瑞星监控记录：
病毒名称                        处理结果    发现日期              查杀方式            访问染毒文件的进程                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              文件                                                                                                                   
Trojan.DL.Script.VBS.Agent.xiy  直接跳过网页中的脚本2008-04-18 09:19:02  网页监控            cscript run.vbs                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                C:\WINDOWS\TEMP\37687878448.tmp                                                                                       
Trojan.DL.Script.VBS.Agent.xiy  直接跳过网页中的脚本2008-04-18 09:24:18  网页监控            cscript run.vbs                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                C:\WINDOWS\TEMP\14607878448.tmp                                                                                       
Trojan.DL.Script.VBS.Agent.xiy  直接跳过网页中的脚本2008-04-18 10:08:42  网页监控            cscript run.vbs                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                C:\WINDOWS\TEMP\36487878448.tmp                                                                                       
Trojan.DL.Script.VBS.Agent.xiy  直接跳过网页中的脚本2008-04-18 12:27:25  网页监控            cscript run.vbs                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                C:\WINDOWS\TEMP\10727878448.tmp                                                                                       
Trojan.DL.Script.VBS.Agent.xiy  直接跳过网页中的脚本2008-04-18 13:29:44  网页监控            cscript run.vbs                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                C:\WINDOWS\TEMP\39487878448.tmp                                                                                       
Trojan.DL.Script.VBS.Agent.xiy  直接跳过网页中的脚本2008-04-18 13:47:20  网页监控            cscript run.vbs                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                C:\WINDOWS\TEMP\40087878448.tmp 
机器新做的系统装有瑞星及卡卡 360安全卫士 SQL桌面版 一个数据采集系统  千千静听 QQ和QQ华夏，经常出现FTP自动访问网络，和上面的日志显示内容 求斑竹帮忙 下楼发出360诊断报告

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)

诊断平台: Microsoft Windows XP  Service Pack 2
IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180
计算机物理内存:1023.17MB - 当前可用内存:501.15MB

100 - 未知 - Process: rfwstub.exe [Rising Personal FireWall Service Rfwstub ] - C:\Program Files\Rising\Rfw\rfwstub.exe
100 - 未知 - Process: WISPro.exe [ ] - C:\Program Files\辽宁人口信息管理系统\datadownload\1.0001\WISPro.exe
100 - 未知 - Process: TXPlatform.exe [TM2008] - C:\Program Files\Tencent\QQ\TXPlatform.exe
R1 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
O1 - 未知 - Host: 127.0.0.1 858656.com
O1 - 未知 - Host: 127.0.0.1 my123.com
O1 - 未知 - Host: 127.0.0.1 8749.com
O1 - 未知 - Host: 127.0.0.1 4199.com
O1 - 未知 - Host: 127.0.0.1 7379.com
O1 - 未知 - Host: 127.0.0.1 7255.com
O1 - 未知 - Host: 127.0.0.1 3448.com
O1 - 未知 - Host: 127.0.0.1 7939.com
O1 - 未知 - Host: 127.0.0.1 8009.com
O1 - 未知 - Host: 127.0.0.1 piaoxue.com
O1 - 未知 - Host: 127.0.0.1 kzdh.com
O1 - 未知 - Host: 127.0.0.1 about.blank.la
O1 - 未知 - Host: 127.0.0.1 6781.com
O1 - 未知 - Host: 127.0.0.1 7322.com
O4 - 未知 - HKLM\..\RunOnce: [KKDelay] [RunOnce Application] C:\Program Files\Rising\AntiSpyware\RunOnce.exe
O8 - 未知 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O23 - 未知 - Service: MSSQLSERVER [MSSQLSERVER] - C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe -sMSSQLSERVER - (not running)
O23 - 未知 - Service: SQLSERVERAGENT [SQLSERVERAGENT] - C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE -i MSSQLSERVER - (not running)
O23 - 未知 - Service: System Themes [为用户提供使用主题管理的经验。] - C:\WINDOWS\SVCHOST.EXE - (not running)

