前不久中了Trojan-PSW.Win32.OnLineGames.bs  卡巴杀不掉 ewido查不出来

在C:\Documents and Settings\Administrator.6B03C864A81D41D\Local Settings\Temp文件夹下多了几个病毒文件

1.exe

2.exe

3.exe

mhs2.dll

wlzs.dll

ztq.dll

还有一个文件夹zt2,里面有一个svchost.exe

上面几个文件删了后又会出来,在安全模式下删了也没用 并且在安全模式下自启动项中的mhs2.dllwlzs.dll删了还会出来

我试过killbox也没用

这些文件就象幽灵一样挥之不去 快折磨死我了~~

这个病毒貌似有其他的进程做后门,但我不会找

望高手指点一二 告诉我这个病毒的后台到底在哪 该怎么清除 感激不尽!!!!

2006-12-30,17:03:55

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <myZt2><C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\Zt2\SVCH0ST.EXE>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [(Verified)Yahoo! China]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <KAVPersonal50><"f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize>  [Kaspersky Lab]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <HPDJ Taskbar Utility><C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe>  [(Verified)HP]
    <HP Component Manager><"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe">  [Hewlett-Packard Company]
    <DeviceDiscovery><C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe>  [Hewlett-Packard]
    <!ewido><"F:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized>  [Anti-Malware Development a.s.]
    <StormCodec_Helper><"f:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <adx.exe><C:\Program Files\real\adx.exe>  [Microsoft Corporation]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  [N/A]
    <mhs2><C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\2.exe>  [N/A]
    <wlzs><C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\3.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><338448M.BMP>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{E568441B-9EF3-49F8-9A67-4141AC41ADD4}><C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll>  [(Verified)Yahoo! China]
    <{6E44887F-5214-41F2-AB46-4728735C4CC6}><C:\Program Files\Internet Explorer\PLUGINS\System8.sys>  [N/A]
    <{9C0CFA58-3A6F-51ba-9EFE-5320F4F62FB1}><C:\WINDOWS\system32\bdscheca100.dll>  [N/A]
    <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><f:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll>  [Anti-Malware Development a.s.]
    <{99F1D023-7CEB-4586-80F7-BB1A98DB7602}><C:\Program Files\Internet Explorer\IEXPLORE.Sys>  [N/A]
    <{FEB94F5A-69F3-4645-8C2B-9E71D270AF2E}><C:\Program Files\Internet Explorer\IEXPLORE.Dat>  [N/A]
    <{923509F1-45CB-4EC0-BDE0-1DED35B8FD60}><C:\Program Files\Internet Explorer\IEXPLORE.win>  [N/A]
    <{87DB138F-7F91-49A8-82A4-8A7BFC6E48D1}><C:\WINDOWS\debug\userMode\8808.dll>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[ATK Keyboard Service / ATKKeyboardService]
  <C:\WINDOWS\ATKKBService.exe><ASUSTeK COMPUTER INC.>
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard]
  <f:\Program Files\ewido anti-spyware 4.0\guard.exe><Anti-Malware Development a.s.>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[kavsvc / kavsvc]
  <"f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"><Kaspersky Lab>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Visual Studio Analyzer RPC bridge / Visual Studio Analyzer RPC bridge]
  <F:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe><Microsoft Corporation>
[Windows DHCP Service / WinDHCPsvc]
  <C:\WINDOWS\system32\rundll32.exe windhcp.ocx,start><Microsoft Corporation>
[WinXP DHCP Service / WinXPDHCPsvc]
  <C:\WINDOWS\system32\rundll32.exe xpdhcp.dll,start><Microsoft Corporation>

