新装几个小时的系统，番茄花园的windows xp sp3 v1.1
只装了ashampoo firewall，暴风影音，金山wps，迅雷5，安全卫士360
上网过程中弹出警告条，说360tray内存不能为read，被强制退出，之后进入安全卫士
的安装文件夹，发现360tray的程序没依次点击360各个程序，依次消失。使用qq医生没有发现任何木马。
使用highjackthis，程序也被删除。
同时使用多种在线查杀毒软件，页面十分缓慢，基本打不开。
使用木马克星报告如下：
====================================
c:\windows\system32\lpr.exe
发现木马,只有购买用户才能进入下一步
c:\windows\system32\bbf.dll 发现非系统文件0972.不是木马
c:\windows\system32\ttx.dll
发现木马,只有购买用户才能进入下一步
c:\windows\system32\kaspersky lab\kaspersky online scanner pro\kavwebscan.dll
发现木马,只有购买用户才能进入下一步
c:\windows\system32\zh-chs\mmcfxcommon.resources.dll
发现木马,只有购买用户才能进入下一步
木马克星版本号:木马克星 2008 软件版本号 0621n
===================================
请问我中了何种病毒，怎样解决？

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; WPS)

这里下载瑞星听诊器
http://it.rising.com.cn/service/technology/rs_ravdetect.htm

按照网页上的方法扫描日志上传

或者使用sreng扫描日志~

谢谢大家的回答
用瑞星听诊器没有查出任何问题
sreng软件一运行即被删除，改了名字也不行

哈哈

又一个使用听诊器迷糊的。

那个不提示日志生成的，日志直接生成在听诊器程序相同目录里。

去找来，压缩后发来

是个网页文件

未知家族病毒分析
扫描结果:
无可疑文件


系统活动进程
c:\windows\explorer.exe
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\ieframe.dll
c:\program files\360safe\safemon\safemon.dll
c:\windows\system32\msacm32.drv
c:\program files\thunder\comdlls\tdatonce_now.dll
c:\program files\thunder\comdlls\xunleibho_now.dll
c:\program files\winrar\rarext.dll
c:\windows\system32\igfxpph.dll
c:\windows\system32\hccutils.dll
c:\windows\system32\l3codeca.acm
e:\software\qq\himzck.dll
e:\software\qq\wsock32.dll
c:\program files\ashampoo\ashampoo firewall\spi.dll
c:\windows\system32\igfxres.dll
c:\windows\system32\igfxress.dll
c:\windows\system32\igfxsrvc.dll

c:\windows\system32\smss.exe
c:\windows\system32\csrss.exe
c:\windows\notepad.exe
e:\software\qq\himzck.dll
e:\software\qq\wsock32.dll
c:\windows\system32\ttx.dll
c:\windows\system32\ffj.dll

c:\windows\system32\winlogon.exe
c:\windows\system32\msacm32.drv
c:\windows\system32\igfxdev.dll

c:\windows\system32\services.exe
c:\windows\apppatch\acadproc.dll

c:\windows\system32\lsass.exe
c:\program files\ashampoo\ashampoo firewall\spi.dll

c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\program files\ashampoo\ashampoo firewall\spi.dll

c:\windows\system32\svchost.exe
c:\program files\ashampoo\ashampoo firewall\spi.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wups2.dll

c:\windows\system32\svchost.exe
c:\program files\ashampoo\ashampoo firewall\spi.dll

c:\windows\system32\hkcmd.exe
c:\windows\system32\hccutils.dll
c:\windows\system32\igfxsrvc.dll
c:\windows\system32\igfxres.dll
e:\software\qq\himzck.dll
e:\software\qq\wsock32.dll
c:\windows\system32\ttx.dll
c:\windows\system32\ffj.dll

c:\windows\system32\svchost.exe
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\program files\ashampoo\ashampoo firewall\spi.dll

c:\program files\ashampoo\ashampoo firewall\firewall.exe
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\program files\ashampoo\ashampoo firewall\ash_inet.dll
e:\software\qq\himzck.dll
c:\windows\system32\ttx.dll
c:\windows\system32\ffj.dll
c:\windows\system32\msacm32.drv

