http://www.71791.com  就这个破网址 过几分钟就会自动跳出一次
我这个菜鸟 用IE修复专家 修复了N次  用瑞星 诺盾查也查不到~~~~~
希望哪位大虾救救我~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
要不又得重装系统了.... 前两天刚装了遍~~~~汗............

【回复“不言放弃”的帖子】
这是导出的日志；
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      8:29:09, 日期 2006-4-14
操作系统：  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器：    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\msdtc.exe
C:\WINNT\System32\cisvc.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\NavNT\rtvscan.exe
C:\WINNT\System32\hkcmd.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINNT\system32\ctfmon.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\tlntsvr.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\system32\MsgSys.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\bea\jdk142_05\jre\bin\javaw.exe
C:\WINNT\System32\cidaemon.exe
C:\WINNT\system32\CMD.EXE
C:\WINNT\system32\conime.exe
D:\bea\JDK142~1\bin\java.exe
C:\WINNT\system32\CMD.EXE
D:\bea\JDK142~1\bin\java.exe
D:\bea\JDK142~1\bin\java.exe
C:\Program Files\Thunder Network\Thunder\Thunder.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
D:\Temp\Rar$EX00.781\HijackThis1991zww.exe

R3 - 默认的URLSearchHook丢失。用HijackThis修复
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\system32\xunleibho_v14.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - 启动项HKLM\\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - 启动项HKLM\\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - 启动项HKLM\\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - 启动项HKLM\\Run: [MSService] svchest.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的按钮: 百万图库 - {6713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www.26-3.com/star (file missing) (HKCU)
O9 - 浏览器额外的按钮: 铃声图片下载 - {7713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www.26-3.com/sms/index.htm (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{F112F085-434B-4E0F-80BB-4D8B87BF35E4}: NameServer = 202.102.134.68,202.102.154.3
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINNT\System32\NavLogon.dll
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - NT 服务: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - NT 服务: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: Remote Internet Service (Msisvr) - Unknown owner - C:\WINNT\system32\INTasks.exe
O23 - NT 服务: Norton AntiVirus 客户端 (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - NT 服务: OracleOraDb10g_home1TNSListener - Unknown owner - C:\oracle\product\10.1.0\Db_1\BIN\TNSLSNR.exe (file missing)
O23 - NT 服务: OracleOraHome81ClientCache - Unknown owner - D:\oracle\ora81\BIN\ONRSD.EXE
O23 - NT 服务: Smart Card Helper (SCardDrv) - Unknown owner - C:\WINNT\system32\scardsvr32.exe (file missing)

禁用Remote Internet Service (Msisvr)
没有这项服务
有Remote Internet Service 这项服务  是否要禁用？
C:\WINNT\system32\iexplore.exe 这个文件没有找到
在这个目录下C:\WINNT\system32\dllcache有iexplore.exe 这个文件 是否要删除呀？
其他项都照做啦~~~~~~~~

那个网址 还是自动弹出来。。。。。。。。。
C:\WINNT\system32\iexplore.exe 打开了隐藏项和隐藏受保护的操作系统文件（推荐） 还是没找到这个文件
Remote Internet Service这项服务以禁用
我又用HIJACKTHIS 导出了一遍日志：

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      9:20:21, 日期 2006-4-14
操作系统：  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器：    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\msdtc.exe
C:\WINNT\System32\cisvc.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\NavNT\rtvscan.exe
C:\WINNT\System32\hkcmd.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINNT\system32\ctfmon.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\tlntsvr.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\system32\MsgSys.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\bea\jdk142_05\jre\bin\javaw.exe
C:\WINNT\System32\cidaemon.exe
C:\WINNT\system32\CMD.EXE
C:\WINNT\system32\conime.exe
D:\bea\JDK142~1\bin\java.exe
C:\WINNT\system32\CMD.EXE
D:\bea\JDK142~1\bin\java.exe
D:\bea\JDK142~1\bin\java.exe
C:\Program Files\Thunder Network\Thunder\Thunder.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Super Rabbit\MagicSet\magicset.exe
C:\Program Files\WinRAR\WinRAR.exe
D:\Temp\Rar$EX00.328\HijackThis1991zww.exe