==================================
驱动程序
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService]
  <system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[AEAudio Service / AEAudioService]
  <system32\drivers\AEAudio.sys><Andrea Electronics Corporation>
[ASUS Virtual Video Capture Device Driver / asusgsb]
  <system32\drivers\asusgsb32.sys><ASUSTeK Computer Inc.>
[Asushwio / Asushwio]
  <\??\C:\WINDOWS\system32\drivers\Asushwio.sys><N/A>
[Enhanced Display Driver Helper Service / asuskbnt]
  <system32\drivers\atkkbnt.sys><ASUSTeK COMPUTER INC.>
[HelloNet PPPoE 虚拟网卡 / BRPPPOE]
  <system32\DRIVERS\brpppoe.sys><N/A>
[Closed Caption Decoder / CCDECODE]
  <system32\DRIVERS\CCDECODE.sys><N/A>
[EIO / EIO]
  <\??\C:\WINDOWS\system32\drivers\EIO.sys><ASUSTeK Computer Inc.>
[ewido anti-spyware 4.0 driver / ewido anti-spyware 4.0 driver]
  <\??\f:\Program Files\ewido anti-spyware 4.0\guard.sys><N/A>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService]
  <system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Kl1 / Kl1]
  <\SystemRoot\System32\drivers\kl1.sys><Kaspersky Lab>
[Klif / Klif]
  <System32\drivers\klif.sys><Kaspersky Labs>
[Klmc / Klmc]
  <System32\drivers\klmc.sys><Kaspersky Lab>
[ATK0110 ACPI UTILITY / MTsensor]
  <system32\DRIVERS\ASACPI.sys><>
[NABTS/FEC VBI Codec / NABTSFEC]
  <system32\DRIVERS\NABTSFEC.sys><N/A>
[Microsoft TV/Video Connection / NdisIP]
  <system32\DRIVERS\NdisIP.sys><N/A>
[npkcrypt / npkcrypt]
  <\??\F:\Program Files\Tencent\qq\npkcrypt.sys><N/A>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[SenFilt Service / SenFiltService]
  <system32\drivers\Senfilt.sys><Sensaura>
[BDA Slip De-Framer / SLIP]
  <system32\DRIVERS\SLIP.sys><N/A>
[BDA IPSink / streamip]
  <system32\DRIVERS\StreamIP.sys><N/A>

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[BHOHelper Class]
  {67A90DD5-128D-43AB-B97C-565D2DD42A28} <C:\Program Files\real\atloader.dll, Microsoft Corporation>
[BHOHelper Class]
  {67A90DD6-128D-43AB-B97C-565D2DD42A28} <C:\Program Files\real\atloader.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <f:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <f:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/start.htm?source=yzs_icon&btn=yassistnew, N/A>
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[易趣购物]
  {BE9C13C3-9E46-4db1-BC05-BD8DA44599F2} <http://adfarm.mediaplex.com/ad/ck/4080-22910-9640-151?cn=song;icon;hp&mpro=http://www.ebay.com.cn, N/A>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar0.dll, yahoo! china>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar0.dll, yahoo! china>
[Yahoo!Live]
  {57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll, yahoo! china>
[BHOHelper Class]
  {67A90DD5-128D-43AB-B97C-565D2DD42A28} <C:\Program Files\real\atloader.dll, Microsoft Corporation>
[BHOHelper Class]
  {67A90DD6-128D-43AB-B97C-565D2DD42A28} <C:\Program Files\real\atloader.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <f:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\system\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[ADXAutoLive]
  {E5212436-921F-44a3-8865-11C0B9BA4AF2} <C:\Program Files\real\autolive.dll, Microsoft Corporation>
[ADXAutoLive]
  {E5212437-921F-44a3-8865-11C0B9BA4AF2} <C:\PROGRA~1\real\autolive.dll, Microsoft Corporation>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China>
[&使用迅雷下载]
  <f:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <f:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <F:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <F:\Program Files\Tencent\qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\Program Files\Tencent\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <F:\Program Files\Tencent\qq\SendMMS.htm, N/A>
[雅虎搜索]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar0.dll/203, N/A>

==================================
正在运行的进程
[PID: 688][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 736][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 760][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 804][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 816][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 972][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1052][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1172][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1256][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1332][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1524][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\hpzsnt09.dll]  [HP, 2.236.4.0]
[PID: 1764][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 7, 1023]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\real\adx.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\real\urlcatch.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\real\atloader.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\real\autolive.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\WINDOWS\system32\xpdhcp.dll]  [N/A, N/A]
    [f:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINDOWS\338448M.BMP]  [N/A, N/A]
    [C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\ZtgL.dll]  [N/A, N/A]
    [F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [f:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll]  [Yahoo! China, 3, 1, 3, 1018]
    [F:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [f:\Program Files\Unlocker\UnlockerCOM.dll]  [N/A, N/A]
    [f:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\ewido anti-spyware 4.0\context.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
[PID: 1904][F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe]  [Kaspersky Lab, 5.0.388.1]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll]  [Kaspersky Lab, 5.0.388.0]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll]  [Kaspersky Lab, 5.0.388.0]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\GuiDlgs.dll]  [Kaspersky Lab, 5.0.388.1]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLCMN.dll]  [Kaspersky Lab, 5.0.388.1]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLUtil.dll]  [Kaspersky Lab, 5.0.388.1]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CCIFACE.dll]  [Kaspersky Lab, 5.0.388.1]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\rpt.dll]  [Kaspersky Lab, 5.0.388.2]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ChkTool.DLL]  [Kaspersky Lab, 5.0.388.1]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KAVMWnd.dll]  [Kaspersky Lab, 5.0.388.1]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\COLOC.dll]  [Kaspersky Lab, 5.0.388.1]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\GULOC.dll]  [Kaspersky Lab, 5.0.388.1]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\MALOC.dll]  [Kaspersky Lab, 5.0.388.1]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\AVLOC.dll]  [Kaspersky Lab, 5.0.388.1]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\ZtgL.dll]  [N/A, N/A]

