软件类别:其他
表现行为:强行安装,广告弹出
出品公司:www.51viva.com
用3.0.0.6版本清除,始终清除不了,每次显示清除干净后又能扫描到.求解决方案,谢谢!

请下载SREng2（最新版） ，使用“智能扫描”，按下“扫描”按钮进行扫描，
扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，请不要修改。

下载地址
http://www.kztechs.com/sreng/sreng2.zip

2006-11-22,12:44:38

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <KpopMon><C:\KAV6\KPopMon.EXE>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)N/A]
    <KAVRun><C:\KAV6\KAVRun.EXE>  [kingsoft]
    <Kulansyn><C:\KAV6\Kulansyn.EXE>  [Kingsoft Corp.]
    <iDuba Personal FireWall><C:\KAV6\KAVPFW.EXE>  [N/A]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)NVIDIA Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <GinaDLL><rpcfap.dll>  []
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><>  [N/A]
    <{5EED7056-B89D-4DE8-A060-D285EA746794}><C:\WINDOWS\system32\msjbthrp.dll>  [Microsoft Corporation]
    <{914B076F-8FC6-4452-93C8-D810062C81F9}><>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\KAV6\KaScrScn.scr>  []

==================================
启动文件夹
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>

==================================
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><N/A>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft AntiVirus Service / KAVSvc]
  <C:\KAV6\KAVSvc.EXE><kingsoft Antivirus>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

==================================
驱动程序
[1122984 / 1122984]
  <\SystemRoot\System32\drivers\1122984.sys><N/A>
[Service for WDM 3D Audio Driver / ALCXSENS]
  <system32\drivers\ALCXSENS.SYS><Sensaura>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ehcgadcf / ehcgadcf]
  <\SystemRoot\system32\drivers\ehcgadcf.sys><中国互联网络信息中心(CNNIC)>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[KWatch / KWatch]
  <\??\C:\WINDOWS\system32\drivers\KWatch.Sys><Kingsoft Corporation>
[npkcrypt / npkcrypt]
  <\??\E:\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver / rtl8139]
  <system32\DRIVERS\R8139n51.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[Prolific Serial port driver / Ser2pl]
  <system32\DRIVERS\ser2pl.sys><Prolific Technology Inc.>
[SiS AGP Filter / SISAGP]
  <\SystemRoot\system32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[ViaIde / ViaIde]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>

