为什么每次不管开什么文件,都会出来这个.


另外附带日志
Logfile of HijackThis v1.99.1
Scan saved at 19:26:28, on 2007-07-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\AVG Anti-Spyware\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
D:\Program Files\Tencent\QQ\QQ.exe
D:\卡巴杀软\avp.exe
D:\卡巴杀软\avp.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\360\360safe\360Safe.exe
D:\日志扫描\HijackThis.exe

O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\迅雷5\ComDlls\TDAtOnce_Now.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\迅雷5\ComDlls\xunleiBHO_Now.dll
O4 - HKLM\..\Run: [SKYNET Personal FireWall] D:\天网\Firewall\pfw.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 使用迅雷下载 - D:\迅雷5\Program\GetUrl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - D:\迅雷5\Program\GetAllUrl.htm
O9 - Extra button: Web反病毒统计 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\卡巴杀软\scieplugin.dll
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (PasswordEditCtrl Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{9850A5C1-3C82-4F2A-B485-A683461D6981}: NameServer = 218.76.192.100 218.76.192.101
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE84DD5C-FFEE-4326-8479-20D169A0B0E2}: NameServer = 218.76.192.100
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\AVG Anti-Spyware\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: 卡巴斯基反病毒6.0个人版 (AVP) - Kaspersky Lab - D:\卡巴杀软\avp.exe
O23 - Service: PnpWMmng - Unknown owner - (no file)

再发另一种日志
各位高手：
非常感谢您留心我这份系统诊断报告，小菜鸟十万火急等待您的帮助！
该诊断报告由360安全卫士提供 http://www.360safe.com
诊断时间: 2007-07-07  19:27:55
诊断平台: Microsoft Windows XP  Service Pack 2
IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180
计算机物理内存:255.48MB - 当前可用内存:71.77MB

100 - 未知 - Process: PFW.exe [] -
100 - 未知 - Process: guard.exe [AVG Anti-Spyware guard] - D:\AVG Anti-Spyware\AVG Anti-Spyware 7.5\guard.exe
100 - 未知 - Process: QQ.exe [QQ] - D:\Program Files\Tencent\QQ\QQ.exe
O2 - 未知 - BHO: (ThunderAtOnce Class) - [迅雷浏览器高级特性支持模块] - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\迅雷5\ComDlls\TDAtOnce_Now.dll
O8 - 未知 - Extra context menu item: 上传到QQ网络硬盘 -
O8 - 未知 - Extra context menu item: 使用迅雷下载 - D:\迅雷5\Program\GetUrl.htm
O8 - 未知 - Extra context menu item: 使用迅雷下载全部链接 - D:\迅雷5\Program\GetAllUrl.htm
O8 - 未知 - Extra context menu item: 添加到QQ自定义面板 -
O8 - 未知 - Extra context menu item: 添加到QQ表情 -
O8 - 未知 - Extra context menu item: 用QQ彩信发送该图片 -
O23 - 未知 - Service: AVG Anti-Spyware Guard [AVG Anti-Spyware Guard] - D:\AVG Anti-Spyware\AVG Anti-Spyware 7.5\guard.exe - (running)
O23 - 未知 - Service: AVP [保护计算机远离病毒、间谍软件、黑客攻击、计算机犯罪和垃圾邮件.] - D:\卡巴杀软\avp.exe -r - (running)
O23 - 未知 - Service: PnpWMmng [Windows驱动即插即用管理器] -  - (not running)
O23 - 未知 - Service: RfwProxySrv [Rising Personal Proxy Service] -  - (not running)
O23 - 未知 - Service: RfwService [Rising Personal Firewall Service] -  - (not running)

=======================================

100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量，ms-dos驱动名称类似lpt1以及com，调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统，用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell，包括开始菜单、任务栏，桌面和文件管理。] - C:\WINDOWS\Explorer.EXE
100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\system32\ctfmon.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k imgsvc
100 - 安全 - Process: alg.exe [这是一个应用层网关服务用于网络共享。] - C:\WINDOWS\System32\alg.exe
100 - 安全 - Process: avp.exe [卡巴斯基杀毒软件相关程序。] -
100 - 安全 - Process: avp.exe [卡巴斯基杀毒软件相关程序。] -
100 - 安全 - Process: IEXPLORE.EXE [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\iexplore.exe
100 - 安全 - Process: 360Safe.exe [360安全卫士] - D:\360\360safe\360Safe.exe
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=about:blank
O2 - 安全 - BHO: (Thunder Browser Helper) - [迅雷附带下载监视器相关文件。] - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\迅雷5\ComDlls\xunleiBHO_Now.dll
O4 - 安全 - HKLM\..\Run: [SKYNET Personal FireWall] [天网个人防火墙] D:\天网\Firewall\pfw.exe
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe
O9 - 安全 - Extra button: 卡巴斯基Web反病毒保护插件(HKLM) - D:\卡巴杀软\scieplugin.dll
O16 - 安全 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Flash播放器) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

