启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <kav><"F:\卡巴文件\avp.exe">  [Kaspersky Lab]
    <360Safetray><D:\360安全卫士\360safe\safemon\360tray.exe /start>  [奇虎网]
    <MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <360Antiarp><D:\360安全卫士\360safe\antiarp\antiarp.exe /start>  [360安全中心]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]

==================================
启动文件夹
N/A
==================================
服务
[卡巴斯基反病毒6.0 / AVP][Running/Auto Start]
  <F:\卡巴文件\avp.exe -r><Kaspersky Lab>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <D:\暴风影音\stormliv.exe /asservice><北京暴风网际科技有限公司>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[ServiceLayer / ServiceLayer][Running/Manual Start]
  <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia.>

==================================
驱动程序
[360AntiArp / 360AntiArp][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
[askd / askd][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\askd.ahc><N/A>
[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
  <system32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[Nokia USB Phone Parent / nmwcd][Stopped/Manual Start]
  <system32\drivers\nmwcd.sys><Nokia>
[Nokia USB Generic / nmwcdc][Stopped/Manual Start]
  <system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Port / nmwcdcj][Stopped/Manual Start]
  <system32\drivers\nmwcdcj.sys><Nokia>
[Nokia USB Modem / nmwcdcm][Stopped/Manual Start]
  <system32\drivers\nmwcdcm.sys><Nokia>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]

[用户系统信息]Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0(Compatible Mozilla/4.0(Compatible-EmbeddedWB 14.59 http://bsalsa.com/ EmbeddedWB- 14.59  from: http://bsalsa.com/ )

<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[XPROTECTOR / XPROTECTOR][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\Xprotector.sys><N/A>
[Teclast WE PC Camera / ZSMC301b][Running/Manual Start]
  <System32\Drivers\usbVM31b.sys><VM>

==================================
浏览器加载项
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\迅雷5\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\迅雷5\Thunder.exe, Thunder Networking Technologies,LTD>
[Web反病毒保护]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <F:\卡巴文件\scieplugin.dll, Kaspersky Lab>
[BitComet]
  {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} <, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[ADODB.Recordset]
  {00000535-0000-0010-8000-00AA006D2EA4} <C:\Program Files\Common Files\System\ado\msado15.dll, Microsoft Corporation>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\迅雷5\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[GerneralPeerID Class]
  {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} <D:\迅雷5\Components\InMedia\peerid.dll, >
[Fade]
  {16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\WINDOWS\system32\Dxtmsft.dll, Microsoft Corporation>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\迅雷5\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <D:\PPS网~1.105\PPStream\POWERP~1.DLL, PPStream Inc.>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[StormPlayer Object]
  {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} <D:\暴风影音\mps.dll, 北京暴风网际科技有限公司>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CCtInf Class]
  {6DBB2904-082D-4DB0-944A-21C22BA121F4} <C:\WINDOWS\system32\BANKCE~1.DLL, >
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <, N/A>
[Windows Script Host Shell Object]
  {72C24DD5-D70A-438B-8A42-98424B88AFB8} <C:\WINDOWS\system32\wshom.ocx, Microsoft Corporation>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\迅雷5\Components\InMedia\MediaAddin16.dll, Thunder Networking Technologies,LTD>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <D:\360安全卫士\360safe\live.dll, 360.cn>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\迅雷5\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[UTPKES Control]
  {94BE7FE8-CF75-4FD3-8A41-9D5FE7135511} <c:\sdbocx\UTPKES.ocx, 广州科友科技股份有限公司>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Thunder DapCtrl]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\DapCtrl1.5.578.28.133.dll, ShenZhen Thunder Networking Technologies Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\360安全卫士\360safe\safemon\safemon.dll, 360.CN>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[QQPlayerSvr Proxy Control]
  {CD108273-D434-43E6-AA90-1469F97EB398} <D:\QQ\QzoneMusic.dll, 腾讯科技>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <D:\暴风影音\Codec\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[RevealTrans]
  {E31E87C4-86EA-4940-9B8A-5BD5D179A737} <C:\WINDOWS\system32\Dxtmsft.dll, Microsoft Corporation>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>