=======================================

100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量，ms-dos驱动名称类似lpt1以及com，调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统，用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: CCenter.exe [瑞星杀毒软件控制台相关程序。] - C:\Program Files\Rising\Rav\CCenter.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: RavMonD.exe [瑞星杀毒软件的一部分。] - C:\PROGRAM FILES\RISING\RAV\ravmond.exe
100 - 安全 - Process: rfwsrv.exe [瑞星出品的防火墙程序，用于抵御黑客攻击。] - C:\Program Files\Rising\Rfw\rfwsrv.exe
100 - 安全 - Process: rfwProxy.exe [瑞星防火墙相关进程。] - C:\Program Files\Rising\Rfw\rfwProxy.exe
100 - 安全 - Process: RavStub.exe [瑞星出品的杀毒软件相关程序。] - C:\PROGRAM FILES\RISING\RAV\RavStub.exe
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell，包括开始菜单、任务栏，桌面和文件管理。] - C:\WINDOWS\Explorer.EXE
100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序，用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe
100 - 安全 - Process: rfwmain.exe [瑞星公司出品的瑞星杀毒软件个人防火墙程序,用于抵御黑客攻击。] - C:\Program Files\Rising\Rfw\RfwMain.exe
100 - 安全 - Process: RTHDCPL.exe [瑞昱出品的声卡相关程序。] - C:\WINDOWS\RTHDCPL.EXE
100 - 安全 - Process: RavTask.exe [瑞星出品的杀毒软件相关程序。] - C:\Program Files\Rising\Rav\RavTask.exe
100 - 安全 - Process: 360tray.exe [360安全卫士实时监控程序。] - C:\Program Files\360safe\safemon\360tray.exe
100 - 安全 - Process: RavMon.exe [瑞星杀毒软件防火墙。] - C:\Program Files\Rising\Rav\Ravmon.exe
100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\system32\ctfmon.exe
100 - 安全 - Process: ATKKBService.exe [华硕笔记本电脑键盘的相关服务，关闭此进程无法使用某些功能键。] - C:\WINDOWS\ATKKBService.exe
100 - 安全 - Process: nvsvc32.exe [nvidia driver helper service在nvida显卡驱动中被安装。] - C:\WINDOWS\system32\nvsvc32.exe
100 - 安全 - Process: conime.exe [console ime ime输入法控制台软件。] - C:\WINDOWS\system32\conime.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k HTTPFilter
100 - 安全 - Process: QQ.exe [腾讯公司出品的qq即时通讯软件。] - C:\Program Files\Tencent\QQ\QQ.exe
100 - 安全 - Process: cmd.exe [windows控制台程序。不像旧的command.com，cmd.exe是一个32位的命令行使用在winnt/2000/xp。] - C:\WINDOWS\system32\cmd.exe
100 - 安全 - Process: cmd.exe [windows控制台程序。不像旧的command.com，cmd.exe是一个32位的命令行使用在winnt/2000/xp。] - C:\WINDOWS\system32\cmd.exe
100 - 安全 - Process: cmd.exe [windows控制台程序。不像旧的command.com，cmd.exe是一个32位的命令行使用在winnt/2000/xp。] - C:\WINDOWS\system32\cmd.exe
100 - 安全 - Process: RsAgent.exe [瑞星助手是瑞星杀毒软件的一部分。] - C:\Program Files\Rising\Rav\RsAgent.exe
100 - 安全 - Process: AgentSvr.exe [是一个ActiveX插件，用于多媒体程序。] - C:\WINDOWS\msagent\AgentSvr.exe -Embedding
100 - 安全 - Process: IEXPLORE.EXE [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\iexplore.exe
100 - 安全 - Process: runiep.exe [卡卡上网安全助手IE防漏墙相关程序。] - C:\Program Files\Rising\AntiSpyware\runiep.exe
100 - 安全 - Process: 360Safe.exe [360安全卫士相关程序。] - C:\Program Files\360safe\360Safe.exe
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
O1 - 安全 - Host: 127.0.0.1 yu.8s7.net
O1 - 安全 - Host: 127.0.0.1 1.jopanqc.com
O1 - 安全 - Host: 127.0.0.1 2.joppnqq.com
O1 - 安全 - Host: 127.0.0.1 wg.47255.