=======================================

O31 - 未知 - Notify: klogon - C:\WINDOWS\system32\klogon.dll - Kaspersky Lab - Logon Visualizer - 6.0.2.621 - 200768 - 2fb94ab158eb54a2212c8087b7e72340
O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID：Shell extensions for file compression -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID：加密上下文菜单 -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll -  -  -  - 125440 - 35695a178cd97b2520b48b5d02d6efcd
O31 - 未知 - SEApproved: {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} - D:\unlocker\Unlocker1.8.5\UnlockerCOM.dll -  -  -  - 8704 - c84525449bc21797cceba7f8a53ec500
O31 - 未知 - Directory Menu: {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} - D:\unlocker\Unlocker1.8.5\UnlockerCOM.dll -  -  -  - 8704 - c84525449bc21797cceba7f8a53ec500
O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll -  -  -  - 125440 - 35695a178cd97b2520b48b5d02d6efcd
O31 - 未知 - LSA: Security Packages - sv1_0.dll -  -  -  - 0 -
O31 - 未知 - LSA: Security Packages - channel.dll -  -  -  - 0 -

=======================================

O40 - winlogon.exe - Kaspersky Lab - C:\WINDOWS\system32\klogon.dll - Logon Visualizer - 2fb94ab158eb54a2212c8087b7e72340
O40 - Explorer.EXE - Kaspersky Lab - D:\卡巴杀软\scrchpg.dll - Script Checker - 632a777961e99cb61b28599555a2f7a7
O40 - Explorer.EXE -  - D:\unlocker\Unlocker1.8.5\UnlockerCOM.dll -  - c84525449bc21797cceba7f8a53ec500
O40 - Explorer.EXE - Kaspersky Lab - D:\卡巴杀软\ShellEx.dll - Windows Shell Extension - 0904502f01d0d2a42082f0f35b18071c
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll - Microsoft? C Runtime Library - 16d7ddf3b659f7cf1cb9f4dcff4219f0
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll - Microsoft? C++ Runtime Library - 2bc650257fb0867abd54fd460ec2bafc

=======================================

O41 - BaseTDI - basetdi - C:\WINDOWS\system32\drivers\basetdi.sys - (running) - basetdi - Beijing Rising Technology Co., Ltd. - 0064810c1b03f2c889130b669a4ce937
O41 - klif - spuper-ptor - C:\WINDOWS\system32\drivers\klif.sys - (running) - spuper-ptor - Kaspersky Lab - 1b28fa1580438192a14e88b5834397ca
O41 - npkcrypt - nProtect KeyCrypt Driver - D:\Program Files\Tencent\QQ\npkcrypt.sys - (running) - nProtect KeyCrypt Driver - INCA Internet Co., Ltd. - 8bcb281a2540e7aff0cd00f9878fe21f
O41 - PnpWmkDrv - PnpWmkDrv - C:\WINDOWS\system32\drivers\PnpWmkDrv.sys - (running) -  -  - ce5a9ec8892d5dfb09d031f5ad501cac
O41 - RsAntiSpyware - Anti-RootKit Driver - C:\WINDOWS\system32\drivers\RsBoot.sys - (running) - Anti-RootKit Driver - Beijing Rising Technology Co., Ltd. - cb84b955e179c6b9931803262e1f10f3
O41 - SKNFW - SKNFW - C:\WINDOWS\system32\drivers\SKNFW.sys - (running) -  -  - 3d40ce47367347c16c5e0a47178ac677
O41 - SkyProcs - SkyProcs - D:\天网\Firewall\SkyProcs.sys - (running) -  -  - d521f5c4007e185ea5575fedd3382798
O41 - EagleNT - EagleNT - C:\WINDOWS\system32\drivers\EagleNT.sys - (not running) -  -  -
O41 - HookUrl - HookUrl - D:\防火墙\Rising\Rfw\HookUrl.sys - (not running) -  -  -
O41 - kmsinput - kmsinput - C:\WINDOWS\system32\drivers\kmsinput.sys - (not running) -  -  - f8d6ebcb50c02b42c5ffd5393229c6b6
O41 - mProcRs - mProcRs - d:\防火墙\rising\rfw\mProcRs.sys - (not running) -  -  -
O41 - RsFwDrv - RsFwDrv - D:\防火墙\Rising\Rfw\RsFwDrv.sys - (not running) -  -  -
O41 - TSP - spuper-ptor - C:\WINDOWS\system32\drivers\klif.sys - (not running) - spuper-ptor - Kaspersky Lab - 1b28fa1580438192a14e88b5834397ca
O41 - ZSMC301b - Video streaming and Capture Device Driver - C:\WINDOWS\system32\drivers\usbVM31b.sys - (not running) - Video streaming and Capture Device Driver - VM - 134583611ce538a2d3d18ddd7a34df5c

