伪装成WINDOWS服务启动，用冰刃也无法删除。用冰刃可以删除相关文件，无法删除注册表（删除后又出现）。

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_QDBAHR58]
"NextInstance"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_QDBAHR58\0000]
"Service"="qdbahr58"
"Legacy"=dword:00000001
"ConfigFlags"=dword:00000000
"Class"="LegacyDriver"
"ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
"DeviceDesc"="qdbahr58"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_QDBAHR58\0000\Control]
"*NewlyCreated*"=dword:00000000
"ActiveService"="qdbahr58"