正在运行的进程
[PID: 736 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1100 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1124 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2505 (xpsp.040806-1825)]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
    [C:\WINDOWS\system32\fusstub.dll]  [UPEK Inc., 5.3.0.2815]
    [C:\Program Files\Protector Suite QL\infra.dll]  [UPEK Inc., 5.3.0.2815]
    [C:\Program Files\Protector Suite QL\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Protector Suite QL\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Protector Suite QL\homefus.dll]  [UPEK Inc., 5.3.0.2815]
    [C:\WINDOWS\system32\biologon.dll]  [Microsoft Corporation, 6.00.2497.0000 built by: main(SReasor)]
    [C:\Program Files\Protector Suite QL\homepass.dll]  [UPEK Inc., 5.3.0.2815]
    [C:\Program Files\Protector Suite QL\passport.dll]  [UPEK Inc., 5.3.0.2815]
    [C:\Program Files\Protector Suite QL\BhTcAll.dll]  [UPEK Inc., 5.3.0.2815]
    [C:\Program Files\Protector Suite QL\BhDevTfm.dll]  [UPEK Inc., 5.3.0.2815]
    [C:\Program Files\Protector Suite QL\tfm.dll]  [UPEK, 3.1.0.1013]
    [C:\Program Files\Protector Suite QL\AlgVer.dll]  [UPEK Inc., 5.3.0.2815]
    [C:\Program Files\Protector Suite QL\TCBioLib.dll]  [Veridicom, Inc.  STMicroelectronics, 3, 0, 1, 1]
    [C:\Program Files\Protector Suite QL\remote.dll]  [UPEK Inc., 5.3.0.2815]
    [C:\WINDOWS\system32\VESWinlogon.dll]  [Sony Corporation, 2.1.00.13200]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1176 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
[PID: 1188 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
    [C:\WINDOWS\system32\fusstub.dll]  [UPEK Inc., 5.3.0.2815]
    [C:\Program Files\Protector Suite QL\infra.dll]  [UPEK Inc., 5.3.0.2815]
    [C:\Program Files\Protector Suite QL\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Protector Suite QL\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Protector Suite QL\homefus.dll]  [UPEK Inc., 5.3.0.2815]
[PID: 1336 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
[PID: 1392 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
    [C:\WINDOWS\system32\msipfilter.dll]  [N/A, ]
[PID: 1472 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\xyepri.dll]  [N/A, ]
    [C:\WINDOWS\system32\msipfilter.dll]  [N/A, ]
[PID: 1508 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe]  [Intel Corporation, 10, 1, 0, 1]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 0, 5]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
[PID: 1584 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe]  [Intel Corporation , 10, 1, 0, 33]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 0, 5]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, ]
    [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll]  [, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL]  [N/A, ]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
[PID: 1632 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
[PID: 220 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
    [C:\WINDOWS\system32\hpzsnt12.dll]  [HP, 14.00.00.41711]
    [C:\WINDOWS\system32\tbtmon.dll]  [Toshiba America Business Solutions, Inc., 1.14]
    [C:\WINDOWS\system32\TosBtHcrpAPI.dll]  [N/A, ]
    [C:\WINDOWS\system32\TosBtAPI.dll]  [TOSHIBA CORPORATION., 4.01.6202.0]
    [C:\WINDOWS\system32\TosBdAPI.dll]  [TOSHIBA CORPORATION., 4, 1, 0, 0]
    [C:\WINDOWS\system32\tbtmon98Language.dll]  [TOSHIBA CORPORATION., 1.01.00.CHS]
[PID: 632 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe]  [Intel Corporation, 10, 1, 0, 1]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
[PID: 676 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
[PID: 708 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe]  [Symantec Corporation, 1.9.1.843]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
    [C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll]  [Symantec Corporation, 1.9.1.843]
    [C:\WINDOWS\system32\MSVCR71.DLL]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1052 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
[PID: 1096 / SYSTEM][C:\Program Files\Sony\VAIO Event Service\VESMgr.exe]  [Sony Corporation, 2.3.00.04130]
    [C:\Program Files\Sony\VAIO Event Service\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
    [C:\Program Files\Sony\VAIO HDD Protection\VESStorageProtect.dll]  [Sony Corporation, 2, 2, 1, 8110]
    [C:\Program Files\Sony\VAIO HDD Protection\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll]  [N/A, ]
    [C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll]  [Sony Corporation, 6, 4, 0, 3270]
    [C:\Program Files\Common Files\Sony Shared\SXBIOS\sxbios.dll]  [Sony Corporation, 4.02.8170]
    [C:\Program Files\Sony\VAIO Event Service\VESSuEvent.dll]  [Sony Corporation, 2.3.00.02240]
    [C:\Program Files\Sony\VAIO Event Service\VESWndMsg.dll]  [Sony Corporation, 2.3.00.03190]
    [C:\Program Files\Sony\VAIO Event Service\VESTransform.dll]  [Sony Corporation, 2.3.00.03190]
    [C:\Program Files\Sony\VAIO Event Service\MSVCP70.dll]  [Microsoft Corporation, 7.00.9466.0]
    [C:\Program Files\Sony\VAIO Event Service\VESWndMsgHook.dll]  [Sony Corporation, 2.2.00.05200]
    [C:\Program Files\Sony\VAIO Event Service\VESHardwareMixer.dll]  [Sony Corporation, 2.3.00.04270]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Sony\VAIO Power Management\VESPowerMgr.dll]  [Sony Corporation, 2.3.00.03210]
    [C:\Program Files\Sony\VAIO Event Service\VESSemiPnP.dll]  [Sony Corporation, 2.3.00.05310]
    [C:\Program Files\Sony\VAIO Event Service\VESSuPerform.dll]  [Sony Corporation, 2.3.00.04270]
    [C:\Program Files\Sony\VAIO Event Service\VESVideo.dll]  [Sony Corporation, 2.3.00.03300]
    [C:\Program Files\Sony\VAIO Event Service\VESPerform.dll]  [Sony Corporation, 2.3.00.04270]
    [C:\Program Files\Sony\AV Mode Button Utility\VESAVModeButton.dll]  [Sony Corporation, 1.0.01.01181]
    [C:\Program Files\Sony\VAIO Event Service\VESFnLock.dll]  [Sony Corporation, 2.3.00.03190]
    [C:\Program Files\Sony\VAIO Event Service\VESHKWndCommon.dll]  [Sony Corporation, 2.3.00.05300]
    [C:\WINDOWS\system32\IGFXEXPS.DLL]  [Intel Corporation, 3.0.0.4543]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, ]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRsPS.dll]  [Sony Corporation, 1.4.00.14090]

