有的时候 他自动打开的还会是
http://www.71791.com/new  这样的

【回复“菜鸟级大虾”的帖子】
http://forum.ikaka.com/topic.asp?board=28&artid=6979213
下载System Repair Engineer 2.0.12.350
导出全部日志

因为说回复内容过长 分两次回复撒
2006-04-14,09:43:28

System Repair Engineer 2.0.12.350 (2.0 RC 1)
    Windows 2000 Server Service Pack 4 - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <Super Rabbit IEPro><C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <run><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IgfxTray><C:\WINNT\System32\igfxtray.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <HotKeysCmds><C:\WINNT\System32\hkcmd.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <vptray><C:\Program Files\NavNT\vptray.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Synchronization Manager><mobsync.exe /logon>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <internat.exe><internat.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <SunJavaUpdateSched><C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <MSService><svchest.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINNT\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>

==================================
启动文件夹
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[DefWatch / DefWatch]
  <C:\Program Files\NavNT\defwatch.exe><Symantec Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[Remote Internet Service / Msisvr]
  <2 - 系统找不到指定的文件。
><N/A>
[Norton AntiVirus 客户端 / Norton AntiVirus Server]
  <C:\Program Files\NavNT\rtvscan.exe><Symantec Corporation>
[OracleOraDb10g_home1TNSListener / OracleOraDb10g_home1TNSListener]
  <C:\oracle\product\10.1.0\Db_1\BIN\TNSLSNR ><N/A>
[OracleOraHome81ClientCache / OracleOraHome81ClientCache]
  <D:\oracle\ora81\BIN\ONRSD.EXE><N/A>
[Smart Card Helper / SCardDrv]
  <C:\WINNT\system32\scardsvr32.exe -v><N/A>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINNT\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[百万图库]
  {6713E8D2-850A-101B-AFC0-4210102A8DA7} <http://www.26-3.com/star, N/A>
[铃声图片下载]
  {7713E8D2-850A-101B-AFC0-4210102A8DA7} <http://www.26-3.com/sms/index.htm, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[Java Plug-in]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in]
  {CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in]
  {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\geturl.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>