O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\system32\xunleibho_v14.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - 启动项HKLM\\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - 启动项HKLM\\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - 启动项HKLM\\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的按钮: 百万图库 - {6713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www.26-3.com/star (file missing) (HKCU)
O9 - 浏览器额外的按钮: 铃声图片下载 - {7713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www.26-3.com/sms/index.htm (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{F112F085-434B-4E0F-80BB-4D8B87BF35E4}: NameServer = 202.102.134.68,202.102.154.3
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINNT\System32\NavLogon.dll
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - NT 服务: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - NT 服务: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: Norton AntiVirus 客户端 (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - NT 服务: OracleOraDb10g_home1TNSListener - Unknown owner - C:\oracle\product\10.1.0\Db_1\BIN\TNSLSNR.exe (file missing)
O23 - NT 服务: OracleOraHome81ClientCache - Unknown owner - D:\oracle\ora81\BIN\ONRSD.EXE
O23 - NT 服务: Smart Card Helper (SCardDrv) - Unknown owner - C:\WINNT\system32\scardsvr32.exe (file missing)

http://www.71791.com 这个网址。。我真受够了！

我搜索了一遍注册表
没有关于http://www.71791.com的项目
这个网址几分钟就跳出一次 
能给我讲讲是为什么吗？

有的时候 他自动打开的还会是
http://www.71791.com/new  这样的

因为说回复内容过长 分两次回复撒
2006-04-14,09:43:28

System Repair Engineer 2.0.12.350 (2.0 RC 1)
    Windows 2000 Server Service Pack 4 - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <Super Rabbit IEPro><C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <run><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IgfxTray><C:\WINNT\System32\igfxtray.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <HotKeysCmds><C:\WINNT\System32\hkcmd.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <vptray><C:\Program Files\NavNT\vptray.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Synchronization Manager><mobsync.exe /logon>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <internat.exe><internat.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <SunJavaUpdateSched><C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <MSService><svchest.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINNT\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>

==================================
启动文件夹
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[DefWatch / DefWatch]
  <C:\Program Files\NavNT\defwatch.exe><Symantec Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[Remote Internet Service / Msisvr]
  <2 - 系统找不到指定的文件。
><N/A>
[Norton AntiVirus 客户端 / Norton AntiVirus Server]
  <C:\Program Files\NavNT\rtvscan.exe><Symantec Corporation>
[OracleOraDb10g_home1TNSListener / OracleOraDb10g_home1TNSListener]
  <C:\oracle\product\10.1.0\Db_1\BIN\TNSLSNR ><N/A>
[OracleOraHome81ClientCache / OracleOraHome81ClientCache]
  <D:\oracle\ora81\BIN\ONRSD.EXE><N/A>
[Smart Card Helper / SCardDrv]
  <C:\WINNT\system32\scardsvr32.exe -v><N/A>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINNT\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[百万图库]
  {6713E8D2-850A-101B-AFC0-4210102A8DA7} <http://www.26-3.com/star, N/A>
[铃声图片下载]
  {7713E8D2-850A-101B-AFC0-4210102A8DA7} <http://www.26-3.com/sms/index.htm, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[Java Plug-in]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in]
  {CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in]
  {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\geturl.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>