c:\windows\system32\spoolsv.exe
c:\windows\system32\ctfmon.exe
e:\software\qq\himzck.dll
e:\software\qq\wsock32.dll
c:\windows\system32\ttx.dll
c:\windows\system32\ffj.dll

e:\incoming\rsdetect.exe
e:\software\qq\himzck.dll
e:\software\qq\wsock32.dll
c:\windows\system32\ttx.dll
c:\windows\system32\ffj.dll

c:\program files\internet explorer\iexplore.exe
c:\windows\system32\iertutil.dll
c:\windows\system32\ieframe.dll
e:\software\qq\himzck.dll
e:\software\qq\wsock32.dll
c:\windows\system32\ttx.dll
c:\windows\system32\ffj.dll
c:\windows\system32\ieui.dll
c:\windows\system32\xmllite.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\normaliz.dll
c:\program files\thunder\comdlls\tdatonce_now.dll
c:\program files\thunder\comdlls\xunleibho_now.dll
c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
c:\program files\common files\microsoft shared\windows live\msidcrl40.dll
c:\windows\system32\ieapfltr.dll
c:\windows\system32\msacm32.drv
c:\program files\ashampoo\ashampoo firewall\spi.dll
c:\windows\system32\macromed\flash\flash9f.ocx
c:\windows\system32\googlepinyin.ime

c:\windows\system32\conime.exe
e:\software\qq\himzck.dll
e:\software\qq\wsock32.dll
c:\windows\system32\ttx.dll
c:\windows\system32\ffj.dll

c:\windows\system32\taskmgr.exe
e:\software\qq\himzck.dll
e:\software\qq\wsock32.dll
c:\windows\system32\ttx.dll
c:\windows\system32\ffj.dll

c:\windows\system32\wuauclt.exe
c:\windows\system32\wups2.dll


普通自启动项
hkey_local_machine\software\microsoft\windows\currentversion\run
igfxtray = c:\windows\system32\igfxtray.exe
hotkeyscmds = c:\windows\system32\hkcmd.exe
persistence = c:\windows\system32\igfxpers.exe
360safetray = c:\program files\360safe\safemon\360tray.exe /start
ashampoo firewall = "c:\program files\ashampoo\ashampoo firewall\firewall.exe" -tray
msconfig = c:\windows\pchealth\helpctr\binaries\msconfig.exe /auto
vistadrv = c:\program files\vsdrv\vsdrv.exe

hkey_current_user\software\microsoft\windows\currentversion\run
ctfmon.exe = c:\windows\system32\ctfmon.exe
msnmsgr = "c:\program files\windows live\messenger\msnmsgr.exe" /background


appinit_dlls
hkey_local_machine\software\microsoft\windows nt\currentversion\windows
appinit_dlls =


系统文件关联
.exe ==> exefile = "%1" %*
.com ==> comfile = "%1" %*
.cmd ==> cmdfile = "%1" %*
.bat ==> batfile = "%1" %*
.txt ==> txtfile = c:\windows\notepad.exe %1
.scr ==> scrfile = "%1" /s
.reg ==> regfile = regedit.exe "%1"
.doc ==> wps.doc.6 = "c:\program files\kingsoft\wps office personal\office6\wps.exe" "%1"

其它启动项
win.ini
无信息

system.ini
shell = explorer.exe


winlogon 启动项
hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon\notify
crypt32chain = crypt32.dll
cryptnet = cryptnet.dll
cscdll = cscdll.dll
dimsntfy = c:\windows\system32\dimsntfy.dll
igfxcui = igfxdev.dll
sccertprop = wlnotify.dll
schedule = wlnotify.dll
sclgntfy = sclgntfy.dll
senslogn = wlnotify.dll
termsrv = wlnotify.dll
wlballoon = wlnotify.dll

hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon
userinit = c:\windows\system32\userinit.exe,
shell = explorer.exe


ie - bho
hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects
{01443aec-0fd1-40fd-9c87-e93d1494c233} = c:\program files\thunder\comdlls\tdatonce_now.dll
{7e853d72-626a-48ec-a868-ba8d5e23e045} = null
{889d2feb-5411-4565-8998-1dd2c5261283} = c:\program files\thunder\comdlls\xunleibho_now.dll
{9030d464-4c02-4abf-8ecc-5164760863c6} = c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
{b69f34dd-f0f9-42dc-9edd-957187da688d} = null


