前天下载了动画到C盘  然后移到了D盘    看完未删    不知道和中病毒有关系不    昨天早晨起来就开机开不起来
本来开机有两下短 滴 滴声      现在一开机    就看到机箱灯闪十几下就没动静了    重复多次后    开机有滴的一声又没动静了  N次以后能开机了    不过连WINDOWS进度条都没看到    就说WINDOWS/SYSTEM32/什么文件损坏啊      F8安全模式也不能进    N次以后好不容易让我装上了次系统盘    是覆盖式重装    更新完    打完补丁    杀毒杀不出    进安全模式杀毒    毒霸是灰的  文件实时防毒监控　　邮件监控　　　恶意行为拦截 监控都被关了    病毒木马是能杀出来的    不过杀完重起还在    又老样子    启动时的机箱灯还是不停闪  闪了十多下以后才能启动  ( 是不是病毒先启动  系统再启动?)    后来又装了次    还是覆盖    能用了 什么都正常  不过开机还是 先闪  闪完才开机    后来又蓝屏了一次    我不放心就格式化了D  E  盘  （因为我装什么都装在D盘的  备份放E盘 ）  但是C盘格式化不来啊    说是有C盘程序在运行不要全关了  我把杀毒都关了也没用啊          网上看了下    不知道是不是Gaobot      因为我也进不去 知名的防毒网站
今天刚开机用扩展软件查了下　　　　C:\WINDOWS\system32\userinit.exe  的注册表值被改动　　　软件自动修复          扩展名.CHM  用于.CHM打开方法  当前值变成了"hh.exe" %1      修复后变为"C:\WINDOWS\hh.exe" %1                              扩展名.HLP    用于.HLP打开方法 　　当前值变成了winhlp32.exe  %1      修复后变为%SystemRoot%\system32\winhlp32.exe  %1      　修复以后重起仍然老一样　　　    进安全模式里　金山毒霸灰色　文件实时防毒监控　　邮件监控　　　恶意行为拦截　都被关了　正常启动　邮件监控是被关了的  正常模式下 杀毒没东西   
(原来用瑞星的 后来换电脑了送一年金山的  刚好瑞星也到期了 就换金山了  现在知道金山不好了 垃圾啊 )

各位　再看下这是刚开机时弄的　谢谢了
System Repair Engineer 2.6.12.1018
Smallfrogs (http://www.KZTechs.com)
Windows XP Home Edition Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <KavPFW><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPFW32.EXE" -startup>  [(Verified)"Zhuhai  Kingsoft Software Co.,Ltd"]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <RTHDCPL><RTHDCPL.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup>  [(Verified)"Zhuhai  Kingsoft Software Co.,Ltd"]
    <StarCenter2.5><C:\Program Files\StarSoftComm\StarCenter2.5\SMBPlatForm.exe>  [StarSoftComm Corporation]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\UserInit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\zhengjie\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>
==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <C:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
  <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
  <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
[SOSSrv / SOSSrv][Stopped/Auto Start]
  <c:\Program files\StarSoftComm\StarOS3.0\SOSSrv.exe><StarSoftComm Corporation>
==================================
驱动程序
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[KAVBase / KAVBase][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
[KAVBootC / KAVBootC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[KAVSafe / KAVSafe][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
[KNetWch / KNetWch][Running/System Start]
  <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KWatch3.sys><Kingsoft Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[StarCenter Backup Volume Filter Driver / ScbkEx][Running/Boot Start]
  <\SystemRoot\system32\drivers\ScbkEx.sys><Windows (R) 2000 DDK provider>
[ScCchMgr / ScCchMgr][Running/Boot Start]
  <\SystemRoot\system32\drivers\sccchmgr.sys><Windows (R) 2000 DDK provider>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[sscfs / sscfs][Running/Boot Start]
  <\SystemRoot\system32\drivers\sscfs.sys><StarSoftComm Corporation>
[sscmon / sscmon][Running/Auto Start]
  <system32\drivers\sscmon.sys><StarSoftComm Corporation>
[ssfltpt / ssfltpt][Running/Boot Start]
  <\SystemRoot\system32\drivers\ssfltpt.sys><StarSoftComm Corporation>
[TSKSP / TSKSP][Stopped/Manual Start]
  <\??\C:\Program Files\Tencent\QQDoctor\TSKSP.sys><Tencent>
==================================
浏览器加载项
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, (Signed) 腾讯公司>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[kingsoft browser shield]
  {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, (Signed) Kingsoft Corporation>
[IEBuddyExtControl Class]
  {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, (Signed) Kingsoft Corporation>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[ScreenCapture Class]
  {BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} <C:\WINDOWS\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, (Signed) 腾讯公司>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[IEBuddyExtControl Class]
  {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, (Signed) Kingsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[ScreenCapture Class]
  {BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} <C:\WINDOWS\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[KUpdateObj2 Class]
  {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\Program Files\KOS\UpdateOcx2.dll, (Signed) Kingsoft Corporation>
[kingsoft browser shield]
  {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, (Signed) Kingsoft Corporation>
[PlayerCtrl Class]
  {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <C:\Program Files\Tencent\QQ\QzoneMusic.dll, (Signed) 深圳腾讯科技>
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[&使用超级旋风下载]
  <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
  <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; QQDownload 1.7; TencentTraveler 4.0)

