就是玩游戏  卡卡的. 不知道什么情况,貌似后台有程序在运行!

[用户系统信息]Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; TencentTraveler ; Mozilla/4.0(Compatible Mozilla/4.0(Compatible-EmbeddedWB 14.59 http://bsalsa.com/ EmbeddedWB- 14.59  from: http://bsalsa.com/ ; .NET CLR 1.1.4322)

[CODE]

2008-04-10,15:25:38

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <Thunder><"D:\Thunder\Thunder.exe" /s>  [Thunder Networking Technologies,LTD]
    <360Safetray><D:\360safe\safemon\360Tray.exe /start>  [奇虎网]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player 6.4><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mswmp.inf,PerUserStub>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <C:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[smService / smService][Running/Auto Start]
  <C:\WINDOWS\system32\smService.exe><N/A>

==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS][Stopped/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Stopped/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[CdaC15BA / CdaC15BA][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[C-Media PCI Audio Driver (WDM) / cmpci][Running/Manual Start]
  <system32\drivers\cmaudio.sys><C-Media Inc>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><AhnLab, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[laqijaj / laqijaj][Running/Boot Start]
  <\SystemRoot\\SystemRoot\System32\drivers\laqijaj.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[34265 / 34265][Running/Manual Start]
  <2 - 系统找不到指定的文件。
><N/A>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[GerneralPeerID Class]
  {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} <D:\Thunder\Components\InMedia\peerid.dll, >
[CEnroll Class]
  {127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[番茄工具条 3.0]
  {6451F285-9E41-4D8C-813D-794CA7BFEAB4} <C:\WINDOWS\system32\IETool.dll, N/A>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\Thunder\Components\InMedia\MediaAddin16.dll, Thunder Networking Technologies,LTD>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <D:\360safe\live.dll, 360.cn>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Thunder DapCtrl]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\DapCtrl1.5.578.28.92.dll, ShenZhen Thunder Networking Technologies Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <D:\Thunder\Components\DownAndPlay\DapPlayer3.0.578.69.92.dll, ShenZhen Thunder Networking Technologies Ltd.>
[SrchHook Class]
  {F08555B0-9CC3-11D2-AA8E-000000000000} <C:\WINDOWS\system32\IEBHO.dll, N/A>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
[使用迅雷下载]
  <D:\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Thunder\Program\getallurl.htm, N/A>

==================================
正在运行的进程
[PID: 560 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 608 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 632 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 676 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 688 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 848 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1040 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1140 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1236 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1348 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 320 / SYSTEM][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  [Macrovision, 4.20.020]
[PID: 340 / SYSTEM][C:\Program Files\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 3, 15]
[PID: 504 / SYSTEM][C:\WINDOWS\system32\smService.exe]  [N/A, ]
[PID: 268 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1412 / Administrator][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.27]
[PID: 1600 / Administrator][D:\360safe\safemon\360Tray.exe]  [奇虎网, 4, 0, 3, 1011]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 0, 3, 1011]
    [D:\360safe\safemon\SafeKrnl.dll]  [奇虎网, 4, 0, 3, 1008]
    [D:\360safe\AntiAdwa.dll]  [360Safe.com, 4, 0, 3, 1009]
    [D:\360safe\live.dll]  [360.cn, 1, 0, 1, 1025]