==================================

正在运行的进程
[PID: 164][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 188][\??\C:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 208][\??\C:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6898>
    [C:\WINNT\System32\NavLogon.dll]  <N/A><N/A>
[PID: 236][C:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.6700>
    [C:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.6605.297.3>
[PID: 248][C:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.6902>
[PID: 428][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 456][C:\WINNT\system32\spoolsv.exe]  <Microsoft Corporation><5.00.2195.6659>
[PID: 484][C:\WINNT\System32\msdtc.exe]  <Microsoft Corporation><1999.9.3421.3>
    [D:\oracle\ora81\bin\ociw32.dll]  <Oracle Corporation><8.1.7.0.0>
[PID: 592][C:\WINNT\System32\cisvc.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 608][C:\Program Files\NavNT\defwatch.exe]  <Symantec Corporation><7, 50, 0, 1>
[PID: 624][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 660][C:\WINNT\System32\llssrv.exe]  <Microsoft Corporation><5.00.2195.6697>
[PID: 852][C:\WINNT\Explorer.EXE]  <Microsoft Corporation><5.00.3700.6690>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\WINNT\system32\hccutils.DLL]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\igfxres.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\igfxress.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\igfxcpl.cpl]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\s32lucp1.cpl]  <Symantec Corporation><1.5.3.11>
    [C:\Program Files\Tencent\QQ\qdshm.dll]  <><1, 0, 1, 2>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\TuneUp Utilities 2006\sdshelex.dll]  <TuneUp Software GmbH><1.0.0.253>
    [C:\Program Files\TuneUp Utilities 2006\rtl60.bpl]  <Borland Software Corporation><6.0.6.241>
    [C:\Program Files\TuneUp Utilities 2006\vcl60.bpl]  <Borland Software Corporation><6.0.6.240>
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  <Symantec Corporation><7.50.00.846>
[PID: 680][C:\Program Files\NavNT\rtvscan.exe]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\Dec2.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2ARJ.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2ID.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2LHA.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\SymLHA.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2LZ.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2MIME.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2Zip.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2AMG.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\SYMAMG32.DLL]  <Symantec Corporation with portions by FUJITSU DEVICES INC.><2.16.0.45>
    [C:\Program Files\NavNT\Dec2UUE.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2SS.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2RTF.dll]  <Symantec Corporation><2.16.0.45>
    [C:\WINNT\system32\CBA.DLL]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\MsgSys.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\NTS.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\PDS.DLL]  <Intel Corporation><6.0.201.0940 E>
    [C:\Program Files\NavNT\NAVLU.dll]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\NAVNTUTL.DLL]  <Symantec/Peter Norton Group><1, 0, 0, 1>
    [C:\Program Files\NavNT\i2ldvp3.dll]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\NAVAPI32.DLL]  <Symantec Corp.><4.1.0.6>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060223.009\NAVEX32a.DLL]  <Symantec Corporation><20051.3.1.11>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060223.009\NAVENG32.DLL]  <Symantec Corporation><20051.3.1.11>
    [C:\Program Files\NavNT\NAVAP32.DLL]  <Symantec Corporation><5.3.1.39>
    [C:\WINNT\system32\amslib.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\loc32vc0.dll]  <Intel><3, 0, 0, 2>
[PID: 896][C:\WINNT\System32\hkcmd.exe]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\hccutils.DLL]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxdev.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxsrvc.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxhk.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxres.dll]  <Intel Corporation><3.0.0.4020>
[PID: 900][C:\Program Files\NavNT\vptray.exe]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\Cliscan.dll]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\NAVNTUTL.DLL]  <Symantec/Peter Norton Group><1, 0, 0, 1>
    [C:\Program Files\NavNT\Cliproxy.dll]  <Symantec Corporation><7.50.00.846>
[PID: 944][C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe]  <Sun Microsystems, Inc.><5.0.60.5>
[PID: 976][C:\WINNT\system32\ctfmon.exe]  <Microsoft Corporation><1.00.2409.34 built by: Lab06_N>
[PID: 912][C:\WINNT\system32\regsvc.exe]  <Microsoft Corporation><5.00.2195.6701>
[PID: 952][C:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6704>
[PID: 1028][C:\WINNT\system32\tlntsvr.exe]  <Microsoft Corporation><5.00.99206.1>
[PID: 1084][C:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0100>
[PID: 1096][C:\WINNT\system32\mspmspsv.exe]  <Microsoft Corporation><7.10.00.3059>
[PID: 1120][C:\WINNT\system32\Dfssvc.exe]  <Microsoft Corporation><5.00.2195.6664>
[PID: 1424][C:\WINNT\system32\MsgSys.EXE]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\NTS.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\CBA.DLL]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\MsgSys.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\PDS.DLL]  <Intel Corporation><6.0.201.0940 E>
[PID: 1508][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 1580][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  <Sun Microsystems, Inc.><5.0.60.5>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 740][D:\bea\jdk142_05\jre\bin\javaw.exe]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\client\jvm.dll]  <Sun Microsystems, Inc.><1.4.2.50>
    [D:\bea\jdk142_05\jre\bin\hpi.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\verify.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\java.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\zip.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\awt.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\fontmanager.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\jpeg.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\cmm.dll]  <N/A><N/A>
    [D:\bea\weblogic81\workshop\ws_native.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\net.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\nio.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\dcpr.dll]  <N/A><N/A>
[PID: 1568][C:\WINNT\System32\cidaemon.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 1712][C:\WINNT\system32\conime.exe]  <Microsoft Corporation><5.00.2195.6655>
[PID: 584][C:\Program Files\Thunder Network\Thunder\Thunder.exe]  <Thunder Networking Technologies,LTD><5.1.4.174>
    [C:\Program Files\Thunder Network\Thunder\UpdateDownload.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 2>
    [C:\Program Files\Thunder Network\Thunder\download_interface.dll]  <Thunder Networking Technologies,LTD><1, 0, 1, 66>
    [C:\Program Files\Thunder Network\Thunder\log4cplus.dll]  <><1, 0, 2, 1>
    [C:\Program Files\Thunder Network\Thunder\stlport_vc646.dll]  <STLport Consulting, Inc.><4.6.2003.1031>
    [C:\Program Files\Thunder Network\Thunder\msgmanage.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 15>
    [C:\Program Files\Thunder Network\Thunder\historyinfo_manage.dll]  <Thunder Networking Technologies,LTD><5, 2, 0, 148>
    [C:\Program Files\Thunder Network\Thunder\iEmbed.dll]  <Thunder Networking Technologies,LTD><1, 1, 0, 22>
    [C:\Program Files\Thunder Network\Thunder\RegisterDll.dll]  <Thunder Networking Technologies,LTD><1, 2, 0, 7>
    [C:\Program Files\Thunder Network\Thunder\FloatBar.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 2>
    [C:\Program Files\Thunder Network\Thunder\iTargetAd.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 59>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2288][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  <Sun Microsystems, Inc.><5.0.60.5>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2108][C:\Program Files\Super Rabbit\MagicSet\magicset.exe]  <Super Rabbit Soft><7.46>
[PID: 2312][C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE]  <Super Rabbit Soft><7.46>
    [C:\WINNT\system32\shlobj71.ocx]  <Sky Software (http://www.ssware.com)><7, 1, 0, 0>
[PID: 2324][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  <Sun Microsystems, Inc.><5.0.60.5>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2476][D:\Temp\Rar$EX01.532\SREng.exe]  <Smallfrogs Studio><2.0.12.350>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

