Logfile of HijackThis v1.99.1
Scan saved at 22:32:43, on 2006-9-2
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\SKYNET\FIREWALL\pfw.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\干女\ha_hijackthis_1991\HijackThis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4613.dll (file missing)
O2 - BHO: (no name) - {16B770A0-0E87-4278-B748-2460D64A8386}? - (no file)
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\System32\KakaTool.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SKYNET Personal FireWall] C:\PROGRA~1\SKYNET\FIREWALL\pfw.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A}? - C:\Program Files\浩方对战平台\GameClient.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\wshcon32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wshcon32.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{C4D20D16-B7E1-441E-AEBD-7E962DA2EBEF}: NameServer = 202.102.199.68
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe

【回复“啊洋victor”的帖子】
c:\windows\system32\wshcon32.dll
以前发上来的时候也是要我删除
可是进入安全模式却无法删除 说 写保护

2006-09-02,23:05:53

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IgfxTray><C:\WINDOWS\System32\igfxtray.exe>  [Intel Corporation]
    <HotKeysCmds><C:\WINDOWS\System32\hkcmd.exe>  [Intel Corporation]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <SKYNET Personal FireWall><C:\PROGRA~1\SKYNET\FIREWALL\pfw.exe>  [sky.net.cn]
    <KAVPersonal50><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize>  [Kaspersky Lab]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    <WinlogonNotify: NavLogon><C:\WINDOWS\System32\NavLogon.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Thunder><; "C:\Program Files\Thunder Network\Thunder\Thunder.exe" /s>  [Thunder Networking Technologies,LTD]
    <VVSN><; C:\Program Files\VVSN\VVSN.exe>  [WhenU.com]

==================================
启动文件夹
服务
[DefWatch / DefWatch]
  <C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe><Symantec Corporation>
[kavsvc / kavsvc]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe"><Kaspersky Lab>
[Symantec AntiVirus Client / Norton AntiVirus Server]
  <C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe><Symantec Corporation>
[Windows Firewall/Internet Connection Sharing (SIC) / Service33224]
  <c:\windows\system32\winloger.exe><N/A>

==================================
正在运行的进程
[PID: 392][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 444][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 472][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\System32\NavLogon.dll]  <N/A><N/A>
[PID: 528][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 540][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 692][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 716][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 788][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 844][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1008][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
[PID: 1220][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2800.1221 (xpsp2.030511-1403)>
[PID: 1320][C:\WINDOWS\System32\igfxtray.exe]  <Intel Corporation><3,0,0,1918>
    [C:\WINDOWS\System32\hccutils.DLL]  <Intel Corporation><3,0,0,1918>
    [C:\WINDOWS\System32\igfxdev.dll]  <Intel Corporation><3,0,0,1918>
    [C:\WINDOWS\System32\igfxsrvc.dll]  <Intel Corporation><3,0,0,1918>
    [C:\WINDOWS\System32\igfxres.dll]  <Intel Corporation><3,0,0,1918>
    [C:\WINDOWS\System32\igfxress.dll]  <Intel Corporation><3,0,0,1918>
[PID: 1328][C:\WINDOWS\System32\hkcmd.exe]  <Intel Corporation><3,0,0,1918>
    [C:\WINDOWS\System32\hccutils.DLL]  <Intel Corporation><3,0,0,1918>
    [C:\WINDOWS\System32\igfxdev.dll]  <Intel Corporation><3,0,0,1918>
    [C:\WINDOWS\System32\igfxsrvc.dll]  <Intel Corporation><3,0,0,1918>
    [C:\WINDOWS\System32\igfxhk.dll]  <Intel Corporation><3,0,0,1918>
    [C:\WINDOWS\System32\igfxres.dll]  <Intel Corporation><3,0,0,1918>
[PID: 1336][C:\WINDOWS\SOUNDMAN.EXE]  <Realtek Semiconductor Corp.><5.1.0.22>
[PID: 1348][C:\PROGRA~1\SKYNET\FIREWALL\pfw.exe]  <sky.net.cn><2.6.2.1>
[PID: 1372][C:\WINDOWS\System32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 1452][C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe]  <Symantec Corporation><8.1.0.821>
[PID: 1564][C:\WINDOWS\System32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 1932][E:\干女\sreng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
[PID: 748][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\System32\KakaTool.dll]  <Beijing Rising Technology Co., Ltd.><2, 0, 0, 9>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\scrchpg.dll]  <Kaspersky Lab><5.0.1.18>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\scrch_ag.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\FSSync.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\pr_rmt.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ccclient.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\klipc.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\KLUtil.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\rpt.dll]  <Kaspersky Lab><5.0.388.2>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\CCIFACE.dll]  <Kaspersky Lab><5.0.388.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\prloader.dll]  <Kaspersky Lab><5.0.388.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\prkernel.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal pro\prstring.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal pro\pr_srv.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal pro\pr_clnt.ppl]  <Kaspersky Lab><5.0.388.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal pro\tempfile.ppl]  <Kaspersky Lab><5.0.388.0>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

在c:\windows\system32\目录下没有发现winloger.exe 只看见了个winlogon.exe

有，就是有时候浏览速度很快，以前都是这样，可是最近几天不知怎么浏览器底下的进度一会快，一会停滞，有时候就彻底开不了网页。

恩，谢谢了，麻烦你了。