==================================
浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\Thunder Network\WebThunderBHO_015.dll, Thunder Networking Technologies,LTD>
[VnetCookie Class]
  {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[Peer2Mail Toolbar Helper]
  {4FB971C4-99FB-480d-BA3F-55B8263010FB} <C:\Program Files\Peer2Mail Toolbar\v2.0.0.0\Peer2Mail_Toolbar.dll, N/A>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\Tencent\QQ\QQ.EXE, TENCENT>
[哇哇网址导航]
  {f15c22ef-534e-414d-ab5d-1425cd806e41} <http://www.51viva.com/dlplugin/redirect.jsp?refer=dtoolbar&cur=http://114.yesky.com/, N/A>
[哇哇软件下载]
  {f15c22ef-534e-414d-ab5d-1425cd806e42} <http://www.51viva.com/dlplugin/redirect.jsp?refer=dtoolbar&cur=http://www.mydown.com/, N/A>
[Peer2Mail Toolbar]
  {43F2A7F9-06F6-48a5-B0DC-8530BF29CE66} <C:\Program Files\Peer2Mail Toolbar\v2.0.0.0\Peer2Mail_Toolbar.dll, N/A>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\Thunder Network\WebThunderBHO_015.dll, Thunder Networking Technologies,LTD>
[EWA Control]
  {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\COMMON~1\Synacast\SynaLive\SYNACA~1.OCX, Synacast>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Peer2Mail Toolbar]
  {43F2A7F9-06F6-48A5-B0DC-8530BF29CE66} <C:\Program Files\Peer2Mail Toolbar\v2.0.0.0\Peer2Mail_Toolbar.dll, N/A>
[VnetCookie Class]
  {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[Peer2Mail Toolbar Helper]
  {4FB971C4-99FB-480D-BA3F-55B8263010FB} <C:\Program Files\Peer2Mail Toolbar\v2.0.0.0\Peer2Mail_Toolbar.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\Thunder Network\MediaAddin08.dll, Thunder Networking Technologies,LTD>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[]
  {E1FC9760-7B95-49CD-80B9-8C9E41017B93} <C:\KAV6\KAVEXT.DLL, Kingsoft Corp.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <E:\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <D:\Thunder Network\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <D:\Thunder Network\GetAllUrl.htm, N/A>
[添加到QQ自定义面板]
  <E:\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 432][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 504][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 528][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rpcfap.dll]  [, 3, 0, 5, 1]
[PID: 572][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 584][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 732][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 792][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 856][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 904][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1016][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1124][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1348][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1492][C:\KAV6\Kulansyn.EXE]  [Kingsoft Corp., 2004, 1, 5, 141]
    [C:\KAV6\KAVMLM.DLL]  [Kingsoft Corporation, 2003.11.12.10]
    [C:\KAV6\KAVLogFn.dll]  [N/A, 2003, 11, 26, 16]
    [C:\KAV6\KULANSyn.DLL]  [Kingsoft Corp., 2004, 1, 5, 109]
[PID: 1524][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3512]