winsock spi
protected(af) msafd tcpip [tcp/ip] = c:\program files\ashampoo\ashampoo firewall\spi.dll
protected(af) msafd tcpip [udp/ip] = c:\program files\ashampoo\ashampoo firewall\spi.dll
protected(af) msafd tcpip [raw/ip] = c:\program files\ashampoo\ashampoo firewall\spi.dll
protected(af) rsvp udp service provider = c:\program files\ashampoo\ashampoo firewall\spi.dll
protected(af) rsvp tcp service provider = c:\program files\ashampoo\ashampoo firewall\spi.dll
msafd netbios [\device\netbt_tcpip_{a6e6e4a2-0c2d-497e-811d-3af9525ce578}] seqpacket 3 = c:\windows\system32\mswsock.dll
msafd netbios [\device\netbt_tcpip_{a6e6e4a2-0c2d-497e-811d-3af9525ce578}] datagram 3 = c:\windows\system32\mswsock.dll
msafd netbios [\device\netbt_tcpip_{454ec5a8-bfd6-462c-a8c1-e3cff82a11fe}] seqpacket 0 = c:\windows\system32\mswsock.dll
msafd netbios [\device\netbt_tcpip_{454ec5a8-bfd6-462c-a8c1-e3cff82a11fe}] datagram 0 = c:\windows\system32\mswsock.dll
msafd netbios [\device\netbt_tcpip_{11c38d99-a0ec-44ea-a311-0d3f58fce5f9}] seqpacket 1 = c:\windows\system32\mswsock.dll
msafd netbios [\device\netbt_tcpip_{11c38d99-a0ec-44ea-a311-0d3f58fce5f9}] datagram 1 = c:\windows\system32\mswsock.dll
msafd netbios [\device\netbt_tcpip_{7da28b66-272a-4a9b-ba60-74264df20212}] seqpacket 2 = c:\windows\system32\mswsock.dll
msafd netbios [\device\netbt_tcpip_{7da28b66-272a-4a9b-ba60-74264df20212}] datagram 2 = c:\windows\system32\mswsock.dll
ashampoo firewall filter = c:\program files\ashampoo\ashampoo firewall\spi.dll
msafd tcpip [tcp/ip] = c:\windows\system32\mswsock.dll
msafd tcpip [udp/ip] = c:\windows\system32\mswsock.dll
msafd tcpip [raw/ip] = c:\windows\system32\mswsock.dll
rsvp udp service provider = c:\windows\system32\rsvpsp.dll
rsvp tcp service provider = c:\windows\system32\rsvpsp.dll