[TimwpDll.TimwpCheck]
  {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <D:\QQ\Timwp.dll, TENCENT>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <D:\迅雷5\Components\DownAndPlay\DapPlayer3.0.578.69.132.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[Iesign Control]
  {F3E92562-1B4D-4BFA-B2D4-E9BCABE3B5A1} <c:\sdbocx\iesign.ocx, csii>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[Free Threaded XML DOM Document 3.0]
  {F5078F33-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XSL Template 3.0]
  {F5078F36-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
[&使用BitComet下载]
  <res://D:\比特彗星(BitComet) V0.98 Final\BitComet\BitComet.exe/AddLink.htm, N/A>
[&使用BitComet下载全部链接]
  <res://D:\比特彗星(BitComet) V0.98 Final\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[&使用BitComet下载本页视频]
  <res://D:\比特彗星(BitComet) V0.98 Final\BitComet\BitComet.exe/AddVideo.htm, N/A>
[使用迅雷下载]
  <D:\迅雷5\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\迅雷5\Program\getallurl.htm, N/A>
[添加到QQ表情]
  <D:\QQ\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 448 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 700 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 724 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 768 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 780 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 940 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1016 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1112 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)]
[PID: 1232 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1276 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)]
[PID: 1532 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1776 / HTWOOO][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)]
    [D:\360安全卫士\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.9147]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9147]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
[D:\迅雷5\Components\ResWorker\DsBho_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 18]
    [D:\迅雷5\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\winrar3.62\rarext.dll]  [N/A, ]
    [F:\卡巴文件\shellex.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\Program Files\Nokia\Nokia PC Suite 6\phonebrowser.dll]  [Nokia, 6, 85, 89, 5]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll]  [Nokia, 6, 85, 107, 6]
    [C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr]  [Nokia, 6, 85, 59, 0]
    [C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr]  [Nokia, 6, 85, 17, 0]
    [D:\迅雷5\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 74]

[PID: 1876 / HTWOOO][D:\360安全卫士\360safe\safemon\360tray.exe]  [奇虎网, 4, 1, 0, 1004]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [D:\360安全卫士\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [D:\360安全卫士\360safe\safemon\SafeKrnl.dll]  [奇虎网, 4, 1, 0, 1001]
    [D:\360安全卫士\360safe\AntiAdwa.dll]  [360Safe.com, 4, 1, 0, 1001]
    [D:\360安全卫士\360safe\live.dll]  [360.cn, 1, 0, 1, 1027]
    [F:\卡巴文件\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [F:\卡巴文件\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [F:\卡巴文件\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [F:\卡巴文件\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [F:\卡巴文件\prkernel.ppl]  [Kaspersky Lab, 6.0.0.304]
    [f:\卡巴文件\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [f:\卡巴文件\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [f:\卡巴文件\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
[PID: 1908 / HTWOOO][D:\360安全卫士\360safe\antiarp\antiarp.exe]  [360安全中心, 2, 0, 0, 1007]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)]
    [D:\360安全卫士\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [F:\卡巴文件\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [F:\卡巴文件\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [F:\卡巴文件\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [F:\卡巴文件\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [F:\卡巴文件\prkernel.ppl]  [Kaspersky Lab, 6.0.0.304]
    [f:\卡巴文件\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [f:\卡巴文件\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [f:\卡巴文件\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
[PID: 1988 / HTWOOO][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\360安全卫士\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
[PID: 292 / SYSTEM][D:\暴风影音\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 3, 15]
    [D:\暴风影音\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)]
[PID: 432 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9147]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
[PID: 556 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1976 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2348 / HTWOOO][D:\QQ\QQ.exe]  [TENCENT, 8,0,714,1791]
    [D:\QQ\QQBaseClassInDll.dll]  [TENCENT, 8,0,714,1791]
    [D:\QQ\QQHelperDll.dll]  [TENCENT, 8,0,714,1791]
    [D:\QQ\BasicCtrlDll.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)]
    [D:\360安全卫士\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [D:\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [D:\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [D:\QQ\QQAPI.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\LoginCtrl.dll]  [TENCENT, 8,0,714,1791]
    [D:\QQ\LoginCtrlRes.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\QQRes.dll]  [TENCENT, 8,0,714,1791]
    [D:\QQ\QQMainFrame.dll]  [N/A, ]
    [D:\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\QQ\QQPlugin.dll]  [N/A, ]
[D:\QQ\UnReadMsgMgr.dll]  [N/A, ]
    [D:\QQ\CQQApplication.dll]  [N/A, ]
    [D:\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [D:\QQ\NewSkin.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\MailSummary.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\QQSpace.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\QQ\QQKnowledgeSearch.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\OEMApplication.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\QQGroupMng.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\QQPet.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\QQAllInOne.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [D:\QQ\CameraDll.dll]  [TENCENT, 8,0,713,1791]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\QQ\QRingMng.dll]  [N/A, ]
    [D:\QQ\UserDefinedHead.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\QQConfigPlugin.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\QQCustomFace.dll]  [N/A, ]
    [D:\QQ\QQAvatar.dll]  [N/A, ]
    [D:\QQ\LongConnection.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\PhoneAPI.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [D:\QQ\QQSysMsgMng.dll]  [N/A, ]
    [D:\QQ\BQQApplication.dll]  [N/A, ]
    [D:\QQ\QQFileTransfer.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\CommercesMng.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\PersonalDesktop.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 330]
    [D:\QQ\QQSceneMng.dll]  [N/A, ]
    [D:\QQ\AddrSearch.dll]  [腾讯科技（深圳）有限公司, 2, 2, 1, 13]
    [D:\QQ\QQDoctor\TSVulMdw.dat]  [TENCENT, 2007, 12, 18, 3]

