C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exeC:\Program Files\KV2006\KVMonXP_1.kxpC:\WINDOWS\system32\ctfmon.exeC:\Program Files\KVFW\kvfw.exeC:\Program Files\KV2006\KVSrvXP.exeC:\Program Files\KV2006\kvwsc.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\system32\wdfmgr.exeC:\WINDOWS\System32\alg.exeC:\Program Files\KV2006\TrojDie.kxpC:\WINDOWS\System32\svchost.exeC:\Program Files\KV2006\KRegEx.exeC:\Program Files\KV2006\UIHost.exeC:\WINDOWS\system32\taskmgr.exeC:\WINDOWS\explorer.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Thunder Network\Thunder\Program\Thunder5.exeE:\ast\AST.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Thunder Network\Thunder\Plugins\ThunderKAV\bin\ScanningProcess.exeD:\HijackThis1991【teyqiu】.exeO2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dllO2 - BHO: (no name) - {8728D167-41A6-4561-969C-CD75049F83AB} - C:\WINDOWS\system32\wiasoervc.dllO2 - BHO: (no name) - {B17D6D2C-30F8-4C63-9E01-4C2B199547AA} - C:\WINDOWS\system32\lacqdkdcwelac.dllO2 - BHO: (no name) - {C6844939-C324-41E0-84D0-D42F8DA5EBAD} - (no file)O3 - IE工具栏增项: 江民杀毒工具栏 - {B5A34A93-D538-43A7-8371-864CB6148D12} - C:\Program Files\KV2006\KvShell.dllO3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dllO4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - 启动项HKLM\\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exeO4 - 启动项HKLM\\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /trayO4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /PreloadO4 - 启动项HKLM\\Run: [KvMonXP] "C:\Program Files\KV2006\KVMonXP_1.kxp" /autoO4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - 启动项HKLM\\Run: [Anti-Spy Tools] E:\ast\AST.exe -minO4 - 启动项HKLM\\Run: [nootsa10] %systemroot%\system32\Rundll32.exe "%systemroot%\system32\nootsa10.dll",StartO4 - 启动项HKLM\\Run: [hcepoy44] %systemroot%\system32\Rundll32.exe "%systemroot%\system32\hcepoy44.dll",StartO4 - 启动项HKLM\\RunOnce: [qzvjxb36] %systemroot%\system32\Rundll32.exe %systemroot%\system32\qzvjxb36.dll,DllUnregisterServerO4 - 启动项HKLM\\RunOnce: [mnxugz99] %systemroot%\system32\Rundll32.exe %systemroot%\system32\mnxugz99.dll,DllUnregisterServerO4 - 启动项HKLM\\RunOnce: [bmtdc] %systemroot%\system32\Rundll32.exe %systemroot%\system32\bmtdc.dll,DllUnregisterServerO4 - 启动项HKLM\\RunOnce: [bivwxj13] %systemroot%\system32\Rundll32.exe %systemroot%\system32\bivwxj13.dll,DllUnregisterServer

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [KVFW] C:\Program Files\KVFW\kvfw.exe -silentO4 - HKCU\..\Run: [KvXP] "C:\Program Files\KV2006\KvXP.kxp" /ScanBoot /ScanSysO4 - HKCU\..\Run: [System Boot Check] C:\WINDOWS\system32\sysload3.exeO4 - HKCU\..\Run: [Super Rabbit IEPro] E:\Program Files\Super Rabbit\IEG\SRIECLI.EXE /LOADO4 - Startup: 腾讯QQ.lnk = E:\QQ\QQ.exeO8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - E:\QQ\AddToNetDisk.htmO8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\QQ\AddPanel.htmO8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\QQ\AddEmotion.htmO8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\QQ\SendMMS.htmO9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - F:\浩方对战平台\GameClient.exeO9 - 浏览器额外的按钮: 财富通 - {C1F0024B-8278-4999-B7E6-2718426D9FE6} - C:\WINDOWS\system32\shdocvw.dll (HKCU)O10 - 未知的文件在 Winsock
LSP
: c:\windows\system32\cdnns.dllO11 - Options group: [CDNCLIENT] 中文上网O17 - HKLM\System\CCS\Services\Tcpip\..\{F782B2CE-60B4-4C15-9DFA-5F9D65397FF6}: NameServer = 202.101.224.68,202.101.224.69O23 - NT 服务: 2BECB194 - Unknown owner - C:\WINDOWS\system32\2BECB194.EXE (file missing)O23 - NT 服务: 971CB5E6 - Unknown owner - C:\WINDOWS\system32\971CB5E6.EXE (file missing)O23 - NT 服务: error monitor (EmonSrv) - Unknown owner - C:\WINDOWS\system32\lfrmewrk.exeO23 - NT 服务: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - NT 服务: kkdj3sdf3 - Unknown owner - C:\WINDOWS\system32\kkdj3sdf3.exe (file missing)O23 - NT 服务: KVSrvXP - Jiangmin Co. Ltd - C:\Program Files\KV2006\KVSrvXP.exeO23 - NT 服务: KVWSC - Jiangmin Co.Ltd - C:\Program Files\KV2006\kvwsc.exeO23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - NT 服务: Registry Protector (SOCCENV) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing)O23 - NT 服务: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe