该窗口名称是：www.flash25.com，是小窗口模式
偶尔会弹出什么10X10000.COM的窗口（好像是这个不经常出现，不太记得了）

可能是某些游戏网站在我登陆的时候恶意写入了该代码，注册表我检查过，找不到该网站的痕迹.
根据网上一些方法，我在IE的根目录的HOST里把该网站屏蔽了，但是依然会弹出窗口，只是窗口里的内容变白屏了！同时也关闭了信使服务，并用MSCONFIG检查了启动项目，无发现可疑！另使用卡卡的IE修复助手修复过，依然没解决问题！！！

我想该代码是一鼠标点击IE后启动的，应该在注册表里有个项，但是以我水平我找不到。请有识之士帮忙看看怎么解决，附带日志：

Logfile of HijackThis v1.99.1
Scan saved at 10:52:56, on 2006-8-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\runservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Vrv\Client\vrvnet.exe
C:\Vrv\Client\vrvmon.exe
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Tencent\qq\QQ.exe
D:\Program Files\Tencent\qq\TIMPlatform.exe
D:\Program Files\Tencent\qq\qqpet\qqpet.exe
D:\QQPetNurse0719(2.16)\QQPetNurse.exe
D:\Program Files\Tencent\qq\QQ.exe
D:\Program Files\街头篮球大联盟\HspL.exe
D:\Program Files\Tencent\qq\qqpet\qqpet.exe
D:\Temp\BitComet.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\软件\杀毒软件\HijackThis.exe

R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NaviHelperObj Class - {3E422F49-1566-40D3-B43D-077EF739AC32} - C:\WINDOWS\system32\NaviHelper.dll
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - d:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [vrvnet] C:\Vrv\Client\vrvnet.exe
O4 - HKLM\..\Run: [xysecond] C:\Vrv\Client\vrvmon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\Tencent\qq\QQ.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra button: 免费精彩视频超流畅在线观看 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - Extra 'Tools' menuitem: 播霸电视 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - Extra button: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - Extra 'Tools' menuitem: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O10 - Unknown file in Winsock LSP: c:\windows\vmaildog.dll
O10 - Unknown file in Winsock LSP: c:\windows\vmaildog.dll
O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} (MMCPlayer Class) - http://p3p.sogou.com/MMCShell.cab
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.tvkoo.com/update/KooPlayer.ocx
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {ABA7CC7F-019D-47DB-A0D2-B3C2B3AC1B44} (Fc2Boot Class) - http://210.51.5.71/onet/ActiveX/fc2boot.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl-1.0.0.90-signed.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

为什么这个世界上那么少高手呢？？
真是潜水高手！！！！

问题好像解决了，现在在观看效果中，如果到下午都没弹出那该死的窗口，我就把解决方法写上来！

以下几项你确定一下
C:\WINDOWS\wt\updater\wcmdmgrl.exe
c:\windows\vmaildog.dll
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis，扫描结束后在下列选项前打上勾，然后选"修复
O2 - BHO: NaviHelperObj Class - {3E422F49-1566-40D3-B43D-077EF739AC32} - C:\WINDOWS\system32\NaviHelper.dll
重启后删除
C:\WINDOWS\system32\NaviHelper.dll
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

谢谢无邪解答：
C:\WINDOWS\wt\updater\wcmdmgrl.exe
——wcmdmgrl.exe - 进程信息. 进程文件： wcmdmgrl 或者wcmdmgrl.exe 进程 名称： Wcmdmgrl 描述： wcmdmgrl.exe是Wild Tangent相关程序，它用于在线检测Wild Tangent公司相关网络驱动升级。

c:\windows\vmaildog.dll
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
好像都是和游戏相关的一些项目。

有问题的是C:\WINDOWS\system32\NaviHelper.dll，刚才我是在注册表里上删除了所有的NaviHelper.dll键值，和删除了C:\WINDOWS\system32\NaviHelper.dll和C：/WINDOWS/SYSTEM32/HOST.dat。
到目前为止，没再弹出窗口了。
另外根据你的提示，我使用 System Repair Engineer 2.0.21.505 (2.0 RC 2)扫描日志如下：

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <NVMixerTray><"C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe">  [NVIDIA Corporation]
    <vrvnet><C:\Vrv\Client\vrvnet.exe>  [BeiXinYuan]
    <xysecond><C:\Vrv\Client\vrvmon.exe>  [vrv]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
    <QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <wcmdmgr><C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch>  [WildTangent, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe>  [Microsoft Corporation]
    <UIHost><logonui.exe>  [Microsoft Corporation]