系统服务项
hkey_local_machine\system\currentcontrolset\services
alerter = c:\windows\system32\svchost.exe -k localservice
alg = c:\windows\system32\alg.exe
appmgmt = c:\windows\system32\svchost.exe -k netsvcs
audiosrv = c:\windows\system32\svchost.exe -k netsvcs
bits = c:\windows\system32\svchost.exe -k netsvcs
browser = c:\windows\system32\svchost.exe -k netsvcs
cisvc = c:\windows\system32\cisvc.exe
clipsrv = c:\windows\system32\clipsrv.exe
comsysapp = c:\windows\system32\dllhost.exe /processid:{02d4b3f1-fd88-11d1-960d-00805fc79235}
cryptsvc = c:\windows\system32\svchost.exe -k netsvcs
dcomlaunch = c:\windows\system32\svchost -k dcomlaunch
dhcp = c:\windows\system32\svchost.exe -k netsvcs
dmadmin = c:\windows\system32\dmadmin.exe /com
dmserver = c:\windows\system32\svchost.exe -k netsvcs
dnscache = c:\windows\system32\svchost.exe -k networkservice
dot3svc = c:\windows\system32\svchost.exe -k dot3svc
eaphost = c:\windows\system32\svchost.exe -k eapsvcs
ersvc = c:\windows\system32\svchost.exe -k netsvcs
eventlog = c:\windows\system32\services.exe
eventsystem = c:\windows\system32\svchost.exe -k netsvcs
fastuserswitchingcompatibility = c:\windows\system32\svchost.exe -k netsvcs
helpsvc = c:\windows\system32\svchost.exe -k netsvcs
hidserv = c:\windows\system32\svchost.exe -k netsvcs
hkmsvc = c:\windows\system32\svchost.exe -k netsvcs
httpfilter = c:\windows\system32\svchost.exe -k httpfilter
imapiservice = c:\windows\system32\imapi.exe
lanmanserver = c:\windows\system32\svchost.exe -k netsvcs
lanmanworkstation = c:\windows\system32\svchost.exe -k netsvcs
lmhosts = c:\windows\system32\svchost.exe -k localservice
messenger = c:\windows\system32\svchost.exe -k netsvcs
mnmsrvc = c:\windows\system32\mnmsrvc.exe
msdtc = c:\windows\system32\msdtc.exe
msiserver = c:\windows\system32\msiexec.exe /v
napagent = c:\windows\system32\svchost.exe -k netsvcs
netdde = c:\windows\system32\netdde.exe
netddedsdm = c:\windows\system32\netdde.exe
netlogon = c:\windows\system32\lsass.exe
netman = c:\windows\system32\svchost.exe -k netsvcs
nla = c:\windows\system32\svchost.exe -k netsvcs
ntlmssp = c:\windows\system32\lsass.exe
ntmssvc = c:\windows\system32\svchost.exe -k netsvcs
plugplay = c:\windows\system32\services.exe
policyagent = c:\windows\system32\lsass.exe
protectedstorage = c:\windows\system32\lsass.exe
rasauto = c:\windows\system32\svchost.exe -k netsvcs
rasman = c:\windows\system32\svchost.exe -k netsvcs
rdsessmgr = c:\windows\system32\sessmgr.exe
remoteaccess = c:\windows\system32\svchost.exe -k netsvcs
remoteregistry = c:\windows\system32\svchost.exe -k localservice
rpclocator = c:\windows\system32\locator.exe
rpcss = c:\windows\system32\svchost -k rpcss
rsvp = c:\windows\system32\rsvp.exe
samss = c:\windows\system32\lsass.exe
scardsvr = c:\windows\system32\scardsvr.exe
schedule = c:\windows\system32\svchost.exe -k netsvcs
seclogon = c:\windows\system32\svchost.exe -k netsvcs
sens = c:\windows\system32\svchost.exe -k netsvcs
sharedaccess = c:\windows\system32\svchost.exe -k netsvcs
shellhwdetection = c:\windows\system32\svchost.exe -k netsvcs
spooler = c:\windows\system32\spoolsv.exe
srservice = c:\windows\system32\svchost.exe -k netsvcs
ssdpsrv = c:\windows\system32\svchost.exe -k localservice
stisvc = c:\windows\system32\svchost.exe -k imgsvc
swprv = c:\windows\system32\dllhost.exe /processid:{9e413bb7-33b5-4000-b10e-99a32e379a78}
sysmonlog = c:\windows\system32\smlogsvc.exe
tapisrv = c:\windows\system32\svchost.exe -k netsvcs
termservice = c:\windows\system32\svchost -k dcomlaunch
themes = c:\windows\system32\svchost.exe -k netsvcs
tlntsvr = c:\windows\system32\tlntsvr.exe
trkwks = c:\windows\system32\svchost.exe -k netsvcs
upnphost = c:\windows\system32\svchost.exe -k localservice
ups = c:\windows\system32\ups.exe
usnjsvc = "c:\program files\windows live\messenger\usnsvc.exe"
vss = c:\windows\system32\vssvc.exe
w32time = c:\windows\system32\svchost.exe -k netsvcs
webclient = c:\windows\system32\svchost.exe -k localservice
winmgmt = c:\windows\system32\svchost.exe -k netsvcs
wlsetupsvc = "c:\program files\windows live\installer\wlsetupsvc.exe"
wmdmpmsn = c:\windows\system32\svchost.exe -k netsvcs
wmi = c:\windows\system32\svchost.exe -k netsvcs
wmiapsrv = c:\windows\system32\wbem\wmiapsrv.exe
wscsvc = c:\windows\system32\svchost.exe -k netsvcs
wuauserv = c:\windows\system32\svchost.exe -k netsvcs
wzcsvc = c:\windows\system32\svchost.exe -k netsvcs
xmlprov = c:\windows\system32\svchost.exe -k netsvcs