正在运行的进程
[PID: 164][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 188][\??\C:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 208][\??\C:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6898>
    [C:\WINNT\System32\NavLogon.dll]  <N/A><N/A>
[PID: 236][C:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.6700>
    [C:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.6605.297.3>
[PID: 248][C:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.6902>
[PID: 428][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 456][C:\WINNT\system32\spoolsv.exe]  <Microsoft Corporation><5.00.2195.6659>
[PID: 484][C:\WINNT\System32\msdtc.exe]  <Microsoft Corporation><1999.9.3421.3>
    [D:\oracle\ora81\bin\ociw32.dll]  <Oracle Corporation><8.1.7.0.0>
[PID: 592][C:\WINNT\System32\cisvc.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 608][C:\Program Files\NavNT\defwatch.exe]  <Symantec Corporation><7, 50, 0, 1>
[PID: 624][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 660][C:\WINNT\System32\llssrv.exe]  <Microsoft Corporation><5.00.2195.6697>
[PID: 852][C:\WINNT\Explorer.EXE]  <Microsoft Corporation><5.00.3700.6690>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\WINNT\system32\hccutils.DLL]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\igfxres.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\igfxress.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\igfxcpl.cpl]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\s32lucp1.cpl]  <Symantec Corporation><1.5.3.11>
    [C:\Program Files\Tencent\QQ\qdshm.dll]  <><1, 0, 1, 2>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\TuneUp Utilities 2006\sdshelex.dll]  <TuneUp Software GmbH><1.0.0.253>
    [C:\Program Files\TuneUp Utilities 2006\rtl60.bpl]  <Borland Software Corporation><6.0.6.241>
    [C:\Program Files\TuneUp Utilities 2006\vcl60.bpl]  <Borland Software Corporation><6.0.6.240>
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  <Symantec Corporation><7.50.00.846>
[PID: 680][C:\Program Files\NavNT\rtvscan.exe]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\Dec2.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2ARJ.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2ID.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2LHA.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\SymLHA.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2LZ.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2MIME.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2Zip.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2AMG.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\SYMAMG32.DLL]  <Symantec Corporation with portions by FUJITSU DEVICES INC.><2.16.0.45>
    [C:\Program Files\NavNT\Dec2UUE.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2SS.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2RTF.dll]  <Symantec Corporation><2.16.0.45>
    [C:\WINNT\system32\CBA.DLL]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\MsgSys.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\NTS.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\PDS.DLL]  <Intel Corporation><6.0.201.0940 E>
    [C:\Program Files\NavNT\NAVLU.dll]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\NAVNTUTL.DLL]  <Symantec/Peter Norton Group><1, 0, 0, 1>
    [C:\Program Files\NavNT\i2ldvp3.dll]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\NAVAPI32.DLL]  <Symantec Corp.><4.1.0.6>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060223.009\NAVEX32a.DLL]  <Symantec Corporation><20051.3.1.11>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060223.009\NAVENG32.DLL]  <Symantec Corporation><20051.3.1.11>
    [C:\Program Files\NavNT\NAVAP32.DLL]  <Symantec Corporation><5.3.1.39>
    [C:\WINNT\system32\amslib.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\loc32vc0.dll]  <Intel><3, 0, 0, 2>
[PID: 896][C:\WINNT\System32\hkcmd.exe]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\hccutils.DLL]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxdev.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxsrvc.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxhk.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxres.dll]  <Intel Corporation><3.0.0.4020>
[PID: 900][C:\Program Files\NavNT\vptray.exe]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\Cliscan.dll]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\NAVNTUTL.DLL]  <Symantec/Peter Norton Group><1, 0, 0, 1>
    [C:\Program Files\NavNT\Cliproxy.dll]  <Symantec Corporation><7.50.00.846>
[PID: 944][C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe]  <Sun Microsystems, Inc.><5.0.60.5>
[PID: 976][C:\WINNT\system32\ctfmon.exe]  <Microsoft Corporation><1.00.2409.34 built by: Lab06_N>