==================================
正在运行的进程
[PID: 604 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 652 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 680 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4176]
[PID: 724 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 736 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 900 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4178]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2512]
    [C:\WINDOWS\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2524]
[PID: 916 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1004 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1100 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1184 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1268 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1384 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4178]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2512]
    [C:\WINDOWS\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2524]
    [C:\WINDOWS\system32\ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4176]
[PID: 1628 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
[PID: 1864 / zhengjie][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [C:\Program Files\StarSoftComm\StarCenter2.5\HookMgr.dll]  [StarSoftComm Corporation, 2.5]
    [C:\Program Files\StarSoftComm\StarCenter2.5\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\StarSoftComm\StarCenter2.5\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL]  [Kingsoft Corporation, 2008,05,07,373]
[PID: 484 / zhengjie][C:\WINDOWS\RTHDCPL.EXE]  [Realtek Semiconductor Corp., 2.1.5.7]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
[PID: 508 / zhengjie][C:\Program Files\StarSoftComm\StarCenter2.5\SMBPlatForm.exe]  [StarSoftComm Corporation, 2.5]
    [C:\Program Files\StarSoftComm\StarCenter2.5\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\StarSoftComm\StarCenter2.5\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\StarSoftComm\StarCenter2.5\HookMgr.dll]  [StarSoftComm Corporation, 2.5]
[PID: 536 / zhengjie][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
[PID: 132 / SYSTEM][C:\Program Files\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 3, 15]
[PID: 2604 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2712 / zhengjie][C:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
[PID: 3032 / zhengjie][C:\Program Files\Tencent\TT\bin\TTraveler.exe]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\bin\TTUtilWidget.dll]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\bin\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Tencent\TT\bin\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Tencent\TT\bin\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Tencent\TT\bin\TTStore.dll]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\bin\sqlite3.dll]  [N/A, ]
    [C:\Program Files\Tencent\TT\bin\PlatformWidget.dll]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\bin\TTMainFrame.dll]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\bin\TTMBrowser.dll]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\bin\TTabMgr.dll]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\bin\TTPluginMng.dll]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\Plugins\3TTWeather\TTWeather.dll]  [TODO: <公司名>, 1.0.0.1]
    [C:\Program Files\Tencent\TT\bin\TTSkin.dll]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\bin\FavoriteLogical.dll]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\bin\TSupport.dll]  [TENCENT Inc., 1, 2, 11, 201]
    [C:\Program Files\Tencent\TT\bin\TTHtmlApp.dll]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\bin\TTFilter.dll]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\bin\TTNetwork.dll]  [Tencent, 4, 7, 0, 10]
    [C:\Program Files\Tencent\TT\bin\UpdateUtil.dll]  [N/A, ]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\Program Files\StarSoftComm\StarCenter2.5\HookMgr.dll]  [StarSoftComm Corporation, 2.5]
    [C:\Program Files\StarSoftComm\StarCenter2.5\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\StarSoftComm\StarCenter2.5\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 2084 / zhengjie][C:\Documents and Settings\zhengjie\桌面\新建文件夹\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.6.12.1018]
[PID: 336 / zhengjie][C:\Documents and Settings\zhengjie\桌面\新建文件夹\sreng2\SRE47c32b92.EXE]  [Smallfrogs Studio, 2.6.12.1018]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll]  [Kingsoft Corporation, 2008,04,22,364]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Documents and Settings\zhengjie\桌面\新建文件夹\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
Winsock 提供者
N/A
Autorun.inf
N/A
HOSTS 文件
127.0.0.1      localhost
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 508, C:\PROGRAM FILES\STARSOFTCOMM\STARCENTER2.5\SMBPLATFORM.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2084, C:\DOCUMENTS AND SETTINGS\ZHENGJIE\桌面\新建文件夹\SRENG2\SRENGLDR.EXE]
API HOOK
N/A
隐藏进程
N/A

不是病毒

啊 那是什么

应该是硬件问题

日志不好看呀
这么看有难度

那真是麻烦你了 有劳你看的仔细点袄

金山清理专家-在线系统诊断（隐藏安全项）-导出诊断报告-（全选）-导出报告

这个清楚

貌似没病毒的

貌似是木马  我用我老婆QQ玩QQ游戏的 她的QQ被人登过了  我电脑里的WINDOWS\system32\userinit  开机了还在 怎么办捏?

请LZ下次传日志最好保存为附件上传,不要直接回复