【求助】打开“我的电脑”需要20秒是怎么回事？请帮忙(1) bbs.ikaka.com

糊涂虫一个 - 2006-6-15 10:26:00

我遇到的问题来龙去脉如下：
1.大约两个月前我上网时(用IE6.0)，偶尔会出现网页没用反应，右键不起作用的现象，关闭所有窗口重运行IE就恢复了；
2.后来需要重启计算机才管用；
3.两周前IE彻底无法启动了，出现“Microsoft Internet Explorer 遇到问题需要关闭。我们对此引起的不便表示抱歉。”对话框；
4.我安装了Maxthon1.5.2 (build21) Unicode，可以正常使用计算机和上网；
5.由于升级QQ，QQ游戏下载总是默认用IE，就想修复IE’
6.我用了雅虎助手的"IE修复"中的一键修复功能，也按提示到安全模式下用了修复功能；
7.结果昨天打开“我的电脑”或进任何一个目录都需要45秒，接头有进步，要20秒多点儿；
8.计算机其他功能，如CAD、上网、聊天、游戏看起来还都正常；
9.regedit无法运行，提示：“找不到''regedit''”；
10.Hijackthis(1911汉化版)扫描日志如下：

我遇到的问题来龙去脉如下：
1.大约两个月前我上网时(用IE6.0)，偶尔会出现网页没用反应，右键不起作用的现象，关闭所有窗口重运行IE就恢复了；
2.后来需要重启计算机才管用；
3.两周前IE彻底无法启动了，出现“Microsoft Internet Explorer 遇到问题需要关闭。我们对此引起的不便表示抱歉。”对话框；
4.我安装了Maxthon1.5.2 (build21) Unicode，可以正常使用计算机和上网；
5.由于升级QQ，QQ游戏下载总是默认用IE，就想修复IE’
6.我用了雅虎助手的"IE修复"中的一键修复功能，也按提示到安全模式下用了修复功能；
7.结果昨天打开“我的电脑”或进任何一个目录都需要45秒，接头有进步，要20秒多点儿；
8.计算机其他功能，如CAD、上网、聊天、游戏看起来还都正常；
9.regedit无法运行，提示：“找不到''regedit''”；
10.Hijackthis(1911汉化版)扫描日志如下：

Logfile of HijackThis v1.99.1
Scan saved at 8:36:32, on 2006-6-15
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\Winnt\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\OfficeScan NT\pccntmon.exe
C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe
C:\Winnt\system32\rundll32.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\Program Files\hxupdate\hxgame-update.exe
C:\Winnt\system32\Rundll32.exe
C:\Winnt\system32\rundll32.exe
C:\PROGRA~1\baigoo\bgoomain.exe
C:\Winnt\temp\realsched.exe
C:\Winnt\system32\internat.exe
D:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
D:\Program Files\Kingsoft\Powerword 2003\XDICT.EXE
D:\Program Files\Tencent\QQ\QQ.exe
D:\Program Files\Tencent\QQ\TIMPlatform.exe
D:\Program Files\Maxthon\Maxthon.exe
C:\Winnt\system32\NOTEPAD.EXE
D:\Program Files\FlashGet\flashget.exe
C:\Winnt\system32\PYINTAU.EXE
D:\tools\ccproxy62\CCProxy.exe
D:\Program Files\Lotus\Notes\NLNOTES.EXE
D:\Program Files\Lotus\Notes\nhldaemn.EXE
D:\tools\HijackThis.exe
C:\Winnt\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Winnt\system32\taskmgr.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\Winnt\system32\xunleibho_v4.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DESKAD~1\deskipn.dll
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\Winnt\system32\wmpdrm.dll
O2 - BHO: Shockwave Flash Object - {14A21378-5BB1-4BC4-95D5-5D3F51527F6F} - C:\WINNT\system32\swflash.ocx
O2 - BHO: MyIEHelper Class - {16A770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4567.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - d:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: Macrosoft Class - {58DB541D-F15A-4e95-A5D9-5DF5EE13920C} - c:\windows\system32\winlogin.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: std software - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\Winnt\System32\stdup.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Progra~1\Baidu\bar\BaiDuBar.dll
O2 - BHO: bg - {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} - C:\Program Files\baigoo\BGooBHO.dll
O2 - BHO: Router Video 40 - {8465D755-AFE0-40ef-BC5E-2290D2C1F31F} - C:\Winnt\System32\rv40.dll
O2 - BHO: Mini PPGou BHO - {92FB5F8F-8254-4978-9C50-03D9B0405062} - C:\PROGRA~1\MINIPP~1\MINIPP~1.DLL
O2 - BHO: NewWeb Controller - {9ACEEE30-143F-471A-AA45-72B061FE7D60} - C:\WINNT\system32\WinSC64.dll
O2 - BHO: NewWeb Controller - {9ACEEE31-1440-471B-AA46-72B061FE7D61} - C:\WINNT\system32\WinSC32.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Common Files\justDo\Jd2002.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: HBObject Class - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} - C:\PROGRA~1\hbclient\tbhelper.dll
O2 - BHO: MacroMediapd - {B8CCDD47-38E4-4CD2-B7FA-3B4B690F74BD} - C:\Winnt\system32\microapmddt.dll
O2 - BHO: (no name) - {BB866DA9-E293-4D4E-A395-9455AE92B600} - C:\WINNT\system32\perferer.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - d:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Winnt\system32\qylhelper.dll
O2 - BHO: 珊瑚虫工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file)
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - Toolbar: 珊瑚虫工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - Toolbar: 搜刮音乐 - {902DF477-B757-44DD-9430-2EE942187BEC} - C:\PROGRA~1\Sogua\SOGUAT~1.DLL
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [svrhost] C:\Winnt\System32\svrhost.exe
O4 - HKLM\..\Run: [MS-4011 Memory Patch] C:\Documents and Settings\user.LULIN-1\桌面\RavSasser.exe -Patch
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Windows Update] C:\Winnt\system32\AutoUpdate.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\OfficeScan NT\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Uninstall0001] "C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe" LASTCALL!adverts.stripsaver.com!StatsStripSaver
O4 - HKLM\..\Run: [helper.dll] C:\Winnt\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "D:\tools\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [] regedit -s C:\$NtUninstallQ5926809$\sp4custom.dll
...