==================================

正在运行的进程
[PID: 164][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 188][\??\C:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 208][\??\C:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6898>
    [C:\WINNT\System32\NavLogon.dll]  <N/A><N/A>
[PID: 236][C:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.6700>
    [C:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.6605.297.3>
[PID: 248][C:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.6902>
[PID: 428][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 456][C:\WINNT\system32\spoolsv.exe]  <Microsoft Corporation><5.00.2195.6659>
[PID: 484][C:\WINNT\System32\msdtc.exe]  <Microsoft Corporation><1999.9.3421.3>
    [D:\oracle\ora81\bin\ociw32.dll]  <Oracle Corporation><8.1.7.0.0>
[PID: 592][C:\WINNT\System32\cisvc.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 608][C:\Program Files\NavNT\defwatch.exe]  <Symantec Corporation><7, 50, 0, 1>
[PID: 624][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 660][C:\WINNT\System32\llssrv.exe]  <Microsoft Corporation><5.00.2195.6697>
[PID: 852][C:\WINNT\Explorer.EXE]  <Microsoft Corporation><5.00.3700.6690>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\WINNT\system32\hccutils.DLL]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\igfxres.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\igfxress.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\igfxcpl.cpl]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\s32lucp1.cpl]  <Symantec Corporation><1.5.3.11>
    [C:\Program Files\Tencent\QQ\qdshm.dll]  <><1, 0, 1, 2>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\TuneUp Utilities 2006\sdshelex.dll]  <TuneUp Software GmbH><1.0.0.253>
    [C:\Program Files\TuneUp Utilities 2006\rtl60.bpl]  <Borland Software Corporation><6.0.6.241>
    [C:\Program Files\TuneUp Utilities 2006\vcl60.bpl]  <Borland Software Corporation><6.0.6.240>
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  <Symantec Corporation><7.50.00.846>
[PID: 680][C:\Program Files\NavNT\rtvscan.exe]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\Dec2.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2ARJ.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2ID.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2LHA.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\SymLHA.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2LZ.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2MIME.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2Zip.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2AMG.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\SYMAMG32.DLL]  <Symantec Corporation with portions by FUJITSU DEVICES INC.><2.16.0.45>
    [C:\Program Files\NavNT\Dec2UUE.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2SS.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2RTF.dll]  <Symantec Corporation><2.16.0.45>
    [C:\WINNT\system32\CBA.DLL]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\MsgSys.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\NTS.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\PDS.DLL]  <Intel Corporation><6.0.201.0940 E>
    [C:\Program Files\NavNT\NAVLU.dll]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\NAVNTUTL.DLL]  <Symantec/Peter Norton Group><1, 0, 0, 1>
    [C:\Program Files\NavNT\i2ldvp3.dll]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\NAVAPI32.DLL]  <Symantec Corp.><4.1.0.6>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060223.009\NAVEX32a.DLL]  <Symantec Corporation><20051.3.1.11>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060223.009\NAVENG32.DLL]  <Symantec Corporation><20051.3.1.11>
    [C:\Program Files\NavNT\NAVAP32.DLL]  <Symantec Corporation><5.3.1.39>
    [C:\WINNT\system32\amslib.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\loc32vc0.dll]  <Intel><3, 0, 0, 2>
[PID: 896][C:\WINNT\System32\hkcmd.exe]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\hccutils.DLL]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxdev.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxsrvc.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxhk.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxres.dll]  <Intel Corporation><3.0.0.4020>
[PID: 900][C:\Program Files\NavNT\vptray.exe]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\Cliscan.dll]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\NAVNTUTL.DLL]  <Symantec/Peter Norton Group><1, 0, 0, 1>
    [C:\Program Files\NavNT\Cliproxy.dll]  <Symantec Corporation><7.50.00.846>
[PID: 944][C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe]  <Sun Microsystems, Inc.><5.0.60.5>
[PID: 976][C:\WINNT\system32\ctfmon.exe]  <Microsoft Corporation><1.00.2409.34 built by: Lab06_N>
[PID: 912][C:\WINNT\system32\regsvc.exe]  <Microsoft Corporation><5.00.2195.6701>
[PID: 952][C:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6704>
[PID: 1028][C:\WINNT\system32\tlntsvr.exe]  <Microsoft Corporation><5.00.99206.1>
[PID: 1084][C:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0100>
[PID: 1096][C:\WINNT\system32\mspmspsv.exe]  <Microsoft Corporation><7.10.00.3059>
[PID: 1120][C:\WINNT\system32\Dfssvc.exe]  <Microsoft Corporation><5.00.2195.6664>
[PID: 1424][C:\WINNT\system32\MsgSys.EXE]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\NTS.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\CBA.DLL]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\MsgSys.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\PDS.DLL]  <Intel Corporation><6.0.201.0940 E>
[PID: 1508][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 1580][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  <Sun Microsystems, Inc.><5.0.60.5>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 740][D:\bea\jdk142_05\jre\bin\javaw.exe]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\client\jvm.dll]  <Sun Microsystems, Inc.><1.4.2.50>
    [D:\bea\jdk142_05\jre\bin\hpi.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\verify.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\java.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\zip.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\awt.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\fontmanager.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\jpeg.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\cmm.dll]  <N/A><N/A>
    [D:\bea\weblogic81\workshop\ws_native.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\net.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\nio.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\dcpr.dll]  <N/A><N/A>
[PID: 1568][C:\WINNT\System32\cidaemon.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 1712][C:\WINNT\system32\conime.exe]  <Microsoft Corporation><5.00.2195.6655>
[PID: 584][C:\Program Files\Thunder Network\Thunder\Thunder.exe]  <Thunder Networking Technologies,LTD><5.1.4.174>
    [C:\Program Files\Thunder Network\Thunder\UpdateDownload.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 2>
    [C:\Program Files\Thunder Network\Thunder\download_interface.dll]  <Thunder Networking Technologies,LTD><1, 0, 1, 66>
    [C:\Program Files\Thunder Network\Thunder\log4cplus.dll]  <><1, 0, 2, 1>
    [C:\Program Files\Thunder Network\Thunder\stlport_vc646.dll]  <STLport Consulting, Inc.><4.6.2003.1031>
    [C:\Program Files\Thunder Network\Thunder\msgmanage.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 15>
    [C:\Program Files\Thunder Network\Thunder\historyinfo_manage.dll]  <Thunder Networking Technologies,LTD><5, 2, 0, 148>
    [C:\Program Files\Thunder Network\Thunder\iEmbed.dll]  <Thunder Networking Technologies,LTD><1, 1, 0, 22>
    [C:\Program Files\Thunder Network\Thunder\RegisterDll.dll]  <Thunder Networking Technologies,LTD><1, 2, 0, 7>
    [C:\Program Files\Thunder Network\Thunder\FloatBar.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 2>
    [C:\Program Files\Thunder Network\Thunder\iTargetAd.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 59>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2288][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  <Sun Microsystems, Inc.><5.0.60.5>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2108][C:\Program Files\Super Rabbit\MagicSet\magicset.exe]  <Super Rabbit Soft><7.46>
[PID: 2312][C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE]  <Super Rabbit Soft><7.46>
    [C:\WINNT\system32\shlobj71.ocx]  <Sky Software (http://www.ssware.com)><7, 1, 0, 0>
[PID: 2324][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  <Sun Microsystems, Inc.><5.0.60.5>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2476][D:\Temp\Rar$EX01.532\SREng.exe]  <Smallfrogs Studio><2.0.12.350>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