[PID: 1532][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.29]
[PID: 1540][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1548][C:\KAV6\KPopMon.EXE]  [, 2004, 2, 2, 31]
    [C:\KAV6\KAVMLM.DLL]  [Kingsoft Corporation, 2003.11.12.10]
[PID: 1608][C:\KAV6\KWatchUI.EXE]  [, 2004.1.6.119]
    [C:\KAV6\kavcomm.dll]  [Kingsoft Corporation, 2003, 11, 12, 66]
    [C:\KAV6\kavdlg.dll]  [, 2004.7.20.81]
    [C:\KAV6\KAVMLM.DLL]  [Kingsoft Corporation, 2003.11.12.10]
    [C:\KAV6\RpcBrge.DLL]  [kingsoft, 2003, 11, 12, 64]
[PID: 1820][C:\KAV6\KAVPlus.EXE]  [, 2004, 3, 3, 71]
[PID: 336][C:\KAV6\KAVSvc.EXE]  [kingsoft Antivirus, 2003, 11, 12, 70]
    [C:\KAV6\SvcComm.dll]  [kingsoft Antivirus, 2004, 7, 28, 1]
    [C:\KAV6\SvcTimer.DLL]  [Kingsoft, 2004.4.29.79]
    [C:\KAV6\KavComm.dll]  [Kingsoft Corporation, 2003, 11, 12, 66]
    [C:\KAV6\RpcBrge.DLL]  [kingsoft, 2003, 11, 12, 64]
    [C:\KAV6\KWatchFn2.dll]  [kingsoft Corporation, 2004, 8, 24, 25]
    [C:\KAV6\KAEPlat.DLL]  [Kingsoft Corp., 2005, 12, 29, 56]
    [C:\KAV6\KAEMem.DAT]  [Kingsoft, 2006, 4, 12, 13]
    [C:\KAV6\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
    [C:\KAV6\KAVUtils.dll]  [Kingsoft Corp, 2004, 2, 12, 69]
    [C:\KAV6\KAVDlg.DLL]  [, 2004.7.20.81]
    [C:\KAV6\KAVLogFn.dll]  [N/A, 2003, 11, 26, 16]
[PID: 360][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.6693]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.6693]
[PID: 880][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 1456][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 272][C:\Program Files\ChinaNet\VnetClient.exe]  [, 2005, 10, 8, 1]
    [C:\Program Files\ChinaNet\Communicate.dll]  [0, 2005, 3, 3, 1]
    [C:\Program Files\ChinaNet\DialModule.dll]  [, 2005, 3, 22, 1]
    [C:\PROGRA~1\ChinaNet\CLIENT~1.DLL]  [, 2004, 2, 28, 1]
    [C:\PROGRA~1\ChinaNet\PLUGIN~1.OCX]  [, 2005, 7, 27, 1]
    [C:\PROGRA~1\ChinaNet\sign.dll]  [0, 2004, 12, 1, 1]
    [C:\PROGRA~1\ChinaNet\WEBPLU~1.DLL]  [, 2005, 8, 18, 1]
    [C:\PROGRA~1\ChinaNet\PostPlug.dll]  [, 2004, 12, 16, 2]
    [C:\PROGRA~1\ChinaNet\ADVERT~1.OCX]  [, 2005, 10, 13, 1]
    [C:\PROGRA~1\ChinaNet\VnetBs.ocx]  [, 2004, 11, 18, 1]
    [C:\PROGRA~1\ChinaNet\ACCOUN~2.DLL]  [, 2005, 8, 11, 1]
    [C:\PROGRA~1\ChinaNet\AccountMgr.dll]  [, 2005, 8, 16, 1]
    [C:\PROGRA~1\ChinaNet\VnetSkin.ocx]  [GDDC, 1, 0, 0, 1]
    [C:\PROGRA~1\ChinaNet\DialogStyle.dll]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\ChinaNet\Timer.ocx]  [, 2005, 10, 9, 14]
    [C:\PROGRA~1\ChinaNet\PLUGIN~2.OCX]  [, 2005, 2, 24, 1]
    [C:\PROGRA~1\ChinaNet\NEWMES~1.DLL]  [, 2005, 8, 26, 1]
    [C:\PROGRA~1\ChinaNet\PassCtrl.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\wpcap.dll]  [Politecnico di Torino, 3, 0, 0, 18]
    [C:\WINDOWS\system32\pthreadVC.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\packet.dll]  [Politecnico di Torino, 3, 0, 0, 18]
    [C:\PROGRA~1\ChinaNet\PlugPush.dll]  [, 2004, 12, 21, 1]
    [C:\PROGRA~1\ChinaNet\ALLINT~1.DLL]  [, 2004, 11, 23, 1]
    [C:\PROGRA~1\ChinaNet\VNetLog.ocx]  [, 2005, 10, 9, 1]
    [C:\PROGRA~1\ChinaNet\StatNum.dll]  [, 2004, 11, 18, 1]