贴不下，需另开贴了。

我无邪 - 2006-6-15 14:19:00

贴开那去了？？
就在原帖粘来就行了。
先解决你的流氓软件问题吧
建议你下载超级兔子。
http://www.pctutu.com/srmsdown.asp
安装好后，打开“超级兔子优化王”“专业卸载，卸载所有提示的垃圾软件。
卸载时不要打开任何浏览窗口，卸载完后，请重启。
双击我的电脑，工具，文件夹选项，查看，单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示确定更改时，单击“是”，清除“隐藏已知文件类型的扩展名
另外提示（C:\DOCUME~1\你的用户名\LOCALS~1\Temp就是C:\Documents and Settings\你的用户名\Local Settings\Temp，C:\PROGRA~1就是C:\Program Files）
删除
C:\PROGRA~1\Yahoo!
C:\PROGRA~1\DESKAD~1
C:\Winnt\system32\wmpdrm.dll
C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4567.dll
c:\windows\system32\winlogin.dll
C:\Winnt\System32\stdup.dll
C:\Program Files\baigoo
C:\WINNT\system32\WinSC64.dll
C:\WINNT\system32\WinSC32.dll
C:\Program Files\Common Files\justDo
C:\Winnt\system32\microapmddt.dll
C:\Winnt\system32\qylhelper.dll
C:\Program Files\Infofo Bar
关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis，扫描结束后在下列选项前打上勾，然后选"修复""
O2 - BHO: Macrosoft Class - {58DB541D-F15A-4e95-A5D9-5DF5EE13920C} - c:\windows\system32\winlogin.dll
O4 - HKLM\..\Run: [svrhost] C:\Winnt\System32\svrhost.exe
O4 - HKLM\..\Run: [] regedit -s C:\$NtUninstallQ5926809$\sp4custom.dll
删除
C:\$NtUninstallQ5926809$
C:\Winnt\System32\svrhost.exe
c:\windows\system32\winlogin.dll
修复后再重启。
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