[PID: 1760 / Administrator][D:\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.7.9.466]
    [D:\Thunder\Program\BugReport.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 15]
    [D:\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 4, 62]
    [D:\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 3, 0, 2, 307]
    [D:\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [D:\Thunder\Program\asyn_frame.dll]  [, 1, 0, 2, 7]
    [D:\Thunder\Program\backend_agent.dll]  [, 1, 0, 2, 11]
    [D:\Thunder\Program\ptl.dll]  [Thunder Networking Technologies, LTD, 1, 0, 2, 12]
    [D:\Thunder\Program\p2p_upload.dll]  [, 1, 0, 2, 7]
    [D:\Thunder\Program\fs.dll]  [, 1, 0, 2, 7]
    [D:\Thunder\Program\p2p.dll]  [, 1, 0, 2, 12]
    [D:\Thunder\Program\p2p_local_res.dll]  [, 1, 0, 2, 7]
    [D:\Thunder\Program\p2sp.dll]  [, 1, 0, 2, 13]
    [D:\Thunder\Program\down_dispatcher.dll]  [, 1, 0, 2, 12]
    [D:\Thunder\Program\xldc.dll]  [Thunder Networking Technologies,LTD, 1, 5, 2, 9]
    [D:\Thunder\Program\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 16]
    [D:\Thunder\Program\stream.dll]  [, 2, 0, 2, 308]
    [D:\Thunder\Program\al.dll]  [, 1, 1, 2, 9]
    [D:\Thunder\Program\emule_id.dll]  [, 1, 0, 2, 6]
    [D:\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 4, 5, 21]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 0, 3, 1011]
    [D:\Thunder\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 3, 34]
    [D:\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 10]
    [D:\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 8, 26]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
    [D:\Thunder\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 2, 24]
    [D:\Thunder\Components\InMedia\iEmbed16.dll]  [Thunder Networking Technologies,LTD, 3, 4, 7, 103]
    [D:\Thunder\Components\InMedia\PlayerHelper.dll]  [thunder, 1, 1, 5, 41]
    [D:\Thunder\Components\InMedia\XLIPC.DLL]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [D:\Thunder\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 5, 70]
    [D:\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 2, 0, 0, 21]
    [D:\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 17, 0, 67]
    [D:\Thunder\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Thunder\Components\Security\ThunderSafe.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 77]
    [D:\Thunder\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Thunder\Components\Security\XLSafeUI.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 77]
    [D:\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 6, 21]
    [D:\Thunder\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 2, 3, 25]
    [D:\Thunder\Plugins\XLSafeHost\XLSafeHost.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 59]
    [D:\Thunder\Plugins\KanKanTop\KanKanTop.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
    [D:\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 18]
    [D:\Thunder\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 11, 106]
    [D:\Thunder\Components\VPSHELL\VPSHELL.dll]  [迅雷网络, 3, 0, 1, 33]
    [D:\Thunder\Components\UserExperience\UserExperience.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 3]
    [D:\Thunder\Components\Tips\XLIPC.DLL]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [D:\Thunder\Components\ResWorker\DsXlCom.dll]  [, 1, 0, 0, 29]
    [D:\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [D:\Thunder\Components\ResWorker\MediaWorker.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 22]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\Thunder\Components\DownloadStat\DownloadStat.dll]  [Thunder Networking Technologies,LTD, 1, 4, 1, 6]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
[PID: 1756 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2684 / Administrator][D:\360safe\360hotfix.exe]  [奇虎网, 4, 0, 1, 1003]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 0, 3, 1011]
    [D:\360safe\LeakCheck.dll]  [360Safe.com, 4, 0, 3, 1002]
[PID: 1500 / Administrator][D:\360safe\SoftMgr\SoftManager.exe]  [奇虎网, 1, 0, 0, 1004]
    [D:\360safe\SoftMgr\SoftWareMgr.dll]  [奇虎网, 1, 0, 0, 1004]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 0, 3, 1011]
    [D:\360safe\LeakCheck.dll]  [360Safe.com, 4, 0, 3, 1002]
[PID: 3104 / Administrator][E:\TT\TTraveler.exe]  [腾讯公司, 3, 3, 200, 290]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 0, 3, 1011]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [E:\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll]  [腾讯公司, 1, 1, 0, 5]
    [E:\TT\Plugins\TWeather\TWeather.dll]  [, 1, 0, 0, 3]
    [E:\TT\TTNetFavor.dll]  [N/A, ]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
[PID: 2424 / Administrator][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 0, 3, 1011]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.2.54.0]
[PID: 1956 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.015\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [D:\360safe\safemon\safemon.dll]  [360.CN, 4, 0, 3, 1011]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.015\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1  yu.8s7.net
127.0.0.1  1.jopanqc.com
127.0.0.1  2.joppnqq.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  xxx.m111.biz
127.0.0.1  1.jopenqc.com
127.0.0.1  1.jopenkk.com
127.0.0.1  xxx.vh7.biz
127.0.0.1  xxx.j41m.com
127.0.0.1  3.joppnqq.com
127.0.0.1  d.93se.com
127.0.0.1  www.868wg.com
127.0.0.1  xxx.mmma.biz
127.0.0.1  ilove.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  www.tomwg.com
127.0.0.1  www.cike007.cn
127.0.0.1  www.22aaa.com
127.0.0.1  xx.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
127.0.0.1  1.jopmmqq.com
127.0.0.1  171817.171817.com
127.0.0.1  d2.llsging.com
127.0.0.1  down.malasc.cn
127.0.0.1  llboss.com
127.0.0.1  nx.51ylb.cn
127.0.0.1  my.531jx.cn
127.0.0.1  qqq.dzydhx.com
127.0.0.1  qqq.hao1658.com
127.0.0.1  www.333292.com
127.0.0.1  down.18dd.net
127.0.0.1  up.22x44.com
127.0.0.1  aaa.faba01.com
127.0.0.1  bad.tqdlt.cn
127.0.0.1  1.chsipo.com
127.0.0.1  c3.aishangai.net
127.0.0.1  c2.aishangai.net
127.0.0.1  xxx.188dm.com
127.0.0.1  x2.1a2b3c1.com
127.0.0.1  d1.163500.net
127.0.0.1  down.google-serv.cn

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1412, C:\WINDOWS\SOUNDMAN.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1600, D:\360SAFE\SAFEMON\360TRAY.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1600, D:\360SAFE\SAFEMON\360TRAY.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1760, D:\THUNDER\PROGRAM\THUNDER5.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2684, D:\360SAFE\360HOTFIX.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2684, D:\360SAFE\360HOTFIX.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1500, D:\360SAFE\SOFTMGR\SOFTMANAGER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1500, D:\360SAFE\SOFTMGR\SOFTMANAGER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3104, E:\TT\TTRAVELER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3720, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

你把日志作为附件发上来

有什么问题吗????????

大虾们  帮我看下有什么问题好么~~~~

有人帮我看看么？

哦 你把生成日志的那个TXT文件传上来 这样看起来方便些。