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\drivers\tw36.sys]  [N/A, N/A]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
[PID: 1760][C:\KAV2007\KAVStart.exe]  [Kingsoft Corporation, 2006, 9, 7, 210]
    [C:\WINDOWS\system32\x07ah.dll]  [N/A, N/A]
    [C:\KAV2007\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\KAV2007\SvcTimer.DLL]  [Kingsoft Corporation, 2006.7.24.80]
    [C:\WINDOWS\system32\drivers\tw36.sys]  [N/A, N/A]
    [C:\KAV2007\PopSprt3.dll]  [Kingsoft Corporation, 2006, 9, 26, 38]
    [C:\KAV2007\KAVPassp.dll]  [Kingsoft Corporation, 2006, 9, 7, 270]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
[PID: 1768][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3536]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\WINDOWS\system32\drivers\tw36.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\x07ah.dll]  [N/A, N/A]
[PID: 1776][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\x07ah.dll]  [N/A, N/A]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\WINDOWS\system32\drivers\tw36.sys]  [N/A, N/A]
[PID: 1784][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\x07ah.dll]  [N/A, N/A]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\WINDOWS\system32\drivers\tw36.sys]  [N/A, N/A]
[PID: 1796][C:\KAV2007\KPFW32.EXE]  [Kingsoft Corporation, 2006, 11, 15, 659]
    [C:\WINDOWS\system32\x07ah.dll]  [N/A, N/A]
    [C:\KAV2007\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\WINDOWS\system32\drivers\tw36.sys]  [N/A, N/A]
    [C:\KAV2007\KAConfig.DLL]  [Kingsoft Corporation, 2006, 10, 30, 39]
    [C:\KAV2007\FiltList.dll]  [N/A, N/A]
    [C:\KAV2007\KAVPassp.DLL]  [Kingsoft Corporation, 2006, 9, 7, 270]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
[PID: 1820][C:\WINDOWS\system32\5cfm.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\drivers\tw36.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\x07ah.dll]  [N/A, N/A]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
[PID: 2008][C:\KAV2007\KMailMon.EXE]  [Kingsoft Corporation, 2006, 9, 7, 918]
    [C:\KAV2007\KAntiSpm.dll]  [Kingsoft Corporation, 2006, 8, 19, 104]
    [C:\KAV2007\KAVIPC2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 20]
    [C:\WINDOWS\system32\drivers\tw36.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\x07ah.dll]  [N/A, N/A]
    [C:\KAV2007\KAECall2.DLL]  [Kingsoft Corporation, 2004, 12, 28, 7]
    [C:\KAV2007\KAEPlat.DLL]  [Kingsoft Corp., 2006, 8, 29, 60]
    [C:\KAV2007\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\KAV2007\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 10, 26, 69]
    [C:\KAV2007\KAConfig.DLL]  [Kingsoft Corporation, 2006, 10, 30, 39]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
[PID: 1268][C:\KAV2007\KPfwSvc.EXE]  [Kingsoft Corporation, 2005, 9, 5, 28]
[PID: 1108][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3056][C:\Program Files\Tencent\TT\TTraveler.exe]  [腾讯公司, 3.1.0.261]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\WINDOWS\system32\drivers\tw36.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\x07ah.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll]  [腾讯公司, 1, 1, 0, 5]
    [C:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll]  [, 1, 0, 0, 3]
    [C:\Program Files\Tencent\TT\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 4]
    [C:\KAV2007\KAScript.DLL]  [Kingsoft Corporation, 2006, 11, 13, 70]
    [C:\KAV2007\KAEPlat.DLL]  [Kingsoft Corp., 2006, 8, 29, 60]
    [C:\KAV2007\KAEMem.DAT]  [Kingsoft, 2006, 9, 25, 16]
    [C:\KAV2007\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 10, 26, 69]
    [C:\WINDOWS\system32\macromed\flash\Flash.ocx]  [Macromedia, Inc., 7,0,19,0]
[PID: 2428][D:\新建文件夹 (3)\sreng2\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 9, 7, 132]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2005, 2, 22, 233]
    [C:\WINDOWS\system32\drivers\tw36.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\x07ah.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
61.141.31.11 www.kzdh.com
61.141.31.11 www.7255.com
61.141.31.11 www.7322.com
61.141.31.11 www.7939.com
61.141.31.11 www.piaoxue.com
61.141.31.11 www.feixu.net
61.141.31.11 www.6781.com
61.141.31.11 www.7b.com.cn
61.141.31.11 7b.com.cn
61.141.31.11 www.918188.com
61.141.31.11 hao.allxue.com
61.141.31.11 good.allxue.com
61.141.31.11 baby.allxue.com
61.141.31.11 www.allxue.com
61.141.31.11 about.lank.la
61.141.31.11 www.x114x.com
61.141.31.11 www.37ss.com
61.141.31.11 www.7k.cc
61.141.31.11 www.73ss.com
125.91.14.230 www.hao123.com
61.141.31.11 www.81915.com
61.141.31.11 222.88.90.22
61.141.31.11 www.9991.com
61.141.31.11 www.my123.com
61.141.31.11 www.haokan123.com
61.141.31.11 www.5566.net
61.141.31.11 www.gjj.cc
61.141.31.11 www.2345.com
61.141.31.11 dl.hao318.com
61.141.31.11 www.123wa.com
61.141.31.11 www.ku886.com
61.141.31.11 www.5icrack.com
61.141.31.11 www.jjol.cn

修复后一会又回来了，郁闷

有问题吗

61.141.31.11你的IP?!

按法做了，还不行