文件驱动
hkey_local_machine\system\currentcontrolset\services
fltmgr = c:\windows\system32\drivers\fltmgr.sys
mrxdav = c:\windows\system32\drivers\mrxdav.sys
mrxsmb = c:\windows\system32\drivers\mrxsmb.sys
netbios = c:\windows\system32\drivers\netbios.sys
rdbss = c:\windows\system32\drivers\rdbss.sys
sr = c:\windows\system32\drivers\sr.sys
srv = c:\windows\system32\drivers\srv.sys


系统驱动项
hkey_local_machine\system\currentcontrolset\services
360antiarp = c:\windows\system32\drivers\360antiarp.sys
acpi = c:\windows\system32\drivers\acpi.sys
acpiec = c:\windows\system32\drivers\acpiec.sys
aec = c:\windows\system32\drivers\aec.sys
afd = c:\windows\system32\drivers\afd.sys
asfwhide = c:\docume~1\malseu~1\locals~1\temp\asfwhide
asyncmac = c:\windows\system32\drivers\asyncmac.sys
atapi = c:\windows\system32\drivers\atapi.sys
atmarpc = c:\windows\system32\drivers\atmarpc.sys
audstub = c:\windows\system32\drivers\audstub.sys
cdrom = c:\windows\system32\drivers\cdrom.sys
cmbatt = c:\windows\system32\drivers\cmbatt.sys
compbatt = c:\windows\system32\drivers\compbatt.sys
disk = c:\windows\system32\drivers\disk.sys
dmboot = c:\windows\system32\drivers\dmboot.sys
dmio = c:\windows\system32\drivers\dmio.sys
dmload = c:\windows\system32\drivers\dmload.sys
dmusic = c:\windows\system32\drivers\dmusic.sys
drmkaud = c:\windows\system32\drivers\drmkaud.sys
e100b = c:\windows\system32\drivers\e100b325.sys
eabfiltr = c:\windows\system32\drivers\eabfiltr.sys
eabusb = c:\windows\system32\drivers\eabusb.sys
fsvga = c:\windows\system32\drivers\fsvga.sys
ftdisk = c:\windows\system32\drivers\ftdisk.sys
gpc = c:\windows\system32\drivers\msgpc.sys
hbtnkey = c:\windows\system32\drivers\cpqbttn.sys
hdaudaddservice = c:\windows\system32\drivers\chdaud.sys
hdaudbus = c:\windows\system32\drivers\hdaudbus.sys
hidusb = c:\windows\system32\drivers\hidusb.sys
hsfhwazl = c:\windows\system32\drivers\hsfhwazl.sys
hsf_dpv = c:\windows\system32\drivers\hsf_dpv.sys
http = c:\windows\system32\drivers\http.sys
i8042prt = c:\windows\system32\drivers\i8042prt.sys
ialm = c:\windows\system32\drivers\igxpmp32.sys
iastor = c:\windows\system32\drivers\iastor.sys
imapi = c:\windows\system32\drivers\imapi.sys
intelppm = c:\windows\system32\drivers\intelppm.sys
ip6fw = c:\windows\system32\drivers\ip6fw.sys
ipfilterdriver = c:\windows\system32\drivers\ipfltdrv.sys
ipinip = c:\windows\system32\drivers\ipinip.sys
ipnat = c:\windows\system32\drivers\ipnat.sys
ipsec = c:\windows\system32\drivers\ipsec.sys
irenum = c:\windows\system32\drivers\irenum.sys
isapnp = c:\windows\system32\drivers\isapnp.sys
kbdclass = c:\windows\system32\drivers\kbdclass.sys
kbdhid = c:\windows\system32\drivers\kbdhid.sys
kmixer = c:\windows\system32\drivers\kmixer.sys
mdmxsdk = c:\windows\system32\drivers\mdmxsdk.sys
mouclass = c:\windows\system32\drivers\mouclass.sys
mouhid = c:\windows\system32\drivers\mouhid.sys