    [C:\PROGRA~1\ChinaNet\VNETON~1.OCX]  [, 2005, 3, 2, 1]
    [C:\PROGRA~1\ChinaNet\ALLFUN~1.DLL]  [GDCN, 2005, 10, 9, 1]
    [C:\PROGRA~1\ChinaNet\VnetOptLog.dll]  [, 2005, 9, 13, 9]
    [C:\PROGRA~1\ChinaNet\DlgSkin.ocx]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 2368][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kakatool.dll]  [Beijing Rising Technology Co., Ltd., 2, 0, 2, 1]
    [D:\Thunder Network\WebThunderBHO_015.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [c:\PROGRA~1\chinanet\VNETTR~1.DLL]  [, 2005, 4, 6, 1]
    [c:\PROGRA~1\chinanet\Communicate.dll]  [0, 2005, 3, 3, 1]
    [C:\PROGRA~1\ChinaNet\CLIENT~1.DLL]  [, 2004, 2, 28, 1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 2960][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3792][C:\KAV6\kav32.exe]  [Kingsoft Corporation, 2004.10.11.333]
    [C:\KAV6\kavcomm.dll]  [Kingsoft Corporation, 2003, 11, 12, 66]
    [C:\KAV6\kav32fn.dll]  [Kingsoft Corporation, 2004, 7, 15, 92]
    [C:\KAV6\kaeqscan.dll]  [Kingsoft Corp, 2004, 3, 26, 69]
    [C:\KAV6\kavset.dll]  [Kingsoft, 2004.9.1.85]
    [C:\KAV6\kavselectip.dll]  [, 2003, 12, 17, 5]
    [C:\KAV6\kavdlg.dll]  [, 2004.7.20.81]
    [C:\KAV6\kavpid.dll]  [Kingsoft Corp, 2001, 11, 21, 1]
    [C:\KAV6\KAVMLM.DLL]  [Kingsoft Corporation, 2003.11.12.10]
    [C:\KAV6\KAVIPC.DLL]  [Kingsoft Corp., 2002, 3, 29, 8]
    [C:\KAV6\KAVLogFn.dll]  [N/A, 2003, 11, 26, 16]
    [C:\KAV6\RpcBrge.DLL]  [kingsoft, 2003, 11, 12, 64]
    [C:\KAV6\KAVRESD.DLL]  [Kingsoft Corporation, 2003.12.16.81]
    [E:\我的K300C\fmgrgui.dll]  [Sony Ericsson Mobile Communications AB, 1, 1, 15, 0]
    [E:\我的K300C\fmgrguil.dll]  [Sony Ericsson Mobile Communications AB, 1, 1, 1, 1]
    [C:\KAV6\KAECall.DLL]  [Kingsoft Corporation, 2003, 11, 14, 66]
    [C:\KAV6\KAEScan.DLL]  [Kingsoft Corp., 2003, 5, 24, 36]
    [C:\KAV6\KAEPlat.DLL]  [Kingsoft Corp., 2005, 12, 29, 56]
    [C:\KAV6\KAEMem.DAT]  [Kingsoft, 2006, 4, 12, 13]
    [C:\KAV6\KAEUnpack.DAT]  [Kingsoft Corp., 2006, 6, 15, 44]
    [C:\KAV6\KAVUtils.DLL]  [Kingsoft Corp, 2004, 2, 12, 69]
[PID: 2520][D:\Thunder Network\WebThunder.exe]  [深圳市迅雷网络技术有限公司, 1, 4, 0, 73]
    [D:\Thunder Network\taskmanage.dll]  [Thunder Networking Technologies,LTD, 1, 4, 0, 71]
    [D:\Thunder Network\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 10, 3, 11]
    [D:\Thunder Network\asyn_dns.dll]  [N/A, N/A]
    [D:\Thunder Network\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 2, 1, 39]
    [D:\Thunder Network\historyinfo_manage.dll]  [Thunder Networking Technologies,LTD, 5, 3, 0, 228]
    [D:\Thunder Network\UpdateDownload.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 8]
    [D:\Thunder Network\UpdateExec.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 5]
    [D:\Thunder Network\iEmbedShell.dll]  [　, 1, 0, 0, 12]
    [D:\Thunder Network\iEmbed05.dll]  [　, 2, 3, 1, 41]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 2840][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
[PID: 2856][C:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX00.407\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================