==================================
启动文件夹
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk><N>
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk><N>
[InterVideo WinCinema Manager]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\InterVideo WinCinema Manager.lnk><N>
[腾讯QQ]
  <C:\Documents and Settings\ravenroy\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[LicCtrl Service / LicCtrlService]
  <C:\WINDOWS\runservice.exe><N/A>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[P4P Service / P4P Service]
  <C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>

==================================
浏览器加载项
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <d:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <D:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>
[kele8]
  {84920E5F-3788-49cd-A274-E365578DF174} <http://www.kele8.com/, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <d:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\flashget.exe, Amaze Soft>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[KooPlayer Control]
  {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} <C:\WINDOWS\DOWNLO~1\KOOPLA~1.OCX, viviMedia>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[Fc2Boot Class]
  {ABA7CC7F-019D-47DB-A0D2-B3C2B3AC1B44} <C:\WINDOWS\Downloaded Program Files\fc2boot.dll, 北京线线通科技开发有限公司>
[pCastPanel Class]
  {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} <C:\WINDOWS\Downloaded Program Files\pCastCtl.dll, >
[IDMIEHlprObj Class]
  {0055C089-8582-441B-A0BF-17B458C2A3A8} <C:\Program Files\Internet Download Manager\IDMIECC.dll, N/A>
[QuickTime Object]
  {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Computer, Inc.>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >

[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[KooPlayer Control]
  {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} <C:\WINDOWS\DOWNLO~1\KOOPLA~1.OCX, viviMedia>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <d:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <D:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Fc2Boot Class]
  {ABA7CC7F-019D-47DB-A0D2-B3C2B3AC1B44} <C:\WINDOWS\Downloaded Program Files\fc2boot.dll, 北京线线通科技开发有限公司>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\flash.ocx, Macromedia, Inc.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[pCastPanel Class]
  {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} <C:\WINDOWS\Downloaded Program Files\pCastCtl.dll, >
[上传到QQ网络硬盘]
  <D:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <D:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <D:\Program Files\Tencent\qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Program Files\Tencent\qq\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 544][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 592][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 616][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 664][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 676][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 828][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 892][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 956][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1028][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1044][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1348][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1460][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1496][C:\WINDOWS\runservice.exe]  <N/A><N/A>
    [C:\WINDOWS\mmfs.dll]  <N/A><2.0.10.4>
[PID: 1528][C:\WINDOWS\system32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.8310>
[PID: 1560][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1576][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 1972][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1736][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2649 (xpsp.050406-1732)>
    [D:\PROGRA~1\FlashGet\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [C:\Program Files\Common Files\Ahead\lib\NeroDigitalExt.dll]  <Nero AG><2, 0, 0, 8>
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
    [C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll]  <Nero AG><2, 0, 4, 3>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\IDM Computer Solutions\UltraEdit-32\ue32ctmn.dll]  <><1, 0, 0, 1>
    [C:\Program Files\Common Files\Ahead\lib\MediaLibraryNSE.dll]  <Nero AG><1, 0, 2, 8>
    [D:\Program Files\Mobile Phone Manager\DES\DESShellExt.dll]  <Siemens AG><1, 2, 5, 135>
    [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><7.0.7.2006011200>
[PID: 440][C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe]  <NVIDIA Corporation><1.0.444>
    [C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerZHC.dll]  <NVIDIA Corporation><1.0.444>
    [C:\Program Files\Common Files\NVIDIA Shared\Audio\NVAudioMod.dll]  <NVIDIA Corporation><1.0.444>
[PID: 564][C:\Vrv\Client\vrvnet.exe]  <BeiXinYuan><2006.5.18>
[PID: 508][C:\Vrv\Client\vrvmon.exe]  <vrv><1, 0, 0, 1>
    [C:\Vrv\Client\vrvmonsc.dll]  <BeiXinYuan><1, 0, 0, 1>
    [C:\Vrv\Client\vrvcfg.dll]  <N/A><N/A>
    [C:\Vrv\Client\vrvdll.dll]  <N/A><N/A>
    [C:\Vrv\Client\UNARJ.dll]  <N/A><N/A>
    [C:\Vrv\Client\UNZIP.dll]  <N/A><N/A>
    [C:\Vrv\Client\vrvguard.dll]  <N/A><N/A>
[PID: 304][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 196][C:\WINDOWS\wt\updater\wcmdmgr.exe]  <WildTangent, Inc.><1.6.0.37>
[PID: 948][D:\Program Files\Tencent\qq\qqpet\qqpet.exe]  <腾讯公司><2, 39, 101, 2>
    [D:\Program Files\Tencent\qq\qqpet\QQPetResDownload.dll]  <><6, 1, 101, 55>
    [D:\Program Files\Tencent\qq\qqpet\QQPetCommunity.dll]  <><6, 2, 101, 1>
    [C:\WINDOWS\system32\macromed\flash\flash.ocx]  <Macromedia, Inc.><8,5,0,246>
[PID: 2360][D:\QQPetNurse0719(2.16)\QQPetNurse.exe]  <永恒E网><2.1.6.0>
    [C:\WINDOWS\system32\macromed\flash\flash.ocx]  <Macromedia, Inc.><8,5,0,246>
[PID: 2584][D:\Program Files\Tencent\qq\qqpet\qqpet.exe]  <腾讯公司><2, 39, 101, 2>
    [D:\Program Files\Tencent\qq\qqpet\QQPetResDownload.dll]  <><6, 1, 101, 55>
    [D:\Program Files\Tencent\qq\qqpet\QQPetCommunity.dll]  <><6, 2, 101, 1>
    [C:\WINDOWS\system32\macromed\flash\flash.ocx]  <Macromedia, Inc.><8,5,0,246>
[PID: 1660][C:\Documents and Settings\ravenroy\桌面\sreng2_PConline\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  Error. [UltraEdit.txt]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  Error. [regedit.exe %1]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [UltraEdit.ini]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  Error. [UltraEdit.js]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