[PID: 1920][C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe]  [HP, 2.236.4.0]
    [C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZR3209.dll]  [HP, 2.236.4.0]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
[PID: 1928][C:\Program Files\HP\hpcoretech\hpcmpmgr.exe]  [Hewlett-Packard Company, 2.1.1]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
[PID: 1936][C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe]  [Hewlett-Packard, 1, 0, 0, 1]
    [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpodvd08.dll]  [Hewlett-Packard, 2, 0, 2, 2]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxm08.dll]  [Hewlett-Packard Co., 4.2.0.127]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
[PID: 1948][F:\Program Files\ewido anti-spyware 4.0\ewido.exe]  [Anti-Malware Development a.s., 4, 0, 0, 201]
    [F:\Program Files\ewido anti-spyware 4.0\engine.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 7, 1023]
    [C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\ZtgL.dll]  [N/A, N/A]
[PID: 276][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
[PID: 368][C:\WINDOWS\ATKKBService.exe]  [ASUSTeK COMPUTER INC., 1, 0, 0, 0]
[PID: 524][f:\Program Files\ewido anti-spyware 4.0\guard.exe]  [Anti-Malware Development a.s., 4, 0, 0, 172]
    [f:\Program Files\ewido anti-spyware 4.0\engine.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
[PID: 600][f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\pr_rmt.dll]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CCIFACE.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLUtil.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\rpt.dll]  [Kaspersky Lab, 5.0.388.2]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ChkTool.DLL]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prloader.dll]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prkernel.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\startups.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\pr_srv.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\pr_clnt.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\prstring.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\l_llio.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avp_iont.dll]  [Kaspersky Lab, 5.0.0.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\inflate.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\avlib.ppl]  [Kaspersky Lab, 5.0.391.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\arj.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\arjpack.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\avp1.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\avpgs.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\avpmgr.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\wdiskio.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\btdisk.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\buffer.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\cab.ppl]  [Kaspersky Lab, 5.0.390.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\deflate.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\dmap.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\dtreg.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\explode.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\hashcont.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\hashmd5.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\hccmp.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\ichk2.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\ichstrms.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\klonacci.ppl]  [Kaspersky Lab, 5.0.388.230]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\mailmsg.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\mchk.ppl]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klcp.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\mdmap.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\memmodsc.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\memscan.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\minizip.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\msoe.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\nfio.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\ntfsstrm.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\passdmap.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\prseqio.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\prutil.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\qio.ppl]  [Kaspersky Lab, 5.0.0.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\quantum.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\rar.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\sfdb.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\stored.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\superio.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\tempfile.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\unarj.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\uniarc.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\unlzx.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\unreduce.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\unshrink.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\unstored.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\winreg.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\xorio.ppl]  [Kaspersky Lab, 5.0.388.16]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\zcompare.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\wcswmi.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLOnAcc.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ccclient.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLCKAH.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CKAHUM.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CKAHComm.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ckahrule.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrch_ag.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\mcproxy.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\mcpr.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\mailappl.dll]  [Kaspersky Lab, 5.0.388.1]