运行(双击)SRENG2，点“启动项目，服务，点“驱动程序”
勾选“隐藏微软服务”选中病毒服务
1122984
，选择“删除服务”
点“设置”选择“否”
重启按F８进入安全模式下
显示隐藏文件
删除：           
\SystemRoot\System32\drivers\1122984.sys

按照您的方法我把\SystemRoot\System32\drivers\1122984.sys
该文件删除了,但是重启后发现哇哇资讯还在啊,而且原本安装的金山毒霸也不能正常使用了.

推荐使用360安全卫士清理一下流氓

.360下载地址:
http://www.360safe.com/
http://www.xdowns.com/soft/8/9/2006/Soft_31554.html
使用后删除360安全卫士

恶意软件清理助手

最新版本: V2.3.3
下载次数: 559760
下载软件: 本地下载
太平洋下载站 (推荐)
多特下载站 (推荐)
无忧当当下载网
中关村在线下载点
新博网下载点
IT168下载频道
霏凡软件站下载
注意：以上下载点文件并非实时同步，如果是刚刚升级的版本，请使用本地下载。
产品介绍:
现在网上的恶意软件越来越多，前些日子网络行业协会点名了十大流氓软件，这些软件的特点大多是强制安装，而且不容易卸载。本软件即是针对这种情况编写的，软件目前可以卸载下列软件：
1、一搜工具条
2、完美网译通
3、CNIC中文上网
4、博采网摘
5、百度搜霸
6、3721上网助手
7、Dudu下载加速器
8、很棒小秘书
9、网络猪
10、划词搜索
11、eBay工具条
12、娱乐心空
13、Yahoo助手(原3721)
14、搜狗
15、彩信通
16、天下搜索
17、U88财富快车
18、唯刊
19、完美网译通
20、协和医院弹出广告
21、Yahoo助手
22、一搜工具条
23、娱乐心空
24、YOK工具条
25、桌面传媒（Desktop Media）
26、酷站导航
27、QQ尾巴病毒
28、hws木马（病毒）
29、Irjit木马
30、jiaozhu木马（病毒）
31、MSIBM
32、千橡（mop）播霸
33、ZCom娱乐
34、syscast弹出广告插件
35、开心运程速递
36、SCIntruder
37、地址栏直通车
38、IpSec（Msdc32）木马
39、青娱乐
40、百搜工具条
41、百狗搜索
42、spoolsv木马病毒
43、HotBar工具条
44、VVZ收藏夹
45、NB46工具栏
46、忆多多
47、NetCount
48、IE-Bar
49、酷桌面
50、DeskAdTop弹出广告
51、DoDoor RRS订阅助手
52、Adplus/Msplus病毒
53、MicroShdocvw/Shdocvw2
54、BHORun
55、快搜
56、哇哇资讯57、网蜜/MySec
58、通用搜索/ROOGOO（病毒）
59、KooWo/YHBO
60、如意搜
61、tanip
62、MyIEHelper
63、88dog
64、鸡毛信
65、WinLogin/BenBen
66、159定向搜索
67、KService木马
68、51上网导航
69、TT33定向搜索
70、迷你屁屁狗
71、短信狂人
72、易搜工具条
73、MyWebSearch
74、CQQAdrplus
75、MicroQC
76、Winpub/Systems
77、Ceston/伪Windows XP Vista
78、ODBINT/伪Yahoo Bar
79、thememms/exupmms
80、UPDATE2
81、QQHelper
82、伪Taskmgr
83、DMPlay
84、asp121
85、SUpdate2
86、搜狗PXP加速引擎
87、极速搜索
88、LoadService
89、5940工具条
90、PopWin
91、msdll
92、explorar/internet
93、cctmv病毒
94、Racole
95、CPush/NewAdPopup
96、CpapView
97、InteSearch
98、AdHelper/酷标
99、Nvwrseng/WinLogon
100、Rundll/7939
101、AspwsWin
102、HttpReq/BizG
103、NFSWZWin32
104、老大搜索
105、hohoplug
106、mssnmp16
107、虎翼DIY吧
108、左看
109、伪Services.exe
110、lhtefx
111、svhost32
112、Sy病毒
113、伪GoogleBar
114、cfg.IEHelper
115、WindowService
116、Amvda
117、Flash_Player
……

本软件可以完全清除掉上述软件，清理时最好在windows的安全模式下进行！

从V1.20版本开始采用了最新的查杀引擎，可以检测更多的恶意软件同时也可以把恶意软件清除得更彻底。
从V1.3版本开始加入了在线升级功能。

此版本附带了dos下清理工具。如果您安装了双启动系统并且可以进入纯dos系统的话，请使用clean.bat清理恶意软件。否则请使用恶意软件清理助手DOS版(支持NTFS)进行清理。


下载地址
http://www.tommsoft.com/Products.aspx?pid=2

非常感谢您的帮助！
那么请问我的杀毒工具该怎么恢复呢？现在已不能运行了。