[PID: 1732 / SYSTEM][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe]  [Sony Corporation, 1.3.02.04040]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\sonyuppc.dll]  [Sony Corporation, 7.0.00.11040]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\UPnPCtrl.dll]  [Sony Corporation, 2, 0, 1, 10010]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSWEXEps.dll]  [Sony Corporation, 1.3.01.06130]
    [C:\WINDOWS\system32\msipfilter.dll]  [N/A, ]
[PID: 1984 / yxln][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhapri.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\TIMHost.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 10]
    [C:\WINDOWS\system32\xunleibho_v8.dll]  [Thunder Networking Technologies,LTD, 4, 5, 1, 33]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.7.2006011200]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 388 / SYSTEM][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe]  [Sony Corporation, 1.2.11.04220]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbVcds.dll]  [Sony Corporation, 1.2.11.04220]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSsDB.dll]  [Sony Corporation, 1.2.11.04221]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbLocalDB.dll]  [Sony Corporation, 1.2.11.04220]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSWEXEps.dll]  [Sony Corporation, 1.3.01.06130]
    [C:\Program Files\Common Files\Sony Shared\Avlib\Metallic.dll]  [Sony Corporation, 2.8.00.12140]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvcps.dll]  [Sony Corporation, 1.2.11.04220]
[PID: 404 / SYSTEM][C:\WINDOWS\system32\igfxext.exe]  [Intel Corporation, 3.0.0.4543]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4543]
    [C:\WINDOWS\system32\IGFXEXPS.DLL]  [Intel Corporation, 3.0.0.4543]
[PID: 428 / SYSTEM][C:\WINDOWS\system32\igfxsrvc.exe]  [Intel Corporation, 3.0.0.4543]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4543]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.4543]
[PID: 396 / SYSTEM][C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe]  [Symantec Corporation, 3.0.0.154]
    [C:\Program Files\Symantec\LiveUpdate\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Symantec\LiveUpdate\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\dhapri.dll]  [N/A, ]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\system32\netsrvcs.dll]  [N/A, ]
[PID: 2180 / yxln][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\dhapri.dll]  [N/A, ]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\system32\netsrvcs.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, ]
[PID: 2196 / yxln][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.3001]
    [C:\WINDOWS\system32\dhapri.dll]  [N/A, ]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\system32\netsrvcs.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, ]
    [C:\WINDOWS\system32\msipfilter.dll]  [N/A, ]
[PID: 2276 / SYSTEM][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe]  [Sony Corporation, 1.2.11.04220]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\system32\netsrvcs.dll]  [N/A, ]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFwImport.dll]  [Sony Corporation, 1.2.11.06150]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdb.dll]  [Sony Corporation, 1.2.11.05250]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvcps.dll]  [Sony Corporation, 1.2.11.04220]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCs.dll]  [Sony Corporation, 1.6.00.10030]
[PID: 2840 / SYSTEM][C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe]  [Sony Corporation, 1.4.00.14090]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\System.dll]  [Sony Corporation, 1.4.00.14090]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\system32\netsrvcs.dll]  [N/A, ]
    [C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRsPS.dll]  [Sony Corporation, 1.4.00.14090]
[PID: 3076 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msipfilter.dll]  [N/A, ]
[PID: 3084 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\system32\netsrvcs.dll]  [N/A, ]
[PID: 3248 / SYSTEM][C:\KAV2007\KPfwSvc.EXE]  [Kingsoft Corporation, 2007, 2, 2, 31]
    [C:\WINDOWS\system32\dhapri.dll]  [N/A, ]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\system32\netsrvcs.dll]  [N/A, ]
[PID: 3864 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\xyepri.dll]  [N/A, ]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\system32\netsrvcs.dll]  [N/A, ]
[PID: 2164 / yxln][C:\Program Files\Tencent\QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\system32\netsrvcs.dll]  [N/A, ]
    [C:\KAV2007\KMailOEBand.dll]  [Kingsoft Corporation, 2006, 12, 1, 139]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\KAV2007\KASocket.dll]  [Kingsoft Corporation, 2007, 3, 18, 241]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, ]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]