正在运行的进程
[PID: 164][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 188][\??\C:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 208][\??\C:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6898>
    [C:\WINNT\System32\NavLogon.dll]  <N/A><N/A>
[PID: 236][C:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.6700>
    [C:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.6605.297.3>
[PID: 248][C:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.6902>
[PID: 428][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 456][C:\WINNT\system32\spoolsv.exe]  <Microsoft Corporation><5.00.2195.6659>
[PID: 484][C:\WINNT\System32\msdtc.exe]  <Microsoft Corporation><1999.9.3421.3>
    [D:\oracle\ora81\bin\ociw32.dll]  <Oracle Corporation><8.1.7.0.0>
[PID: 592][C:\WINNT\System32\cisvc.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 608][C:\Program Files\NavNT\defwatch.exe]  <Symantec Corporation><7, 50, 0, 1>
[PID: 624][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 660][C:\WINNT\System32\llssrv.exe]  <Microsoft Corporation><5.00.2195.6697>
[PID: 852][C:\WINNT\Explorer.EXE]  <Microsoft Corporation><5.00.3700.6690>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\WINNT\system32\hccutils.DLL]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\igfxres.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\igfxress.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\igfxcpl.cpl]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\system32\s32lucp1.cpl]  <Symantec Corporation><1.5.3.11>
    [C:\Program Files\Tencent\QQ\qdshm.dll]  <><1, 0, 1, 2>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\TuneUp Utilities 2006\sdshelex.dll]  <TuneUp Software GmbH><1.0.0.253>
    [C:\Program Files\TuneUp Utilities 2006\rtl60.bpl]  <Borland Software Corporation><6.0.6.241>
    [C:\Program Files\TuneUp Utilities 2006\vcl60.bpl]  <Borland Software Corporation><6.0.6.240>
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  <Symantec Corporation><7.50.00.846>
[PID: 680][C:\Program Files\NavNT\rtvscan.exe]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\Dec2.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2ARJ.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2ID.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2LHA.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\SymLHA.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2LZ.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2MIME.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2Zip.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2AMG.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\SYMAMG32.DLL]  <Symantec Corporation with portions by FUJITSU DEVICES INC.><2.16.0.45>
    [C:\Program Files\NavNT\Dec2UUE.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2SS.dll]  <Symantec Corporation><2.16.0.45>
    [C:\Program Files\NavNT\Dec2RTF.dll]  <Symantec Corporation><2.16.0.45>
    [C:\WINNT\system32\CBA.DLL]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\MsgSys.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\NTS.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\PDS.DLL]  <Intel Corporation><6.0.201.0940 E>
    [C:\Program Files\NavNT\NAVLU.dll]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\NAVNTUTL.DLL]  <Symantec/Peter Norton Group><1, 0, 0, 1>
    [C:\Program Files\NavNT\i2ldvp3.dll]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\NAVAPI32.DLL]  <Symantec Corp.><4.1.0.6>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060223.009\NAVEX32a.DLL]  <Symantec Corporation><20051.3.1.11>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060223.009\NAVENG32.DLL]  <Symantec Corporation><20051.3.1.11>
    [C:\Program Files\NavNT\NAVAP32.DLL]  <Symantec Corporation><5.3.1.39>
    [C:\WINNT\system32\amslib.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\loc32vc0.dll]  <Intel><3, 0, 0, 2>
[PID: 896][C:\WINNT\System32\hkcmd.exe]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\hccutils.DLL]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxdev.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxsrvc.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxhk.dll]  <Intel Corporation><3.0.0.4020>
    [C:\WINNT\System32\igfxres.dll]  <Intel Corporation><3.0.0.4020>
[PID: 900][C:\Program Files\NavNT\vptray.exe]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\Cliscan.dll]  <Symantec Corporation><7.50.00.846>
    [C:\Program Files\NavNT\NAVNTUTL.DLL]  <Symantec/Peter Norton Group><1, 0, 0, 1>
    [C:\Program Files\NavNT\Cliproxy.dll]  <Symantec Corporation><7.50.00.846>
[PID: 944][C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe]  <Sun Microsystems, Inc.><5.0.60.5>
[PID: 976][C:\WINNT\system32\ctfmon.exe]  <Microsoft Corporation><1.00.2409.34 built by: Lab06_N>