=======================================
360Safe.exe=3.5.1.1001
AntiAdwa.dll=3.5.1.1001
AntiEng.dll=3.5.1.1001
AntiActi.dll=2.0.0.3000
CleanHis.dll=3.0.2.1000
safelive.exe=1.0.0.2007
live.dll=1.0.1.1016

=======================================
操作历史报告：

----------全面诊断修复历史----------

2007-05-21 23:54
O6 - 危险 - 禁止IE首页相关设置 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
O6 - 危险 - 禁止IE相关功能 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions
2007-05-21 23:55
O8 - 未知 - 上传到QQ网络硬盘 -
O8 - 未知 - 使用迅雷下载全部链接 - D:\迅雷5\Program\getallurl.htm
O8 - 未知 - 添加到QQ自定义面板 -
O8 - 未知 - 添加到QQ表情 -
O8 - 未知 - 用QQ彩信发送该图片 -
2007-05-21 23:55
O4 - 未知 - KKDelay - D:\卡卡\RunOnce.exe
2007-05-29 21:51
O6 - 危险 - 禁止IE首页相关设置 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
O6 - 危险 - 禁止IE相关功能 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions
2007-05-29 21:52
100 - 未知 - TIMPlatform.exe - D:\Program Files\Tencent\QQ\TIMPlatform.exe
2007-05-29 21:52
100 - 未知 - Qzone.exe - D:\Program Files\Tencent\QQ\Qzone\Qzone.exe
2007-05-31 21:43
100 - 未知 - TIMPlatform.exe - D:\Program Files\Tencent\QQ\TIMPlatform.exe
2007-06-01 16:40
100 - 未知 - Qzone.exe - D:\Program Files\Tencent\QQ\Qzone\Qzone.exe
2007-06-01 16:40
100 - 未知 - TIMPlatform.exe - D:\Program Files\Tencent\QQ\TIMPlatform.exe
2007-06-01 16:40
O2 - 未知 - PopBlocker Class -
R0 - 未知 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
2007-06-13 11:28
100 - 未知 - TIMPlatform.exe - D:\Program Files\Tencent\QQ\TIMPlatform.exe
2007-06-14 14:31
O16 - 未知 - 下载的ActiveX插件 - C:\WINDOWS\system32\qqedit\qqedit.dll
2007-06-14 14:31
O4 - 未知 - KKDelay - D:\卡卡\RunOnce.exe
2007-06-14 14:32
100 - 未知 - TIMPlatform.exe - D:\Program Files\Tencent\QQ\TIMPlatform.exe
2007-06-14 14:32
100 - 未知 - Rsaupd.exe - D:\卡卡\Rsaupd.exe
2007-06-19 08:15
O2 - 未知 - 浏览器辅助对象(BHO) -
2007-06-19 08:15
O2 - 未知 - 浏览器辅助对象(BHO) -
2007-06-19 08:16
100 - 未知 - TIMPlatform.exe - D:\Program Files\Tencent\QQ\TIMPlatform.exe
2007-06-19 08:16
O8 - 未知 - 使用迅雷下载全部链接 - D:\迅雷5\Program\getallurl.htm
O8 - 未知 - 添加到QQ自定义面板 - D:\Program Files\Tencent\QQ\AddPanel.htm
O8 - 未知 - 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
2007-07-01 19:50
O8 - 未知 - 添加到QQ自定义面板 - D:\Program Files\Tencent\QQ\AddPanel.htm
2007-07-01 19:50
O8 - 未知 - 上传到QQ网络硬盘 - D:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - 未知 - 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - 未知 - 用QQ彩信发送该图片 - D:\Program Files\Tencent\QQ\SendMMS.htm
O9 - 未知 - 启动迅雷5 - D:\迅雷5\Thunder.exe
O9 - 未知 - 浩方对战平台 - D:\浩方\HFGameOPT\GameClient.exe