[PID: 2420 / yxln][C:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
    [C:\Program Files\Tencent\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\system32\netsrvcs.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, ]
    [C:\Program Files\Tencent\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\Tencent\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [C:\Program Files\Tencent\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [C:\Program Files\Tencent\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [C:\Program Files\Tencent\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, ]
    [C:\WINDOWS\system32\msipfilter.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Tencent\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\GroupLive.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Tencent\QQ\VPortal.dll]  [, 1, 0, 0, 4]
    [C:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [C:\Program Files\Tencent\QQ\QQAllInOne.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQCustomFace.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Tencent\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhapri.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [C:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\TIMHost.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [C:\Program Files\Tencent\QQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
    [C:\Program Files\Tencent\QQ\QQZip.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Tencent\QQ\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 1, 9, 95]
    [C:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQMagicFace.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\ShareFiles.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQFileTransfer.dll]  [Tencent, 0, 3, 3, 5]
[PID: 764 / yxln][C:\Documents and Settings\yxln\My Documents\My QQ Files\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\xyepri.dll]  [N/A, ]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\system32\netsrvcs.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\TIMHost.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhapri.dll]  [N/A, ]
    [C:\Documents and Settings\yxln\My Documents\My QQ Files\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\system32\msipfilter.dll]  [N/A, ]