[C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\QQ\ImageOle.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\QQLiveQMng.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\QQMagicFace.dll]  [TENCENT, 8,0,713,1791]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [D:\QQ\GroupConnection.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\VqqModule.dll]  [TENCENT, 8,0,713,1791]
    [D:\QQ\VqqAllInOne.dll]  [Tencent, 1, 6, 0, 4]
    [D:\QQ\InPlus.dll]  [Tencent, 1, 6, 0, 4]
    [D:\QQ\tencent-proto1.dll]  [tencent, 1, 6, 0, 4]
    [D:\QQ\tencent-comlib.dll]  [tencent, 1, 6, 0, 4]
    [D:\QQ\tencent-proto2.dll]  [tencent, 1, 6, 0, 4]
    [C:\WINDOWS\system32\ieapfltr.dll]  [Microsoft Corporation, 7.0.6000.16461]
    [f:\卡巴文件\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [f:\卡巴文件\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msfeeds.dll]  [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)]
[PID: 3864 / HTWOOO][C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe]  [, 6, 85, 11, 8]
    [C:\Program Files\Nokia\Nokia PC Suite 6\QtCore4.dll]  [N/A, ]
    [C:\Program Files\Nokia\Nokia PC Suite 6\QtGui4.dll]  [N/A, ]
    [C:\Program Files\Nokia\Nokia PC Suite 6\QtXml4.dll]  [N/A, ]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PCSSupportSetup.DLL]  [Nokia, 6, 85, 26, 0]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.DLL]  [Nokia, 6, 85, 107, 6]
    [D:\360安全卫士\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PCSL.dll]  [Nokia, 6, 85, 12, 0]
    [C:\Program Files\PC Connectivity Solution\ConnAPI.dll]  [Nokia., 6, 85, 94, 10]
    [C:\Program Files\PC Connectivity Solution\DAAPI.dll]  [Nokia, 6, 85, 91, 10]
    [C:\Program Files\PC Connectivity Solution\PCCS_DBAPI.DLL]  [Nokia, 6, 85, 14, 1]
[C:\Program Files\Nokia\Nokia PC Suite 6\styles\NGLStyle.dll]  [Nokia, 6, 85, 8, 2]
    [C:\Program Files\Nokia\Nokia PC Suite 6\imageformats\qjpeg4.dll]  [N/A, ]
    [C:\Program Files\PC Connectivity Solution\ConfServer.dll]  [Nokia, 6, 85, 38, 0]
    [F:\卡巴文件\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [F:\卡巴文件\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [F:\卡巴文件\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [F:\卡巴文件\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [F:\卡巴文件\prkernel.ppl]  [Kaspersky Lab, 6.0.0.304]
    [f:\卡巴文件\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [f:\卡巴文件\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [f:\卡巴文件\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
[PID: 2644 / SYSTEM][C:\Program Files\PC Connectivity Solution\ServiceLayer.exe]  [Nokia., 6, 85, 91, 18]
    [C:\Program Files\PC Connectivity Solution\NclTools.dll]  [Nokia, 6, 85, 34, 2]
    [C:\Program Files\PC Connectivity Solution\NclCapability.dll]  [Nokia, 6, 85, 24, 0]
    [C:\Program Files\PC Connectivity Solution\NOX.dll]  [Nokia, 6, 85, 61, 0]
    [C:\Program Files\PC Connectivity Solution\ConfServer.dll]  [Nokia, 6, 85, 38, 0]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)]
    [C:\Program Files\PC Connectivity Solution\NclFT.dll]  [Nokia, 6, 85, 47, 1]
    [C:\Program Files\PC Connectivity Solution\NclPIMAccess.dll]  [Nokia, 6, 85, 30, 5]
    [C:\Program Files\PC Connectivity Solution\NclSyncHandler.DLL]  [Nokia., 6, 85, 16, 1]
    [C:\Program Files\PC Connectivity Solution\DBAccess.dll]  [Nokia, 6, 85, 10, 0]
    [C:\Program Files\PC Connectivity Solution\PCCS_DBEngine.dll]  [Nokia, 6, 85, 5, 0]
    [C:\Program Files\PC Connectivity Solution\NclLcif.dll]  [Nokia, 6.85.11.3]
[PID: 1784 / HTWOOO][C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe]  [, 6, 85, 8, 3]
    [D:\360安全卫士\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
[PID: 332 / SYSTEM][C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe]  [, 6, 85, 6, 7]
[PID: 2288 / SYSTEM][C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe]  [, 6, 85, 4, 4]
[PID: 2588 / HTWOOO][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\360安全卫士\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
[PID: 3552 / HTWOOO][D:\System Repair Engineer\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16640 (vista_gdr.080213-1606)]
    [D:\360安全卫士\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
[D:\System Repair Engineer\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [F:\卡巴文件\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [F:\卡巴文件\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [F:\卡巴文件\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [F:\卡巴文件\prkernel.ppl]  [Kaspersky Lab, 6.0.0.304]
    [f:\卡巴文件\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [f:\卡巴文件\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [f:\卡巴文件\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]