糊涂虫一个 - 2006-6-16 16:16:00

本来是紧接着开的新贴，不知道哪去了。
这是剩余没贴上的报告，谢谢这位大侠继续给看看。我这就试试您办法。

O4 - HKLM\..\Run: [3721] C:\$NtUninstallQ5926809$\3721.bat
O4 - HKLM\..\Run: [hxgame-update] C:\Program Files\hxupdate\hxgame-update.exe
O4 - HKLM\..\Run: [spoolsv] C:\Winnt\system32\spoolsv\spoolsv.exe -printer
O4 - HKLM\..\Run: [RichMedia] C:\Winnt\system32\Rundll32.exe "C:\PROGRA~1\hbclient\tbhelper.dll",WaitWindows
O4 - HKLM\..\Run: [Desktop] C:\Winnt\system32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O4 - HKLM\..\Run: [bgoomain.exe] C:\PROGRA~1\baigoo\bgoomain.exe
O4 - HKLM\..\Run: [MSService_v1.0] C:\Winnt\temp\realsched.exe
O4 - HKLM\..\RunOnce: [IEw2k_cleanup] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\Program Files\Internet Explorer\IE Uninstall
O4 - HKLM\..\RunOnce: [BrandClearStubs] RUNDLL32 IEDKCS32.DLL,BrandCleanInstallStubs >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - Global Startup: Acrobat Assistant.lnk = D:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: OfficeScanNT Monitor.lnk = C:\OfficeScan NT\PccNTMon.exe
O4 - Global Startup: 金山词霸 2003.lnk = D:\Program Files\Kingsoft\Powerword 2003\XDICT.EXE
O8 - Extra context menu item: &使用迷你迅雷下载 - D:\Program Files\Maxthon\Thundermini\geturl.htm
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Common Files\justDo\IECatcher.DLL/FlashCatcher.htm
O8 - Extra context menu item: 使用影音传送带下载 - D:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: 使用影音传送带下载全部链接 - D:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - D:\PROGRA~1\NetAnts\NetAnts.exe
O9 - Extra ''Tools'' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - D:\PROGRA~1\NetAnts\NetAnts.exe
O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=?allyesPara=816 (file missing)
O9 - Extra button: 珊瑚虫工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O9 - Extra ''Tools'' menuitem: 珊瑚虫工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\justDo\IECatcher.DLL
O9 - Extra ''Tools'' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\justDo\IECatcher.DLL
O9 - Extra button: 词霸 - {9A687CA6-D585-4947-9ED9-BE96071F5CD9} - d:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Winnt\web\related.htm
O9 - Extra ''Tools'' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Winnt\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra ''Tools'' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra ''Tools'' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra ''Tools'' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - Extra button: 易趣购物 - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=50 (file missing)
O9 - Extra ''Tools'' menuitem: 易趣购物 - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=50 (file missing)
O10 - Broken Internet access because of LSP provider ''c:\winnt\system32\cdnns.dll'' missing
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupIniCtrl Class) - http://192.168.8.7/officescan/clientinstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - http://192.168.8.7/officescan/clientinstall/setup.cab
O16 - DPF: {2D0C7226-747E-11D6-83F0-00E04C4A2F90} (Mediachip ADPlayer Control) - http://videoad.sohu.com/video/videoadserver4/MCADPlayer.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/aliedit.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - http://192.168.8.7/officescan/clientinstall/RemoveCtrl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (趋势科技在线扫毒程序) - http://www.trendmicro.com.cn/housecall/xscan53.cab
O16 - DPF: {76FFDFB5-04C4-11D3-893A-00505682087D} (Windchill Bootstrap) - http://fawpdm/Windchill/install/boot_IE.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DBAC83A0-6A2B-4535-8720-57C69F064DB5}: NameServer = 192.168.8.5
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Winnt\system32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Winnt\system32\urlmon.dll
O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - d:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Winnt\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\Winnt\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\Winnt\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\Winnt\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Winnt\system32\urlmon.dll
O18 - Protocol: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\Winnt\wc98pp.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Winnt\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Winnt\system32\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Winnt\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Winnt\system32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Winnt\system32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\Winnt\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Winnt\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Winnt\system32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Winnt\system32\mshtml.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Winnt\system32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\System32\msdxm.ocx
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\Winnt\System32\dmadmin.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\Winnt\System32\NMSSvc.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\OfficeScan NT\ntrtscan.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Unknown owner - C:\OfficeScan NT\tmlisten.exe
O23 - Service: UCManSvc - Paltiosoft Inc. - C:\Winnt\UCharge\UCManSvc.exe
O23 - Service: Unigraphics Plot Server (ugiipqd) (ugiipqd) - Unknown owner - C:\Winnt\System32\spool\ugplot\ugiipqd.exe
O23 - Service: Unigraphics License Server (uglmd) - GLOBEtrotter Software Inc. - D:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe

魔法学徒 - 2006-6-16 16:34:00

O4 - HKLM\..\Run: [3721] C:\$NtUninstallQ5926809$\3721.bat
O4 - HKLM\..\Run: [hxgame-update] C:\Program Files\hxupdate\hxgame-update.exe
O4 - HKLM\..\Run: [spoolsv] C:\Winnt\system32\spoolsv\spoolsv.exe -printer
O4 - HKLM\..\Run: [RichMedia] C:\Winnt\system32\Rundll32.exe "C:\PROGRA~1\hbclient\tbhelper.dll",WaitWindows
O4 - HKLM\..\Run: [Desktop] C:\Winnt\system32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O4 - HKLM\..\Run: [bgoomain.exe] C:\PROGRA~1\baigoo\bgoomain.exe
O4 - HKLM\..\Run: [MSService_v1.0] C:\Winnt\temp\realsched.exe
O4 - HKLM\..\RunOnce: [IEw2k_cleanup] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\Program Files\Internet Explorer\IE Uninstall

都修复一下

删除

C:\$NtUninstallQ5926809$\
C:\Winnt\system32\spoolsv\
C:\PROGRA~1\hbclient\
C:\Program Files\DeskAdTop\
C:\Winnt\temp\realsched.exe

jinjin367637 - 2006-6-16 22:03:00

汗，跟无邪大哥相比我还是差很多，我只是从楼主用雅虎助手做的报告里看出了这些有问题，
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\Winnt\system32\wmpdrm.dll

O2 - BHO: std software - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\Winnt\System32\stdup.dll

O2 - BHO: bg - {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} - C:\Program Files\baigoo\BGooBHO.dll

O2 - BHO: HBObject Class - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} - C:\PROGRA~1\hbclient\tbhelper.dll

我无邪 - 2006-6-16 22:55:00

用兔子卸载后
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

糊涂虫一个 - 2006-6-19 16:59:00

首先感谢无邪大侠和魔法版主，用兔子卸载了流氓软件后果然速度已经恢复了，但有些问题如故，例如regedit还是运行不了。
更麻烦的是出现了新问题：我的计算机无法再登陆这个论坛了！登陆提示“[warning]system be attacked”。我只好用别人的电脑上来继续求助。

按提示，显示了所有文件和文件名之后能知道的要删的文件基本都删了，剩下spoolsv.exe和.exe删不掉。另有很多找不到的。
用了兔子后的hijackthis扫描日志如下：
HijackThis_zww汉化版扫描日志 V1.99.1
保存于 16:40:36, 日期 2006-6-19
操作系统： Windows 2000 SP3 (WinNT 5.00.2195)
浏览器： Internet Explorer v6.00 (6.00.2600.0000)

当前运行的进程：
C:\Winnt\Explorer.EXE
C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe
C:\Winnt\system32\internat.exe
D:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\OfficeScan NT\PccNTMon.exe
D:\Program Files\Kingsoft\Powerword 2003\XDICT.EXE
D:\tools\HijackThis1991汉化版\HijackThis1991zww.exe