在线急等回复

O1 - 安全 - Host: 127.0.0.1 1.joppnqq.com
O1 - 安全 - Host: 127.0.0.1 xxx.m111.biz
O1 - 安全 - Host: 127.0.0.1 1.jopenqc.com
O1 - 安全 - Host: 127.0.0.1 1.jopenkk.com
O1 - 安全 - Host: 127.0.0.1 xxx.vh7.biz
O1 - 安全 - Host: 127.0.0.1 xxx.j41m.com
O1 - 安全 - Host: 127.0.0.1 3.joppnqq.com
O1 - 安全 - Host: 127.0.0.1 d.93se.com
O1 - 安全 - Host: 127.0.0.1 www.868wg.com
O1 - 安全 - Host: 127.0.0.1 xxx.mmma.biz
O1 - 安全 - Host: 127.0.0.1 ilove.com
O1 - 安全 - Host: 127.0.0.1 tp.shpzhan.cn
O1 - 安全 - Host: 127.0.0.1 www.tomwg.com
O1 - 安全 - Host: 127.0.0.1 www.cike007.cn
O1 - 安全 - Host: 127.0.0.1 www.22aaa.com
O1 - 安全 - Host: 127.0.0.1 xx.exiao01.com
O1 - 安全 - Host: 127.0.0.1 www.exiao01.com
O1 - 安全 - Host: 127.0.0.1 www.exiao01.com
O1 - 安全 - Host: 127.0.0.1 new.749571.com
O1 - 安全 - Host: 127.0.0.1 xtx.kv8.info
O1 - 安全 - Host: 127.0.0.1 cao.kv8.info
O1 - 安全 - Host: 127.0.0.1 1.jopmmqq.com
O1 - 安全 - Host: 127.0.0.1 171817.171817.com
O1 - 安全 - Host: 127.0.0.1 d2.llsging.com
O1 - 安全 - Host: 127.0.0.1 down.malasc.cn
O1 - 安全 - Host: 127.0.0.1 llboss.com
O1 - 安全 - Host: 127.0.0.1 nx.51ylb.cn
O1 - 安全 - Host: 127.0.0.1 my.531jx.cn
O1 - 安全 - Host: 127.0.0.1 qqq.dzydhx.com
O1 - 安全 - Host: 127.0.0.1 qqq.hao1658.com
O1 - 安全 - Host: 127.0.0.1 www.333292.com
O1 - 安全 - Host: 127.0.0.1 down.18dd.net
O1 - 安全 - Host: 127.0.0.1 up.22x44.com
O1 - 安全 - Host: 127.0.0.1 aaa.faba01.com
O1 - 安全 - Host: 127.0.0.1 bad.tqdlt.cn
O1 - 安全 - Host: 127.0.0.1 1.chsipo.com
O1 - 安全 - Host: 127.0.0.1 c3.aishangai.net
O1 - 安全 - Host: 127.0.0.1 c2.aishangai.net
O1 - 安全 - Host: 127.0.0.1 xxx.188dm.com
O1 - 安全 - Host: 127.0.0.1 x2.1a2b3c1.com
O1 - 安全 - Host: 127.0.0.1 d1.163500.net
O1 - 安全 - Host: 127.0.0.1 down.google-serv.cn
O1 - 安全 - Host: 127.0.0.1 gxgxy.net
O1 - 安全 - Host: 127.0.0.1 c0mo.com
O4 - 安全 - HKLM\..\Run: [RTHDCPL] [realtek声卡特性设置软件相关程序。] RTHDCPL.EXE
O4 - 安全 - HKLM\..\Run: [Alcmtr] [一款声卡相关程序。] ALCMTR.EXE
O4 - 安全 - HKLM\..\Run: [RavTask] [瑞星杀毒软件的任务计划程序。] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 安全 - HKLM\..\Run: [RfwMain] [瑞星防火墙程序，抵御黑客攻击。] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 安全 - HKLM\..\Run: [360Safetray] [360safe实时保护功能模块。] C:\Program Files\360safe\safemon\360tray.exe /start
O4 - 安全 - HKLM\..\Run: [NvCplDaemon] [是NVIDIA显示卡相关动态链接库文件。] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 安全 - HKLM\..\Run: [runeip] [卡卡上网安全助手相关程序。] "C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\CTFMON.EXE
O4 - 安全 - Startup folder: [Service Manager.lnk] [sql server服务管理器软件。] C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Service Manager.lnk
O23 - 安全 - Service: ATKKeyboardService [华硕增强版显卡驱动的相关服务。] - C:\WINDOWS\ATKKBService.exe - (running)
O23 - 安全 - Service: MSSQLServerADHelper [Mssqlserveradhelper 服务。] - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe - (not running)
O23 - 安全 - Service: NVSvc [是NVIDIA显示卡相关程序。] - C:\WINDOWS\system32\nvsvc32.exe - (running)
O23 - 安全 - Service: RfwProxySrv [瑞星防火墙相关程序。] - C:\Program Files\Rising\Rfw\rfwProxy.exe - (running)
O23 - 安全 - Service: RfwService [是瑞星个人防火墙相关程序。] - C:\Program Files\Rising\Rfw\rfwsrv.exe - (running)
O23 - 安全 - Service: RsCCenter [是瑞星杀毒软件控制台相关程序。] - "C:\Program Files\Rising\Rav\CCenter.exe" - (running)
O23 - 安全 - Service: RsRavMon [是瑞星杀毒软件相关监控程序。] - "C:\PROGRAM FILES\RISING\RAV\Ravmond.exe" - (not running)