[PID: 1144][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.8391]
[PID: 1244][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 884][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 4028][f:\Program Files\Tencent\TT\TTraveler.exe]  [腾讯公司, 3.1.0.261]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [f:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll]  [腾讯公司, 1, 1, 0, 5]
    [f:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll]  [, 1, 0, 0, 3]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [f:\Program Files\Tencent\TT\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 4]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll]  [Kaspersky Lab, 5.0.1.18]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrch_ag.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\pr_rmt.dll]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ccclient.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLUtil.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\rpt.dll]  [Kaspersky Lab, 5.0.388.2]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CCIFACE.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prloader.dll]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prkernel.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\prstring.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\pr_srv.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\pr_clnt.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\tempfile.ppl]  [Kaspersky Lab, 5.0.388.0]
    [C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\ZtgL.dll]  [N/A, N/A]
    [C:\Program Files\real\urlcatch.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 7, 1023]
[PID: 2080][F:\Program Files\ADSL拨号王\HNMainUI.exe]  [N/A, 2, 3, 0, 1]
    [F:\Program Files\ADSL拨号王\HNKernel.dll]  [HelloNet, 2.2.0.1]
    [F:\Program Files\ADSL拨号王\HNUtils.dll]  [N/A, 2, 2, 0, 1]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [F:\Program Files\ADSL拨号王\HNRes_0804.dll]  [N/A, 2, 2, 0, 1]
    [F:\Program Files\ADSL拨号王\plugins\Diagnose.dll]  [HelloNet, 2.2.0.1]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
[PID: 3728][F:\Program Files\Tencent\qq\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [F:\Program Files\Tencent\qq\CoralAssist.DLL]  [Coral Team, 4.5.0 build 20060515]
    [F:\Program Files\Tencent\qq\CoralQQ.DLL]  [Coral Team, 4.5.4 Build 20061001]
    [F:\Program Files\Tencent\qq\ipsearcher.dll]  [, 1.0.0.3]
    [F:\Program Files\Tencent\qq\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [F:\Program Files\Tencent\qq\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [F:\Program Files\Tencent\qq\QQAPI.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\QQMainFrame.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\CQQApplication.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\NewSkin.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\HostingMgr.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\CameraDll.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\MailSummary.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\GroupLive.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\QQSysMsgMng.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [F:\Program Files\Tencent\qq\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\QQPlugin.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\QRingMng.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\QQAvatar.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [F:\Program Files\Tencent\qq\QQPet.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\QQAllInOne.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [F:\Program Files\Tencent\qq\QQCustomFace.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]

[F:\Program Files\Tencent\qq\BQQApplication.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [F:\Program Files\Tencent\qq\QQSceneMng.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll]  [Kaspersky Lab, 5.0.1.18]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrch_ag.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\pr_rmt.dll]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ccclient.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLUtil.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\rpt.dll]  [Kaspersky Lab, 5.0.388.2]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CCIFACE.dll]  [Kaspersky Lab, 5.0.388.1]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prloader.dll]  [Kaspersky Lab, 5.0.388.0]
    [f:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prkernel.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\prstring.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\pr_srv.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\pr_clnt.ppl]  [Kaspersky Lab, 5.0.388.0]
    [f:\program files\kaspersky lab\kaspersky anti-virus personal\tempfile.ppl]  [Kaspersky Lab, 5.0.388.0]
    [F:\Program Files\Tencent\qq\qqgroupdisk.dll]  [深圳腾讯科技, 2, 1, 101, 40]
    [F:\Program Files\Tencent\qq\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 7, 1023]
    [f:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
    [F:\Program Files\Tencent\qq\CommercesMng.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [F:\Program Files\Tencent\qq\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
    [F:\Program Files\Tencent\qq\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 1, 2, 23]
    [C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\ZtgL.dll]  [N/A, N/A]
[PID: 3844][C:\WINDOWS\system32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\ZtgL.dll]  [N/A, N/A]
[PID: 3992][F:\Program Files\Tencent\qq\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
    [F:\Program Files\Tencent\qq\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\qq\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [F:\Program Files\Tencent\qq\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [F:\Program Files\Tencent\qq\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 2516][C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\Zt2\SVCH0ST.EXE]  [N/A, N/A]
    [C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\ZtgL.dll]  [N/A, N/A]
[PID: 1544][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2436][C:\WINDOWS\system32\mdm.exe]  [Microsoft Corporation, 6.00.8149]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
[PID: 2836][f:\Program Files\Tencent\TT\TCPlus.exe]  [腾讯公司, 1, 0, 0, 5]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [f:\Program Files\Tencent\TT\QQDownload.dll]  [Tencent Technology (Shenzhen) Company Limited, 1, 0, 101, 28]
    [f:\Program Files\Tencent\TT\TNProxy.dll]  [Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 60]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\ZtgL.dll]  [N/A, N/A]
[PID: 1108][F:\zsl\实用程序\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\real\bhomgr.dll]  [Microsoft Corporation, 5, 1, 2606, 1229]
    [C:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [C:\WINDOWS\debug\userMode\8808.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\DOCUME~1\ADMINI~1.6B0\LOCALS~1\Temp\ZtgL.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================

引用:

如果是xp系统没办法了 ………………

- -我的XP系统真没办法了？别吓我啊～～

还是谢谢afkp4e7了 我再想想办法把 ~~高手门帮帮我啊~~~

谢谢猫老大了~~今天米时间了~~明天试试土办法~~谢了~~收藏了~~