机子总是在休眠的时候重启，大约有4次了，每次都在运行visualfortran 以及一个自编的计算程序
用flashget 从ftp上下载电影时发现总是压用鼠标点击浮动窗口才会正常下载，不点击时，2~3秒后速率就会降到0,我试了很多次，都是这样

系统是xp，sp2，还未激活，其他运行还可以
那位高手能不能告诉我这是怎么回事，是不是病毒啊。。
xiexie

用Autoruns保存一个日志发上来
日志保存方法:选择File->Save菜单项
保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮)

工具的下载、使用参考http://forum.ikaka.com/topic.asp?board=28&artid=7318038第14楼

谢谢 BlackStone

我打开autoruns后file->Save和options都是不可选的呀

http://forum.ikaka.com/topic.asp?board=28&artid=6979213用一楼附件的扫描工具扫个日志上来看看

好了

请你帮我看看，谢谢了
不能用文件上传，我就贴在下面了，有点乱：

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run           

+ DAEMON Tools-2052    Virtual DAEMON Manager    DAEMON'S HOME    d:\soft\d-tools\daemon.exe

+ OfficeScanNT Monitor    I/O Monitor    Trend Micro Inc.    c:\program files\trend micro\officescan client\pccntmon.exe

+ SoundMan    Realtek Sound Manager    Realtek Semiconductor Corp.    c:\windows\soundman.exe

+ TkBellExe    RealNetworks Scheduler    RealNetworks, Inc.    c:\program files\common files\real\update_ob\realsched.exe

C:\Documents and Settings\All Users\「开始」菜单\程序\启动           

+ Acrobat Assistant.lnk    AcroTray    Adobe Systems Inc.    d:\soft\adobe\acrobat 6.0\distillr\acrotray.exe

HKLM\System\CurrentControlSet\Services           

+ matlabserver            d:\soft\matlab701\webserver\bin\win32\matlabserver.exe

+ ntrtscan        Trend Micro Inc.    c:\program files\trend micro\officescan client\ntrtscan.exe

+ OfcPfwSvc    OfcPfwSvc    Trend Micro Inc.    c:\program files\trend micro\officescan client\ofcpfwsvc.exe

+ tmlisten        Trend Micro Inc.    c:\program files\trend micro\officescan client\tmlisten.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ Adobe.Acrobat.ContextMenu    Adobe Acrobat Elements    Adobe Systems Inc.    d:\soft\adobe\acrobat 6.0\acrobat elements\contextmenu.dll

+ Display Panning CPL Extension            File not found: deskpan.dll

+ HyperTerminal Icon Ext    HyperTerminal Applet Library    Hilgraeve, Inc.    c:\windows\system32\hticons.dll

+ Shell Extensions for RealOne Player    RealPlayer Shell Extensions    RealNetworks, Inc.    d:\soft\real\realplayer\rpshell.dll

+ WinRAR shell extension            d:\soft\winrar\rarext.dll

+ {506F4668-F13E-4AA1-BB04-B43203AB3CC0}            d:\soft\microsoft office\visio11\visshe.dll

+ {D66DC78C-4F61-447F-942B-3FB6980118CF}            d:\soft\microsoft office\visio11\visshe.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects           

+ AcroIEHlprObj Class    Adobe Acrobat IE Helper Version 6.0 for ActivieX    Adobe Systems Incorporated    d:\soft\adobe\acrobat 6.0\acrobat\activex\acroiehelper.dll

+ AcroIEToolbarHelper Class            d:\soft\adobe\acrobat 6.0\acrobat\acroiefavclient.dll

+ IeCatch2 Class    jccatch Module    Amaze Soft    d:\soft\flashget\jccatch.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar           

+ FlashGet Bar    FlashGet IE Bar    Amaze Soft    d:\soft\flashget\fgiebar.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions           

+ &FlashGet    FlashGet    Amaze Soft    d:\soft\flashget\flashget.exe

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors           

+ Adobe PDF Port    Acrobat ? PDF Port    Adobe Systems Incorporated.    c:\windows\system32\adobepdf.dll

谢谢神无
上面是我用BlackStone介绍的autoruns保存的日志，可以吗

这是用hijackthis保存的日志文件，各位帮忙看看：

HijackThis@Qoo的扫描日志  V1.97.7
Scan saved at 19:21:23, on 2005-11-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
d:\soft\MATLAB701\webserver\bin\win32\matlabserver.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
D:\SYSTEM\SYS_TEMP\BJB081.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\soft\Adobe\Acrobat 6.0\Distillr\acrotray.exe
D:\soft\Kingsoft\PowerWord 2005\XDICT.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\soft\FlashGet\flashget.exe
C:\WINDOWS\system32\mdm.exe
D:\Downloads\hijackthis1.97_qoo\HijackThis.exe

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\soft\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\soft\FlashGet\jccatch.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - d:\soft\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\soft\FlashGet\fgiebar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - d:\soft\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [DAEMON Tools-2052] "d:\soft\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: NTUSER.DAT
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O4 - Global Startup: ntuser.dat
O4 - Global Startup: ntuser.dat.LOG
O8 - Extra context menu item: 使用网际快车下载 - D:\soft\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\soft\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://d:\soft\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: FlashGet (HKLM)
O9 - Extra 'Tools' menuitem: &FlashGet (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131953805578
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{95EAA255-BFE3-4CE5-9B1D-6CE57E17935C}: NameServer = 218.104.80.77,202.119.64.123

用1.99.1版本的再扫一个,这个版本太老了

这个可以吧：

HijackThis_815汉化版扫描日志 V1.99.1
保存于      20:48:21, 日期 2005-11-15
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
d:\soft\MATLAB701\webserver\bin\win32\matlabserver.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
D:\SYSTEM\SYS_TEMP\BJB081.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\soft\Adobe\Acrobat 6.0\Distillr\acrotray.exe
D:\soft\Kingsoft\PowerWord 2005\XDICT.EXE
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\explorer.exe
D:\soft\Microsoft Visual Studio\Common\MSDev98\Bin\msdev.exe
D:\soft\Netease\popo2004\popo.exe
D:\soft\Microsoft Visual Studio\Common\MSDev98\Bin\vcspawn.exe
J:\zhoubin2\md\KC_new\add_KC\Debug\add_KC.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Downloads\hijackthis1.991\HijackThis1991zww.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\soft\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\soft\FlashGet\jccatch.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - d:\soft\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\soft\FlashGet\fgiebar.dll
O3 - IE工具栏增项: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - d:\soft\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 启动项HKLM\\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - 启动项HKLM\\Run: [DAEMON Tools-2052] "d:\soft\D-Tools\daemon.exe"  -lang 1033
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Acrobat Assistant.lnk = D:\soft\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\soft\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\soft\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://d:\soft\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - 浏览器额外的按钮: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - d:\soft\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\soft\FlashGet\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\soft\FlashGet\flashget.exe
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131953805578
O17 - HKLM\System\CCS\Services\Tcpip\..\{95EAA255-BFE3-4CE5-9B1D-6CE57E17935C}: NameServer = 218.104.80.77,202.119.64.123
O23 - NT 服务: MATLAB Server (matlabserver) - Unknown owner - d:\soft\MATLAB701\webserver\bin\win32\matlabserver.exe
O23 - NT 服务: OfficeScanNT 实时扫描 (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - NT 服务: OfficeScanNT 个人防火墙 (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - NT 服务: OfficeScanNT 侦听程序 (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe

【回复“鱼鸟”的帖子】

从日志看不出有你所说的问题，应该跟你下载URL有关