=======================================

O31 - 未知 - SODL: {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation - Windows Shell Common Dll - 6.0.2900.3241 - 8312320 -
O31 - 未知 - SODL: {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation - Windows Shell Common Dll - 6.0.2900.3241 - 8312320 -
O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID：Shell extensions for file compression -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID：加密上下文菜单 -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {21569614-B795-46b1-85F4-E737A8DC09AD} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821

O31 - 未知 - SEApproved: {D20EA4E1-3957-11d2-A40B-0C5020524152} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {D20EA4E1-3957-11d2-A40B-0C5020524153} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: 无效的CLSID：Avi Properties Handler -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {5E6AB780-7743-11CF-A12B-00AA004AE837} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {22BF0C20-6DA7-11D0-B373-00A0C9034938} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {91EA3F8B-C99B-11d0-9815-00C04FD91972} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {6413BA2C-B461-11d1-A18A-080036B11A03} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {F61FFEC1-754F-11d0-80CA-00AA005B4383} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {7BA4C742-9E81-11CF-99D3-00AA004AE837} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {169A0691-8DF9-11d1-A1C4-00C04FD75D13} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {AF4F6510-F982-11d0-8595-00AA004CD6D8} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {01E04581-4EEE-11d0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {A08C11D2-A228-11d0-825B-00AA005B4383} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {00BB2763-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {6756A641-DE71-11d0-831B-00AA005B4383} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {7e653215-fa25-46bd-a339-34a2790f3cb7} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {acf35015-526e-4230-9596-becbe19f0ac9} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {00BB2764-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {03C036F1-A186-11D0-824A-00AA005B4383} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {00BB2765-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {ECD4FC4E-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {ECD4FC4C-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {ECD4FC4D-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {DD313E04-FEFF-11d1-8ECD-0000F87A470C} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad

O31 - 未知 - SEApproved: {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {30D02401-6A81-11d0-8274-00C04FD5AE38} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {3028902F-6374-48b2-8DC6-9725E775B926} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {07798131-AF23-11d1-9111-00A0C98BA67D} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {7376D660-C583-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3268 - 1022976 - 430f23a7b8fc42faaee3f165ef12fcad
O31 - 未知 - SEApproved: {EFA24E61-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {EFA24E62-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {0A89A860-D7B1-11CE-8350-444553540000} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {131A6951-7F78-11D0-A979-00C04FD705A2} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {9461b922-3c5a-11d2-bf8b-00c04fb93661} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {FBF23B40-E3F0-101B-8488-00AA003E56F8} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {3C374A40-BAE4-11CF-BF7D-00AA006946EE} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {FF393560-C2A7-11CF-BFF4-444553540000} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {7BD29E00-76C1-11CF-9DD0-00A0C9034933} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {7BD29E01-76C1-11CF-9DD0-00A0C9034933} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {67EA19A0-CCEF-11d0-8024-00C04FD75D13} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {EFA24E64-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {871C5380-42A0-1069-A2EA-08002B30309D} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.3268 - 1494016 - f5f5c65a379f4c8353fce3ad254f9821
O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {f39a0dc0-9cc8-11d0-a599-00c04fd64433} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.3268 - 150016 - 42b9458751d81b0dda67a53a2c5bdef5
O31 - 未知 - SEApproved: {f3aa0dc0-9cc8-11d0-a599-00c04fd64434} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.3268 - 150016 - 42b9458751d81b0dda67a53a2c5bdef5
O31 - 未知 - SEApproved: {f3ba0dc0-9cc8-11d0-a599-00c04fd64435} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.3268 - 150016 - 42b9458751d81b0dda67a53a2c5bdef5
O31 - 未知 - SEApproved: {f3da0dc0-9cc8-11d0-a599-00c04fd64437} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.3268 - 150016 - 42b9458751d81b0dda67a53a2c5bdef5
O31 - 未知 - SEApproved: {f3ea0dc0-9cc8-11d0-a599-00c04fd64438} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.3268 - 150016 - 42b9458751d81b0dda67a53a2c5bdef5
O31 - 未知 - SEApproved: {692F0339-CBAA-47e6-B5B5-3B84DB604E87} - C:\WINDOWS\system32\extmgr.dll - Microsoft Corporation - Extensions Manager - 6.0.2900.3268 - 55808 - e30c7689862a7d0bfd5ead7a97c0d5aa
O31 - 未知 - SEApproved: {1CDB2949-8F65-4355-8456-263E7C208A5D} - C:\WINDOWS\system32\nvshell.dll -  -  - 6.14.10.12002 - 466944 - 3a762a13751eca7bb61fdff183d2d842
O31 - 未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - C:\WINDOWS\system32\nvshell.dll -  -  - 6.14.10.12002 - 466944 - 3a762a13751eca7bb61fdff183d2d842
O31 - 未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - C:\WINDOWS\system32\nvshell.dll -  -  - 6.14.10.12002 - 466944 - 3a762a13751eca7bb61fdff183d2d842
O31 - 未知 - SEApproved: {1D2680C9-0E2A-469d-B787-065558BC7D43} - C:\WINDOWS\system32\mscoree.dll - Microsoft Corporation - Microsoft .NET Runtime Execution Engine - 1.1.4322.573 - 155648 - 4c702aea1c11d15c176c2c276d0907dd
O31 - 未知 - Directory Menu: {A470F8CF-A1E8-4f65-8335-227475AA5C46} - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation - Windows Shell Common Dll - 6.0.2900.3241 - 8312320 -
O31 - 未知 - BootExecute:  bsmain -  -  -  - 0 -