mskssrv = c:\windows\system32\drivers\mskssrv.sys
mspclock = c:\windows\system32\drivers\mspclock.sys
mspqm = c:\windows\system32\drivers\mspqm.sys
mssmbios = c:\windows\system32\drivers\mssmbios.sys
ndistapi = c:\windows\system32\drivers\ndistapi.sys
ndisuio = c:\windows\system32\drivers\ndisuio.sys
ndiswan = c:\windows\system32\drivers\ndiswan.sys
netbt = c:\windows\system32\drivers\netbt.sys
netw4x32 = c:\windows\system32\drivers\netw4x32.sys
nwlnkflt = c:\windows\system32\drivers\nwlnkflt.sys
nwlnkfwd = c:\windows\system32\drivers\nwlnkfwd.sys
packet = c:\windows\system32\drivers\protodrv.sys
pci = c:\windows\system32\drivers\pci.sys
pciide = c:\windows\system32\drivers\pciide.sys
pcmcia = c:\windows\system32\drivers\pcmcia.sys
pptpminiport = c:\windows\system32\drivers\raspptp.sys
psched = c:\windows\system32\drivers\psched.sys
ptilink = c:\windows\system32\drivers\ptilink.sys
rasacd = c:\windows\system32\drivers\rasacd.sys
rasl2tp = c:\windows\system32\drivers\rasl2tp.sys
raspppoe = c:\windows\system32\drivers\raspppoe.sys
raspti = c:\windows\system32\drivers\raspti.sys
rdpcdd = c:\windows\system32\drivers\rdpcdd.sys
rdpdr = c:\windows\system32\drivers\rdpdr.sys
redbook = c:\windows\system32\drivers\redbook.sys
secdrv = c:\windows\system32\drivers\secdrv.sys
splitter = c:\windows\system32\drivers\splitter.sys
swenum = c:\windows\system32\drivers\swenum.sys
swmidi = c:\windows\system32\drivers\swmidi.sys
sysaudio = c:\windows\system32\drivers\sysaudio.sys
tcpip = c:\windows\system32\drivers\tcpip.sys
termdd = c:\windows\system32\drivers\termdd.sys
tsksp = e:\software\qqdoctor\tsksp.sys
uiusys = c:\windows\system32\drivers\uiusys.sys
update = c:\windows\system32\drivers\update.sys
usbehci = c:\windows\system32\drivers\usbehci.sys
usbhub = c:\windows\system32\drivers\usbhub.sys
usbstor = c:\windows\system32\drivers\usbstor.sys
usbuhci = c:\windows\system32\drivers\usbuhci.sys
vgasave = c:\windows\system32\drivers\vga.sys
wanarp = c:\windows\system32\drivers\wanarp.sys
wdmaud = c:\windows\system32\drivers\wdmaud.sys
winachsf = c:\windows\system32\drivers\hsf_cnxt.sys
wmiacpi = c:\windows\system32\drivers\wmiacpi.sys
ws2ifsl = c:\windows\system32\drivers\ws2ifsl.sys

1.用xdelbox勾选抑制再生后删除以下文件：(xdelbox1.7支持奥运版下载)
使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择从剪贴板导入不检查路径，导入后在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入dos界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质（包括u盘，mp3，手机存储卡等）。

e:\software\qq\himzck.dll
e:\software\qq\wsock32.dll
c:\windows\system32\ttx.dll
c:\windows\system32\ffj.dll

重起后千万别运行qq  直接删除其安装目录文件夹  然后扫描sre日志上传

话说我还是第一次看见瑞星听诊器的日志是小写字母的。。

照你说的做了，不过还是sre一运行就被删除

刚刚上QQ，说发现了木马cftmon
杀掉重启后发现安全模式进入不了，而且多了一个xzlkn.exe的进程在windows文件夹里
昨天到现在只装了QQ、QQ游戏、飞信、unlocker，没有什么乱七八糟软件，我是不是被人入侵了呢？防火墙说有一个upnp.exe、dpinst.exe、xzlkn.exe、cftmon.exe的程序都曾试图连接网络，被我禁掉了