[PID: 912][C:\WINNT\system32\regsvc.exe]  <Microsoft Corporation><5.00.2195.6701>
[PID: 952][C:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6704>
[PID: 1028][C:\WINNT\system32\tlntsvr.exe]  <Microsoft Corporation><5.00.99206.1>
[PID: 1084][C:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0100>
[PID: 1096][C:\WINNT\system32\mspmspsv.exe]  <Microsoft Corporation><7.10.00.3059>
[PID: 1120][C:\WINNT\system32\Dfssvc.exe]  <Microsoft Corporation><5.00.2195.6664>
[PID: 1424][C:\WINNT\system32\MsgSys.EXE]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\NTS.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\CBA.DLL]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\MsgSys.dll]  <Intel Corporation><6.0.201.0940 E>
    [C:\WINNT\system32\PDS.DLL]  <Intel Corporation><6.0.201.0940 E>
[PID: 1508][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 1580][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  <Sun Microsystems, Inc.><5.0.60.5>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 740][D:\bea\jdk142_05\jre\bin\javaw.exe]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\client\jvm.dll]  <Sun Microsystems, Inc.><1.4.2.50>
    [D:\bea\jdk142_05\jre\bin\hpi.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\verify.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\java.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\zip.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\awt.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\fontmanager.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\jpeg.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\cmm.dll]  <N/A><N/A>
    [D:\bea\weblogic81\workshop\ws_native.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\net.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\nio.dll]  <N/A><N/A>
    [D:\bea\jdk142_05\jre\bin\dcpr.dll]  <N/A><N/A>
[PID: 1568][C:\WINNT\System32\cidaemon.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 1712][C:\WINNT\system32\conime.exe]  <Microsoft Corporation><5.00.2195.6655>
[PID: 584][C:\Program Files\Thunder Network\Thunder\Thunder.exe]  <Thunder Networking Technologies,LTD><5.1.4.174>
    [C:\Program Files\Thunder Network\Thunder\UpdateDownload.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 2>
    [C:\Program Files\Thunder Network\Thunder\download_interface.dll]  <Thunder Networking Technologies,LTD><1, 0, 1, 66>
    [C:\Program Files\Thunder Network\Thunder\log4cplus.dll]  <><1, 0, 2, 1>
    [C:\Program Files\Thunder Network\Thunder\stlport_vc646.dll]  <STLport Consulting, Inc.><4.6.2003.1031>
    [C:\Program Files\Thunder Network\Thunder\msgmanage.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 15>
    [C:\Program Files\Thunder Network\Thunder\historyinfo_manage.dll]  <Thunder Networking Technologies,LTD><5, 2, 0, 148>
    [C:\Program Files\Thunder Network\Thunder\iEmbed.dll]  <Thunder Networking Technologies,LTD><1, 1, 0, 22>
    [C:\Program Files\Thunder Network\Thunder\RegisterDll.dll]  <Thunder Networking Technologies,LTD><1, 2, 0, 7>
    [C:\Program Files\Thunder Network\Thunder\FloatBar.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 2>
    [C:\Program Files\Thunder Network\Thunder\iTargetAd.dll]  <Thunder Networking Technologies,LTD><1, 0, 0, 59>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2288][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  <Sun Microsystems, Inc.><5.0.60.5>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2108][C:\Program Files\Super Rabbit\MagicSet\magicset.exe]  <Super Rabbit Soft><7.46>
[PID: 2312][C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE]  <Super Rabbit Soft><7.46>
    [C:\WINNT\system32\shlobj71.ocx]  <Sky Software (http://www.ssware.com)><7, 1, 0, 0>
[PID: 2324][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  <Sun Microsystems, Inc.><5.0.60.5>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2476][D:\Temp\Rar$EX01.532\SREng.exe]  <Smallfrogs Studio><2.0.12.350>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================