O3 - IE工具栏增项: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - IE工具栏增项: 搜刮音乐 - {902DF477-B757-44DD-9430-2EE942187BEC} - C:\PROGRA~1\Sogua\SOGUAT~1.DLL
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [MS-4011 Memory Patch] C:\Documents and Settings\user.LULIN-1\桌面\RavSasser.exe -Patch
O4 - 启动项HKLM\\Run: [OfficeScanNT Monitor] "C:\OfficeScan NT\pccntmon.exe" -HideWindow
O4 - 启动项HKLM\\Run: [Uninstall0001] "C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe" LASTCALL!adverts.stripsaver.com!StatsStripSaver
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "D:\tools\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\RunOnce: [Super Rabbit Winspeed] "D:\tools\MagicSet\winspeed.exe" /autokill:81,119,118,117,116,115,114,113,112,111,110,109,108,107,106,105,104,103,102,101,100,99,98,97,96,95,94,93,92,91,90,89,88,87,86,85,84,83,82,80,79,78,77,76,75,74,73,72,71,70,69,68,67,66,65,64,63,62,61,60,59,58,57,56,55,54,53,52,51,50,49,48,47,46,45,44,43,42,41,40,39,38,37,36,35,34,33,32,31,30,29,28,27,26,25,24,23,22,21,20,19,18,17,16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1
O4 - 启动项HKCU\\Run: [Internat.exe] internat.exe
O4 - Global Startup: Acrobat Assistant.lnk = D:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: OfficeScanNT Monitor.lnk = C:\OfficeScan NT\PccNTMon.exe
O4 - Global Startup: 金山词霸 2003.lnk = D:\Program Files\Kingsoft\Powerword 2003\XDICT.EXE
O8 - IE右键菜单中的新增项目: &使用迷你迅雷下载 - D:\Program Files\Maxthon\Thundermini\geturl.htm
O8 - IE右键菜单中的新增项目: Save Flash with Flash Catcher - res://C:\Program Files\Common Files\justDo\IECatcher.DLL/FlashCatcher.htm
O8 - IE右键菜单中的新增项目: 使用影音传送带下载 - D:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - IE右键菜单中的新增项目: 使用影音传送带下载全部链接 - D:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O9 - 浏览器额外的按钮: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - D:\PROGRA~1\NetAnts\NetAnts.exe
O9 - 浏览器额外的“工具”菜单项: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - D:\PROGRA~1\NetAnts\NetAnts.exe
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing)
O10 - Broken Internet access because of LSP provider 'c:\winnt\system32\cdnns.dll' missing
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupIniCtrl Class) - http://192.168.8.7/officescan/clientinstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - http://192.168.8.7/officescan/clientinstall/setup.cab
O16 - DPF: {2D0C7226-747E-11D6-83F0-00E04C4A2F90} (Mediachip ADPlayer Control) - http://videoad.sohu.com/video/videoadserver4/MCADPlayer.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/aliedit.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - http://192.168.8.7/officescan/clientinstall/RemoveCtrl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (趋势科技在线扫毒程序) - http://www.trendmicro.com.cn/housecall/xscan53.cab
O16 - DPF: {76FFDFB5-04C4-11D3-893A-00505682087D} (Windchill Bootstrap) - http://fawpdm/Windchill/install/boot_IE.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DBAC83A0-6A2B-4535-8720-57C69F064DB5}: NameServer = 192.168.8.5
O18 - 列举现有的协议: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - d:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\Winnt\System32\dmadmin.exe
O23 - NT 服务: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\Winnt\System32\NMSSvc.exe
O23 - NT 服务: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\OfficeScan NT\ntrtscan.exe
O23 - NT 服务: OfficeScanNT Listener (tmlisten) - Unknown owner - C:\OfficeScan NT\tmlisten.exe
O23 - NT 服务: UCManSvc - Paltiosoft Inc. - C:\Winnt\UCharge\UCManSvc.exe
O23 - NT 服务: Unigraphics Plot Server (ugiipqd) (ugiipqd) - Unknown owner - C:\Winnt\System32\spool\ugplot\ugiipqd.exe
O23 - NT 服务: Unigraphics License Server (uglmd) - GLOBEtrotter Software Inc. - D:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe
（完）
System Repair Engineer扫描日志如下：
（见跟帖）

糊涂虫一个 - 2006-6-19 17:00:00

（上接6楼）
2006-06-19,16:41:00

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 3 (Build 2195)
- 非管理权限用户 - 受限功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Internat.exe><internat.exe> [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Synchronization Manager><mobsync.exe /logon> [Microsoft Corporation]
<KnightIII><> []
<MS-4011 Memory Patch><C:\Documents and Settings\user.LULIN-1\桌面\RavSasser.exe -Patch> []
<OfficeScanNT Monitor><"C:\OfficeScan NT\pccntmon.exe" -HideWindow> [Trend Micro Inc.]
<Uninstall0001><"C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe" LASTCALL!adverts.stripsaver.com!StatsStripSaver> []
<StormCodec_Helper><"D:\tools\Storm Codec\StormSet.exe" /S /opti> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<Super Rabbit Winspeed><"D:\tools\MagicSet\winspeed.exe" /autokill:81,119,118,117,116,115,114,113,112,111,110,109,108,107,106,105,104,103,102,101,100,99,98,97,96,95,94,93,92,91,90,89,88,87,86,85,84,83,82,80,79,78,77,76,75,74,73,72,71,70,69,68,67,66,65,64,63,62,61,60,59,58,57,56,55,54,53,52,51,50,49,48,47,46,45,44,43,42,41,40,39,38,37,36,35,34,33,32,31,30,29,28,27,26,25,24,23,22,21,20,19,18,17,16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1> [Super Rabbit Soft]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINNT\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []

==================================
启动文件夹
[Acrobat Assistant]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Acrobat Assistant.lnk><N>
[OfficeScanNT Monitor]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\OfficeScanNT Monitor.lnk><N>
[金山词霸 2003]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\金山词霸 2003.lnk><N>

==================================
服务
[Logical Disk Manager Administrative Service / dmadmin]
<C:\Winnt\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Intel(R) NMS / NMSSvc]
<C:\Winnt\System32\NMSSvc.exe><Intel Corporation>
[OfficeScanNT RealTime Scan / ntrtscan]
<C:\OfficeScan NT\ntrtscan.exe><Trend Micro Inc.>
[OfficeScanNT Listener / tmlisten]
<C:\OfficeScan NT\tmlisten.exe><N/A>
[UCManSvc / UCManSvc]
<C:\Winnt\UCharge\UCManSvc.exe><Paltiosoft Inc.>
[Unigraphics Plot Server (ugiipqd) / ugiipqd]
<C:\Winnt\System32\spool\ugplot\ugiipqd.exe><N/A>
[Unigraphics License Server (uglmd) / Unigraphics License Server (uglmd)]
<D:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe><GLOBEtrotter Software Inc.>

==================================
浏览器加载项
[NetAnts]
{57E91B47-F40A-11D1-B792-444553540000} <D:\PROGRA~1\NetAnts\NetAnts.exe, >
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <d:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <d:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A>
[@msdxmLC.dll,-1@2052,电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, N/A>
[搜刮音乐]
{902DF477-B757-44DD-9430-2EE942187BEC} <C:\PROGRA~1\Sogua\SOGUAT~1.DLL, >
[OfficeScan Corp Edition Web-Deployment SetupIniCtrl Class]
{08D75BB0-D2B5-11D1-88FC-0080C859833B} <C:\WINNT\Downloaded Program Files\OfficeScanSetupIni.dll, Trend Micro Inc.>
[OfficeScan Corp Edition Web-Deployment SetupCtrl Class]
{08D75BC1-D2B5-11D1-88FC-0080C859833B} <C:\WINNT\Downloaded Program Files\OfficeScanSetup.dll, Trend Micro Inc.>
[Mediachip ADPlayer Control]
{2D0C7226-747E-11D6-83F0-00E04C4A2F90} <C:\Winnt\System32\MEDIAC~1\ADPlayer\MCADPL~1.OCX, Mediachip>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\Winnt\system32\aliedit\AliEdit.dll, www.alipay.com>
[OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class]
{5EFE8CB1-D095-11D1-88FC-0080C859833B} <C:\WINNT\Downloaded Program Files\OfficeScanRemoveCtrl.dll, Trend Micro Inc.>
[趋势科技在线扫毒程序]
{74D05D43-3236-11D4-BDCD-00C04F9A3B61} <C:\Winnt\DOWNLO~1\xscan53.ocx, Trend Micro Inc.>
[Windchill Bootstrap]
{76FFDFB5-04C4-11D3-893A-00505682087D} <C:\Winnt\System32\MSJAVA.DLL, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Winnt\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[&使用迷你迅雷下载]
<D:\Program Files\Maxthon\Thundermini\geturl.htm, N/A>
[Save Flash with Flash Catcher]
<res://C:\Program Files\Common Files\justDo\IECatcher.DLL/FlashCatcher.htm, N/A>
[使用影音传送带下载]
<D:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
<D:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A>
[使用网际快车下载]
<D:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<D:\Program Files\FlashGet\jc_all.htm, N/A>