O31 - 未知 - LSA: Security Packages - C:\WINDOWS\system32\kerberos.dll - Microsoft Corporation - Kerberos Security Package - 5.1.2600.2698 - 295936 - e5f30164055d6441a4def03a97158f49
O31 - 未知 - LSA: Security Packages - sv1_0.dll -  -  -  - 0 -
O31 - 未知 - LSA: Security Packages - channel.dll -  -  -  - 0 -

=======================================

O40 - Explorer.EXE - NVIDIA Corporation - C:\WINDOWS\system32\NVRSZHC.DLL - NVIDIA Simplified Chinese language resource library - 2993280c5522f528f45081937245fde3
O40 - Explorer.EXE -  - C:\WINDOWS\system32\nvshell.dll -  - 3a762a13751eca7bb61fdff183d2d842
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\MSCOREE.DLL - Microsoft .NET Runtime Execution Engine - 4c702aea1c11d15c176c2c276d0907dd
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll - Assembly manager - b8294afc55b31d835be038222f61230c
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll - Microsoft? C Runtime Library - 86f1895ae8c5e8b17d99ece768a70732

=======================================

O41 - asusgsb - ASUS Virtual Video Capture Device Driver - C:\WINDOWS\system32\drivers\asusgsb.sys - (running) - ASUS Virtual Video Capture Device Driver - ASUSTeK Computer Inc. - d320732bcf5ff856120bd06855c66867
O41 - asuskbnt - ASUS Help driver For Keyboard Service. - C:\WINDOWS\system32\drivers\atkkbnt.sys - (running) - ASUS Help driver For Keyboard Service. - ASUSTeK COMPUTER INC. - b3b881eb81013aac11594a5400ada47a
O41 - EIO - ASUS Kernel Mode Driver for NT  - C:\WINDOWS\system32\drivers\EIO.sys - (running) - ASUS Kernel Mode Driver for NT  - ASUSTeK Computer Inc. - 0daf3544804650526751c478aeccce63
O41 - QKeyService - KeyCrypt - C:\WINDOWS\system32\KeyCrypt.sys - (running) - KeyCrypt -  Tencent Technology (Shenzhen) Company Limited - ecaa6d40a70bee079f3817601bec1692
O41 - Video3D - ASUS Video3D driver - C:\WINDOWS\system32\drivers\Video3D32.sys - (running) - ASUS Video3D driver - ASUSTeK COMPUTER INC. - 8643da4a6c83da6c10fcab1e5ab6632d
O41 - TesSafe - TesSafe NT Driver - C:\WINDOWS\system32\TesSafe.sys - (not running) - TesSafe NT Driver - TENCENT - 62b7264654480825e0f518933fd68233
O41 - RsAntiSpyware - Anti-RootKit Driver - C:\WINDOWS\system32\drivers\RsBoot.sys - (not running) - Anti-RootKit Driver - Beijing Rising Technology Co., Ltd. - f9edc97f228c046832a24b5a76017912

=======================================
360Safe.exe=4.1.0.1006
AntiAdwa.dll=4.1.0.1001
AntiEng.dll=4.1.0.1004
AntiActi.dll=2.0.0.3000
CleanHis.dll=4.0.0.1001
live.dll=1.0.1.1027

=======================================
操作历史报告：

2008-04-17 20:14
清理其它插件 - Windows临时文件 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Set1.tmp
2008-04-18 13:09
清理恶评插件 - Power - C:\WINDOWS\svchost.exe
清理恶评插件 - 伪装系统Svchost 恶意程序 - C:\WINDOWS\SVCHOST.EXE

=======================================

提示的时候我没有去浏览网页 而且刚才还多出几个CMD进程

sreng日志
是用什么扫描的

稍等正在弄