另外，我在无邪提醒下找到有问题的是C:\WINDOWS\system32\NaviHelper.dll是根据SeAnalyst v4.0的安全评估，然后根据风险性最大的几个项目针对性的在网上查资料，查出这个DLL有问题的！下面是该软件的检测日志：

#T0 SecAnalyst 分析报告 版本:0, 4, 0, 47
#操作系统 : Microsoft Windows XP Professional Service Pack 2 (Build 2600) (CHS)
#系统目录 : C:\WINDOWS\system32
#浏览器  : Internet Explorer 6.0.2900.2180
#生成时间 : 2006-8-21 11:22:56

#T2 请把报告贴到安全救援中心bbs.s-sos.net,我们的专家会为你做出诊断，另外，报告中的安全风险值仅仅表示可疑程度。
#Q1 (请在此输入你的电脑遇到的问题和异常情况..)


#O4  危险    自启动:[hkey_local_machine\software\microsoft\windows\currentversion\shell extensions\approved\eLicense Control]-c:\windows\lcmmfu.cpl
#O4  警告    自启动:[hkey_local_machine\software\microsoft\windows\currentversion\run\xysecond]-c:\vrv\client\vrvmon.exe
#O4  警告    自启动:[hkey_local_machine\software\microsoft\windows\currentversion\run\vrvnet]-c:\vrv\client\vrvnet.exe
#O4  警告    自启动:[hkey_local_machine\software\microsoft\windows\currentversion\shell extensions\approved\Shell Extensions for RealOne Player]-c:\program files\real\realplayer\rpshell.dll
#O4  警告    自启动:[hkey_local_machine\software\microsoft\windows\currentversion\run\QuickTime Task]-"c:\program files\quicktime\qttask.exe" -atboottime
#O4  低风险  自启动:[hkey_local_machine\software\microsoft\windows\currentversion\run\wcmdmgr]-c:\windows\wt\updater\wcmdmgrl.exe -launch
#O4  低风险  自启动:[hkey_local_machine\software\microsoft\windows\currentversion\shell extensions\approved\WinRAR shell extension]-c:\program files\winrar\rarext.dll
#O4  低风险  自启动:[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shell folders\InterVideo WinCinema Manager.lnk]-c:\documents and settings\all users\「开始」菜单\程序\启动\intervideo wincinema manager.lnk
#O4  低风险  自启动:[hkey_local_machine\software\microsoft\windows\currentversion\shell extensions\approved\Display Panning CPL Extension]-deskpan.dll [file not found]
#O4  低风险  自启动:[hkey_local_machine\software\microsoft\windows\currentversion\shell extensions\approved\jetAudio]-d:\program files\jetaudio\jetflext.dll
#O4  低风险  自启动:[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shell folders\Adobe Gamma Loader.lnk]-c:\documents and settings\all users\「开始」菜单\程序\启动\adobe gamma loader.lnk
#O4  低风险  自启动:[hkey_local_machine\software\microsoft\windows\currentversion\run\NVMixerTray]-"c:\program files\nvidia corporation\nvmixer\nvmixertray.exe"
#O4  低风险  自启动:[hkey_local_machine\software\microsoft\windows\currentversion\shell extensions\approved\nView Desktop Context Menu]-c:\windows\system32\nvshell.dll
#O4  低风险  自启动:[hkey_local_machine\software\microsoft\windows\currentversion\shell extensions\approved\Desktop Explorer Menu]-c:\windows\system32\nvshell.dll
#O4  低风险  自启动:[hkey_local_machine\software\microsoft\windows\currentversion\shell extensions\approved\Desktop Explorer]-c:\windows\system32\nvshell.dll