[PID: 912][C:\WINNT\system32\regsvc.exe]  <Microsoft Corporation><5.00.2195.6701>
[PID: 952][C:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6704>
[PID: 1028][C:\WINNT\system32\tlntsvr.exe]  <Microsoft Corporation><5.00.99206.1>
[PID: 1084][C:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0100>
[PID: 1096][C:\WINNT\system32\mspmspsv.exe]  <Microsoft Corporation><7.10.00.3059>
[PID: 1120][C:\WINNT\system32\Dfssvc.exe]  <Microsoft Corporation><5.00.2195.6664>
[PID: 1424][C:\WINNT\system32\MsgSys.EXE]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\NTS.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\CBA.DLL]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\MsgSys.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\PDS.DLL]  <Intel Corporation><6.0.201.0940 E>
[PID: 1508][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 1580][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  <Sun Microsystems, Inc.><5.0.60.5>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 740][D:\bea\jdk142_05\jre\bin\javaw.exe]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\client\jvm.dll]  <Sun Microsystems, Inc.><1.4.2.50>
    [D:\bea\jdk142_05\jre\bin\hpi.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\verify.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\java.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\zip.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\awt.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\fontmanager.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\jpeg.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\cmm.dll]  <N/A><N/A>
    [D:\bea\weblogic81\workshop\ws_native.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\net.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\nio.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\dcpr.dll]  <N/A><N/A>
[PID: 1568][C:\WINNT\System32\cidaemon.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 1712][C:\WINNT\system32\conime.exe]  <Microsoft Corporation><5.00.2195.6655>
[PID: 584][C:\Program Files\Thunder Network\Thunder\Thunder.exe]  <Thunder Networking Technologies,LTD><5.1.4.174>
    [C:\Program Files\Thunder Network\Thunder\UpdateDownload.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 2>
    [C:\Program Files\Thunder Network\Thunder\download_interface.dll]  <Thunder Networking Technologies,LTD><1, 0, 1, 66>
    [C:\Program Files\Thunder Network\Thunder\log4cplus.dll]  <><1, 0, 2, 1>
    [C:\Program Files\Thunder Network\Thunder\stlport_vc646.dll]  <STLport Consulting, Inc.><4.6.2003.1031>
    [C:\Program Files\Thunder Network\Thunder\msgmanage.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 15>
    [C:\Program Files\Thunder Network\Thunder\historyinfo_manage.dll]  <Thunder Networking Technologies,LTD><5, 2, 0, 148>
    [C:\Program Files\Thunder Network\Thunder\iEmbed.dll]  <Thunder Networking Technologies,LTD><1, 1, 0, 22>
    [C:\Program Files\Thunder Network\Thunder\RegisterDll.dll]  <Thunder Networking Technologies,LTD><1, 2, 0, 7>
    [C:\Program Files\Thunder Network\Thunder\FloatBar.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 2>
    [C:\Program Files\Thunder Network\Thunder\iTargetAd.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 59>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2288][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  <Sun Microsystems, Inc.><5.0.60.5>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2108][C:\Program Files\Super Rabbit\MagicSet\magicset.exe]  <Super Rabbit Soft><7.46>
[PID: 2312][C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE]  <Super Rabbit Soft><7.46>
    [C:\WINNT\system32\shlobj71.ocx]  <Sky Software (http://www.ssware.com)><7, 1, 0, 0>
[PID: 2324][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  <Sun Microsystems, Inc.><5.0.60.5>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2476][D:\Temp\Rar$EX01.532\SREng.exe]  <Smallfrogs Studio><2.0.12.350>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

【回复“菜鸟级大虾”的帖子】
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<MSService><svchest.exe>
这个自启动项还存在啊

[Remote Internet Service / Msisvr]
这个服务也存在啊

＝＝＝＝＝＝＝＝＝＝＝＝＝＝

开始－－控制面板－－性能和维护－－管理工具－－服务
禁用Remote Internet Service (Msisvr)

进入注册表
展开[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
找到后删除Msisvr文件夹

进入注册表
展开[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
删除<MSService><svchest.exe>


删除
C:\WINNT\system32\INTasks.exe
C:\WINNT\system32\svchest.exe

Remote Internet Service (Msisvr)还是没有这想服务
有这项服务：Remote Internet Service 当我想对他操作时出现对话框说
“配置管理器：丢失注册表中的一个需要的项或尝试写入注册表失败”
就一个确定按钮  点击后出现另一个对话框说
“系统找不到指定的文件”


注册表中的HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Msisvr 的这个文件夹 我确信我第1次就删除了  看完这次回复我打开注册表又有了  现在已经删除了
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run<MSService><svchest.exe> 注册表中的这两项没有找到

C:\WINNT\system32\INTasks.exe
C:\WINNT\system32\svchest.exe这两个文件已经删除

【回复“菜鸟级大虾”的帖子】
重启后按我的回贴再操作一下

控制面版----性能和维护---管理工具----服务----禁止Remote Internet Service 的服务