==================================

文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1  yu.8s7.net
127.0.0.1  1.jopanqc.com
127.0.0.1  2.joppnqq.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  xxx.m111.biz
127.0.0.1  1.jopenqc.com
127.0.0.1  1.jopenkk.com
127.0.0.1  xxx.vh7.biz
127.0.0.1  xxx.j41m.com
127.0.0.1  3.joppnqq.com
127.0.0.1  d.93se.com
127.0.0.1  www.868wg.com
127.0.0.1  xxx.mmma.biz
127.0.0.1  ilove.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  www.tomwg.com
127.0.0.1  www.cike007.cn
127.0.0.1  www.22aaa.com
127.0.0.1  xx.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
127.0.0.1  1.jopmmqq.com
127.0.0.1  171817.171817.com
127.0.0.1  d2.llsging.com
127.0.0.1  down.malasc.cn
127.0.0.1  llboss.com
127.0.0.1  nx.51ylb.cn
127.0.0.1  my.531jx.cn
127.0.0.1  qqq.dzydhx.com
127.0.0.1  qqq.hao1658.com
127.0.0.1  www.333292.com
127.0.0.1  down.18dd.net
127.0.0.1  up.22x44.com
127.0.0.1  aaa.faba01.com
127.0.0.1  bad.tqdlt.cn
127.0.0.1  1.chsipo.com
127.0.0.1  c3.aishangai.net
127.0.0.1  c2.aishangai.net
127.0.0.1  xxx.188dm.com
127.0.0.1  x2.1a2b3c1.com
127.0.0.1  d1.163500.net
127.0.0.1  down.google-serv.cn

==================================
进程特权扫描
特殊特权被允许： SeDebugPrivilege [PID = 1876, D:\360安全卫士\360SAFE\SAFEMON\360TRAY.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1876, D:\360安全卫士\360SAFE\SAFEMON\360TRAY.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1908, D:\360安全卫士\360SAFE\ANTIARP\ANTIARP.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3864, C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\PCSUITE.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1784, C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\TRANSPORTS\NCLMSBTSRV.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 332, C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\TRANSPORTS\NCLUSBSRV.EXE]

==================================
API HOOK
RVA  错误： LoadLibraryA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误： LoadLibraryExA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误： LoadLibraryExW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误： LoadLibraryW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误： GetProcAddress (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)

==================================
隐藏进程
N/A

==================================


真的不好意思，一个日志那么多

请以附件形式粘贴

这是扫出来的文件

1.建议使用XDelBox删除以下文件：(XDelBox1.6下载)
使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择剪贴板导入不检查路径，导入后在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入DOS界面进行删除操作。

c:\windows\system32\drivers\xprotector.sys

2.删除重启后使用SREng修复下面各项：

    启动项目 －－ 服务－－ 驱动程序之如下项禁用：
[XPROTECTOR / XPROTECTOR]    <\??\C:\WINDOWS\system32\drivers\Xprotector.sys>

清理系统临时文件和IE临时文件夹     
http://www.atribune.org/public-beta/ATF-Cleaner.exe
用金山清理专家清理恶意软件
http://client.download.duba.net/KASSetup_10_1.EXE
下载windows清理助手清理一遍
http://www.arswp.com/download/arswp2/arswp2.zip