#D0  低风险  驱动: C:\WINDOWS\system32\drivers\EagleNT.sys
#D0  低风险  驱动: C:\Vrv\Client\filemon.sys
#D0  低风险  驱动: C:\WINDOWS\system32\drivers\Xprotector.sys
#D0  低风险  驱动: C:\WINDOWS\system32\drivers\oreans32.sys
#D0  低风险  驱动: C:\WINDOWS\system32\drivers\actser.sys
#D0  低风险  驱动: C:\WINDOWS\System32\Drivers\dtscsi.sys
#D0  低风险  驱动: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
#D0  低风险  驱动: C:\WINDOWS\system32\drivers\pfc.sys
#D0  低风险  驱动: C:\WINDOWS\System32\Drivers\SPTD7981.SYS

#R0  警告    Homepage: http://www.google.cn/ - HKCU\Software\Microsoft\Internet Explorer\Main, Start Page

#O2  危险    BHO: {3E422F49-1566-40D3-B43D-077EF739AC32} - C:\WINDOWS\system32\NaviHelper.dll
#O2  警告    BHO: {54EBD53A-9BC1-480B-966A-843A333CA162} - d:\Program Files\Tencent\QQ\QQIEHelper.dll
#O2  低风险  BHO: {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
#O2  低风险  BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

#O3  低风险  Toolbar: {E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - D:\PROGRA~1\FlashGet\fgiebar.dll
#O3  低风险  Toolbar: {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} -  - C:\WINDOWS\system32\kakatool.dll

#M0  危险    DLL:D:\Program Files\街头篮球大联盟\HackShield\EGRNAPX2.DLL
#M0  警告    DLL:D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
#M0  警告    DLL:C:\WINDOWS\system32\UxTheme.dll
#M0  低风险  DLL:D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
#M0  低风险  DLL:D:\PROGRA~1\FlashGet\jccatch.dll
#M0  低风险  DLL:C:\WINDOWS\system32\msxml3.dll

#P0  危险    进程:d:\program files\街头篮球大联盟\hspl.exe
#P0  危险    进程:c:\windows\system32\nvsvc32.exe
#P0  危险    进程:e:\软件\杀毒软件\hijackthis.exe
#P0  警告    进程:c:\windows\runservice.exe
#P0  警告    进程:c:\vrv\client\vrvmon.exe
#P0  警告    进程:c:\vrv\client\vrvnet.exe
#P0  警告    进程:c:\windows\wt\updater\wcmdmgr.exe
#P0  低风险  进程:c:\program files\nvidia corporation\nvmixer\nvmixertray.exe
#P0  低风险  进程:d:\qqpetnurse0719(2.16)\qqpetnurse.exe

#S0  危险    NT 服务: NVSvc - 启动方式: 自动 - 当前状态: 已启动 - C:\WINDOWS\system32\nvsvc32.exe
#S0  警告    NT 服务: LicCtrlService - 启动方式: 自动 - 当前状态: 已启动 - C:\WINDOWS\runservice.exe
#S0  警告    NT 服务: P4P Service - 启动方式: 已禁用 - 当前状态: 已停止 - C:\Program Files\Common Files\Sogou PXP\p2psvr.exe
#S0  低风险  NT 服务: WMConnectCDS - 启动方式: 手动 - 当前状态: 已停止 - C:\Program Files\Windows Media Connect 2\wmccds.exe
#S0  低风险  NT 服务: HidServ - ServiceDll - C:\WINDOWS\System32\hidserv.dll - [file not found]

#O1  低风险  Hosts: 127.0.0.1 www.flash25.com

#O10 低风险  Winsock LSP: (Protocol handler) - C:\WINDOWS\VMailDog.dll

#O18 低风险  Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll"
#O18 低风险  Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL


您的电脑整体安全风险为中(102分)，请尽快咨询安全专家，协助处理!

C:\WINDOWS\mmfs.dll
这一项你是什么，你自己确定吧
运行(双击)System Repair Engineer，使用“系统修复，文件关联，勾选“全选”点“修复”使所有扩展名都恢复正常。

mmfs.dll——elicense部分复制使用的一些保障和游戏软件. 如果没有这项服务运行,无法抽出elicense包装和执行计划 ！。。。。。

可能是我装了一些游戏免CD的补丁导致出现的项目。。。为了游戏能正常运行，只不管它了。

最后谢谢无邪指导，我直接修复了！
另，多问一句，无邪，你的电脑用SecAnalyst扫描一下安全分数是多多少啊？能告诉一下吗？

我没用过SecAnalyst，但我估计安全分数一定很低。
呵呵，我没装杀软，只装了一个防火墙。