[PID: 2832 / zhs][D:\腾讯软件\QQ\QQ.exe]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\QQBaseClassInDll.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\QQHelperDll.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\BasicCtrlDll.dll]  [TENCENT, 7, 0, 431, 1723]
    [D:\腾讯软件\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\Program Files\ASUS\Asus MultiFrame\HookTitle.dll]  [N/A, ]
    [D:\腾讯软件\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [D:\腾讯软件\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [D:\腾讯软件\QQ\QQAPI.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [D:\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [D:\腾讯软件\QQ\LoginCtrl.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\LoginCtrlRes.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\QQRes.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\QQMainFrame.dll]  [N/A, ]
    [D:\腾讯软件\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\腾讯软件\QQ\UnReadMsgMgr.dll]  [N/A, ]
    [D:\腾讯软件\QQ\CQQApplication.dll]  [N/A, ]
    [D:\腾讯软件\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [D:\腾讯软件\QQ\NewSkin.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\MailSummary.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\QQKnowledgeSearch.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\QQAllInOne.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [D:\腾讯软件\QQ\CameraDll.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\腾讯软件\QQ\QQGroupMng.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\UserDefinedHead.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\QQPlugin.dll]  [N/A, ]
    [D:\腾讯软件\QQ\QQConfigPlugin.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\QQAvatar.dll]  [N/A, ]
    [D:\腾讯软件\QQ\QQCustomFace.dll]  [N/A, ]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [D:\腾讯软件\QQ\QRingMng.dll]  [N/A, ]
    [D:\腾讯软件\QQ\LongConnection.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\PhoneAPI.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\腾讯软件\QQ\QQPet.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\QQSysMsgMng.dll]  [N/A, ]
    [D:\腾讯软件\QQ\BQQApplication.dll]  [N/A, ]
    [D:\腾讯软件\QQ\CommercesMng.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [D:\腾讯软件\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 310]
    [D:\腾讯软件\QQ\QQSceneMng.dll]  [N/A, ]
    [D:\腾讯软件\QQ\QQSpace.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\ImageOle.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\QQLiveQMng.dll]  [TENCENT, 7,0,431,1723]
    [D:\腾讯软件\QQ\GroupConnection.dll]  [TENCENT, 7,0,431,1723]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星\杀毒\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 308 / zhs][D:\腾讯软件\QQ\QZone\Qzone.exe]  [腾讯公司, 1, 9, 103, 20]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [D:\腾讯软件\QQ\QZone\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\Program Files\ASUS\Asus MultiFrame\HookTitle.dll]  [N/A, ]
    [D:\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2800 / zhs][D:\腾讯软件\QQ\QZone\Qzone.exe]  [腾讯公司, 1, 9, 103, 20]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [D:\腾讯软件\QQ\QZone\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\Program Files\ASUS\Asus MultiFrame\HookTitle.dll]  [N/A, ]
    [D:\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3052 / zhs][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\IEFRAME.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\Program Files\ASUS\Asus MultiFrame\HookTitle.dll]  [N/A, ]
    [C:\WINDOWS\system32\IEUI.dll]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
    [C:\WINDOWS\system32\xmllite.dll]  [Microsoft Corporation, 1.00.1018.0]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 17.0.54.0]
    [C:\Program Files\Internet Explorer\ieproxy.dll]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
    [D:\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\kakatool.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.4]
    [c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\BT\BitComet\tools\BitCometBHO_1.1.6.14.dll]  [BitComet, 20070614]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll]  [Microsoft Corporation, 4.100.313.1]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll]  [Microsoft Corporation, 4.100.313.1]
    [C:\WINDOWS\system32\ieapfltr.dll]  [Microsoft Corporation, 7.0.6000.16461]
    [C:\WINDOWS\system32\msfeeds.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [c:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [D:\瑞星\杀毒\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]

[PID: 2084 / zhs][C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe]  [Microsoft Corporation, 4.100.313.1]
    [C:\Program Files\ASUS\Asus MultiFrame\HookTitle.dll]  [N/A, ]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll]  [Microsoft Corporation, 4.100.313.1]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [D:\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 976 / zhs][D:\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\Program Files\ASUS\Asus MultiFrame\HookTitle.dll]  [N/A, ]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 17.0.54.0]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll]  [Nokia, 6, 83, 74, 9]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll]  [Nokia, 6, 83, 92, 11]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr]  [Nokia, 6, 83, 47, 1]
    [C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr]  [Nokia, 6, 83, 15, 1]
    [C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll]  [Microsoft Corporation, 8.1.0178.00]
    [C:\WINDOWS\system32\wpdshext.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [D:\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3872 / zhs][C:\DOCUME~1\zhs\LOCALS~1\Temp\Rar$EX00.891\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\Program Files\ASUS\Asus MultiFrame\HookTitle.dll]  [N/A, ]
    [D:\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\DOCUME~1\zhs\LOCALS~1\Temp\Rar$EX00.891\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1536, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2620, C:\PROGRAM FILES\WIRELESS CONSOLE 2\WCOURIER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2640, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\ZCFGSVC.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2660, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\IFRMEWRK.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2680, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EOUWIZ.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2728, C:\PROGRAM FILES\ASUS\ATK MEDIA\DMEDIA.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2784, C:\PROGRAM FILES\ASUS\POWER4 GEAR\BATTERYLIFE.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2828, C:\PROGRAM FILES\ASUS\SPLENDID\ACMON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2876, D:\ANTISPYWARE\RUNIEP.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2940, C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\LAUNCHAPPLICATION.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3004, D:\瑞星\杀毒\RISING\RAV\RAVTASK.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3264, D:\MICROSOFT CHINESE DATE & TIME\ICALCLK.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3276, C:\WINDOWS\SYSTEM32\ACENGSVR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3280, C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\SERVICELAYER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3592, C:\PROGRAM FILES\ASUS\ASUS MULTIFRAME\MULTIFRAME.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 184, C:\PROGRA~1\INTEL\WIRELESS\BIN\DOT1XCFG.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 4040, D:\瑞星\杀毒\RISING\RAV\RAVMON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1868, D:\腾讯软件\QQ\TIMPLATFORM.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3708, D:\大智慧\INTERNET\HYPWISE.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 976, D:\WINRAR\WINRAR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

【回复“海生”的帖子】
1、winlogon进程中的可疑DLL：
C:\WINDOWS\system32\msplrct.dll


2、不明驱动：
[1laoz0gd / 1laoz0gdq][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\1laoz0gdq.sys><N/A>
[4kbqv / 4kbqv][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\4kbqv.sys><N/A>

找不到,怎么处理啊?

引用:

【海生的贴子】找不到,怎么处理啊? ………………

用WINRAR找找，应该能找到这几个文件：

C:\WINDOWS\system32\msplrct.dll


C:\WINDOWS\system32\DRIVERS\1laoz0gdq.sys

C:\WINDOWS\system32\drivers\4kbqv.sys

找到后，用WINRAR将其打包。然后删除上面3个文件（留下RAR包）。如果不能直接删除，可以考虑改名、重启后删除。

重启。

如果系统无异常，即可用SRENG删除那两个不明驱动项。

好的,谢谢!