文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD IGMP
    C:\WINDOWS\system32\msipfilter.dll(, N/A)
MSAFD IGMP
    C:\WINDOWS\system32\msipfilter.dll(, N/A)

==================================
Autorun.inf
[C:\]
[autorun]
open=Hide.exe
[D:\]
[autorun]
open=Hide.exe
[E:\]
[autorun]
open=Hide.exe

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1584, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1096, C:\PROGRAM FILES\SONY\VAIO EVENT SERVICE\VESMGR.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2164, C:\PROGRAM FILES\TENCENT\QQ\TIMPLATFORM.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2164, C:\PROGRAM FILES\TENCENT\QQ\TIMPLATFORM.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2420, C:\PROGRAM FILES\TENCENT\QQ\QQ.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2420, C:\PROGRAM FILES\TENCENT\QQ\QQ.EXE]

==================================
API HOOK
入口点错误：CreateProcessA (危险等级: 高,  被下面模块所HOOK: C:\WINDOWS\system32\TIMHost.dll)
入口点错误：CreateProcessW (危险等级: 高,  被下面模块所HOOK: C:\WINDOWS\system32\TIMHost.dll)

==================================
隐藏进程
N/A

【回复“chenqj21”的帖子】
http://forum.ikaka.com/topic.asp?board=28&artid=8346236
参考这个帖子

有问题的注册表项：
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Kvsc3><C:\WINDOWS\Kvsc3.exe> []
<MsIMMs32><C:\WINDOWS\MsIMMs32.exe> []
<TIMHost><C:\WINDOWS\TIMHost.exe> []
<AVPSrv><C:\WINDOWS\AVPSrv.exe> []
<upxdnd><; C:\WINDOWS\upxdnd.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><xyepri.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{613AF41A-21B1-131B-1BFC-D2A90DF4A2B6}><C:\WINDOWS\system32\xyepri.dll> []
<{12311A42-AC1B-158F-FD32-5674345F23A1}><C:\WINDOWS\system32\dhapri.dll> []
<{40117B96-998D-4D80-8F89-5E9DBD9F3460}><C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys> []
[Remote Help Session Manager / Rasautol][Stopped/Auto Start]
<C:\WINDOWS\system32\ntsokele.exe><N/A>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
<C:\WINDOWS\system32\rundll32.exe windhcp.ocx,input><Microsoft Corporation>
那堆病毒DLL文件：
[C:\WINDOWS\system32\xyepri.dll] [N/A, ]
[C:\WINDOWS\system32\windhcp.ocx] [N/A, ]
[C:\WINDOWS\system32\netsrvcs.dll] [N/A, ]
[C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\upxdnd.dll] [N/A, ]
[C:\WINDOWS\system32\TIMHost.dll] [N/A, ]
[C:\WINDOWS\system32\Kvsc3.dll] [N/A, ]
[C:\WINDOWS\system32\dhapri.dll] [N/A, ]
C:\WINDOWS\system32\ntsokele.exe><N/A>

C:\WINDOWS\Kvsc3.exe> []
C:\WINDOWS\MsIMMs32.exe> []
C:\WINDOWS\TIMHost.exe> []
C:\WINDOWS\AVPSrv.exe> []
C:\WINDOWS\upxdnd.exe> []

谢谢了哈，，baohe非常感谢！！

该用户帖子内容已被屏蔽

该用户帖子内容已被屏蔽

猫叔亲自上阵了啊?~哈哈

C:\Autorun.inf
c:\Hide.exe
D:\autorun.inf
d:\Hide.exe
E:\autorun.inf
e:\Hide.exe

请楼主把上面这六个僵尸文件也给灭了，否则会被烦死。