==================================
正在运行的进程
[PID: 1080][C:\Winnt\Explorer.EXE] <Microsoft Corporation><5.00.3502.5321>
[D:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll] <N/A><N/A>
[d:\Program Files\全能音频转换通\ShellEx.dll] <><1, 0, 0, 1>
[D:\Program Files\Tencent\QQ\qdshm.dll] <><1, 0, 1, 2>
[D:\PROGRA~1\WINZIP\WZSHLSTB.DLL] <WinZip Computing, Inc.><4.1 (32-bit)>
[C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL] <N/A><N/A>
[D:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[d:\Program Files\IDM Computer Solutions\UltraEdit-32\ue32ctmn.dll] <><1, 0, 0, 1>
[C:\OfficeScan NT\tmdshell.dll] <Trend Micro Inc.><N/A>
[d:\PROGRA~1\AUDIOC~1\acshext.dll] <Ultimate Shareware Ltd><5, 0, 62, 0>
[d:\PROGRA~1\AUDIOC~1\audconv.dll] <Ultimate Shareware Ltd><5, 0, 664, 0>
[d:\PROGRA~1\AUDIOC~1\audiocd.dll] <AKSoft><1.0rc2>
[C:\Winnt\system32\WNASPI32.DLL] <Adaptec><4.60 (1021)>
[PID: 1180][C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe] <N/A><N/A>
[C:\Program Files\Common Files\Totem Shared\Uninstall0001\Stats.dll] <N/A><N/A>
[C:\Program Files\Common Files\Totem Shared\Uninstall0001\Network.dll] <N/A><N/A>
[C:\Program Files\Common Files\Totem Shared\Uninstall0001\System.dll] <N/A><N/A>
[C:\Program Files\Common Files\Totem Shared\Uninstall0001\Windows.dll] <N/A><N/A>
[C:\Program Files\Common Files\Totem Shared\Uninstall0001\Update.dll] <N/A><N/A>
[PID: 1248][C:\Winnt\system32\internat.exe] <Microsoft Corporation><5.00.2920.0000>
[D:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll] <N/A><N/A>
[PID: 1256][D:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe] <Adobe Systems Inc.><5, 0, 0, 0>
[PID: 1264][C:\OfficeScan NT\PccNTMon.exe] <Trend Micro Inc.><5.58.0.1063>
[C:\OfficeScan NT\PWD.dll] <Trend Micro Inc.><5.58.0.1063>
[C:\OfficeScan NT\dBAllDat.dll] <Trend Micro Inc.><5.58.0.1063>
[C:\OfficeScan NT\tmdbg20.dll] <trend_company_name><1, 0, 0, 1>
[C:\OfficeScan NT\dballcfg.dll] <Trend Micro Inc.><5.58.0.1063>
[C:\OfficeScan NT\c4dll.dll] <N/A><N/A>
[C:\OfficeScan NT\dBAllLog.dll] <Trend Micro Inc.><5.58.0.1063>
[C:\OfficeScan NT\loadhttp.dll] <Trend Micro Inc.><5.58.0.1063>
[C:\OfficeScan NT\ntmonres.dll] <Trend Micro Inc.><5.58.0.1063>
[D:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll] <N/A><N/A>
[PID: 1272][D:\Program Files\Kingsoft\Powerword 2003\XDICT.EXE] <Kingsoft Co, Ltd.><6, 0, 0, 0>
[D:\Program Files\Kingsoft\Powerword 2003\ITextOut.dll] <Kingsoft><1, 1, 0, 0>
[D:\Program Files\Kingsoft\Powerword 2003\CJKTAB32.dll] <N/A><N/A>
[D:\Program Files\Kingsoft\Powerword 2003\XImage32.dll] <N/A><N/A>
[D:\Program Files\Kingsoft\Powerword 2003\xfile.dll] <N/A><N/A>
[D:\Program Files\Kingsoft\Powerword 2003\KPic10.dll] <N/A><N/A>
[D:\Program Files\Kingsoft\Powerword 2003\ijl11.dll] <Intel Corporation><1.1.2>
[D:\Program Files\Kingsoft\Powerword 2003\toTTSEngine50.dll] <Kingsoft Corporation><1, 0, 0, 1>
[D:\Program Files\Kingsoft\Powerword 2003\NormGrab.DLL] <Kingsoft Co, Ltd.><6, 0, 0, 0>
[D:\Program Files\Kingsoft\Powerword 2003\DicMngr.dll] <Kingsoft><1, 0, 0, 0>
[D:\Program Files\Kingsoft\Powerword 2003\DBCore10.dll] <Kingsoft ><1, 0, 0, 0>
[D:\Program Files\Kingsoft\Powerword 2003\XdictGrb.dll] <Kingsoft Co, Ltd.><6, 0, 0, 0>
[D:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll] <N/A><N/A>
[PID: 372][D:\tools\sreng2-System Repair Engineer\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[D:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll] <N/A><N/A>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR Error. [AutoCADScript]
.CHM OK. ["C:\Winnt\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS Error. [C:\Winnt\system32\WScript.exe "%1" %*]
.JS Error. [C:\Winnt\system32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

瑞星卡卡安全论坛