http://www.d766.com/veer.php?entry=993&mac=00E04C00055E
一打开浏览器就自动登陆这个网址，接着就自动调转到“http://bbs.9495.com/ku6.htm”
或者“重庆人才网”什么的一些网站，不是每次都跳转到同一个网站。用超级兔子和360安全卫士都查不出恶意插件，但是奇虎360修复IE浏览器选项里可以显示修复了3项，都是“IE链接的参数 http://www.d766.com/veer.php?entry=993&mac=00E04C00055E”但是打开浏览器还是会自动登陆上面的网址。

O8 - 未知 - Extra context menu item: &V使用Vagaa哇嘎下载 - C:\Program Files\Vagaa\Vagaa\Data\vg.htm
O8 - 未知 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - 未知 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - 未知 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - 未知 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - 未知 - Extra button: 腾讯QQ(HKLM) - C:\Program Files\Tencent\QQ\QQ.EXE
O11 - 未知 - Options Group: Java (Sun)
O16 - 未知 - DPF: {3C38DEE8-BE1A-4DEC-B232-2C78706CC7EA} (GUpdate) - http://ps.itv.mop.com/update/update/GUpdate-1.0.0.10-signed.cab
O16 - 未知 - DPF: {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} (LiveMediaOcx Control) - http://dl_dir.qq.com/qqtv/QQLiveOcxSetup.exe
O16 - 未知 - DPF: {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} (Qzone Media Tools) - http://imgcache.qq.com/music/QQMusicSetup.exe
O16 - 未知 - DPF: {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} (Tencent Safety Online Base Module) - http://safe.qq.com/cgi-bin/tso/TSOBase.ocx
O16 - 未知 - DPF: {C661F36D-DF85-4EF4-83C7-E107B83D04B1} (WebActivater Control) - http://dl_dir.qq.com/3dshow/3DShowVM.cab
O16 - 未知 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
O16 - 未知 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
O18 - 未知 - Protocol: 电子书编译工具Web Compiler相关 - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll
O18 - 未知 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\PROGRA~1\KuGoo2\InExtend\KUGOO3~1.OCX
O18 - 未知 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll"
O23 - 未知 - Service: PMJ151LA [PMJ151 AutoLaunch Service] - C:\WINDOWS\PMJ151LA.BIN - (not running)

=======================================

100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量，ms-dos驱动名称类似lpt1以及com，调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统，用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k NetworkService
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k LocalService
100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序，用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe
100 - 安全 - Process: avp.exe [卡巴斯基杀毒软件相关程序。] -
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k imgsvc
100 - 安全 - Process: wdfmgr.exe [windows media player播放器相关程序。] - C:\WINDOWS\System32\wdfmgr.exe
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell，包括开始菜单、任务栏，桌面和文件管理。] - C:\WINDOWS\Explorer.EXE
100 - 安全 - Process: SOUNDMAN.EXE [一个软声卡控制台软件。] - C:\WINDOWS\SOUNDMAN.EXE
100 - 安全 - Process: avp.exe [卡巴斯基杀毒软件相关程序。] -
100 - 安全 - Process: 360tray.exe [360安全卫士实时保护模块] - C:\Program Files\360safe\safemon\360tray.exe
100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\System32\ctfmon.exe
100 - 安全 - Process: QQ.exe [腾讯公司出品的qq即时通讯软件。] - C:\Program Files\Tencent\QQ\QQ.exe
100 - 安全 - Process: TIMPlatform.exe [腾讯即时通讯客户端软件的一部分。] - C:\Program Files\Tencent\QQ\TIMPlatform.exe
100 - 安全 - Process: EXCEL.EXE [microsoft office办公套件的一部分，excel用于表格制作。] - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
100 - 安全 - Process: TTraveler.exe [腾讯出品的一款第三方浏览器软件，支持多窗口。] - C:\Program Files\Tencent\TT\TTraveler.exe
100 - 安全 - Process: IEXPLORE.EXE [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\IEXPLORE.EXE
100 - 安全 - Process: 360Safe.exe [360安全卫士相关程序。] - C:\Program Files\360safe\360Safe.exe
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=about:blank
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=about:blank
O2 - 安全 - BHO: (超级兔子上网精灵) - [超级兔子上网精灵相关插件。] - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll
O3 - 安全 - Toolbar: (金山快译(&K)) - [金山快译工具条软件相关程序。] - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll
O3 - 安全 - Toolbar: (FlashGet Bar) - [FlashGet IE工具条。] - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - 安全 - Toolbar: (电台(&R)) - [是Windows Media Player播放器ActiveX控制相关文件。] - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - 安全 - Toolbar: (超级兔子上网精灵) - [超级兔子上网精灵工具条,随超级兔子软件捆绑安装。] - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll
O4 - 安全 - HKLM\..\Run: [nwiz] [是NVidia的Nview特性相关程序。该程序用于用户对其特性进行配置，将桌面扩展到多台显示器上。 ] nwiz.exe /install
O4 - 安全 - HKLM\..\Run: [SoundMan] [Realtek声卡相关程序。] SOUNDMAN.EXE
O4 - 安全 - HKLM\..\Run: [PCTVOICE] [pcltel modem相关程序。] pctspk.exe
O4 - 安全 - HKLM\..\Run: [kav] [卡巴斯基杀毒软件相关程序。] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - 安全 - HKLM\..\Run: [NvCplDaemon] [是NVIDIA显示卡相关动态链接库文件。] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - 安全 - HKLM\..\Run: [360Safetray] [360safe实时保护功能模块。] C:\Program Files\360safe\safemon\360tray.exe
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\System32\ctfmon.exe
O8 - 安全 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - 安全 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - 安全 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - 安全 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - 安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - 安全 - DPF: 无效的CLSID：{33564D57-0000-0010-8000-00AA00389B71} ({33564D57-0000-0010-8000-00AA00389B71}) - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - 安全 - DPF: 无效的CLSID：{33564D57-9980-0010-8000-00AA00389B71} ({33564D57-9980-0010-8000-00AA00389B71}) - http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
O16 - 安全 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (Windows升级工具V5) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128383205624
O16 - 安全 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
O16 - 安全 - DPF: {ACFE8232-03C5-4AEC-AF5E-42B806724096} (金山毒霸检疫站) - http://safe.qq.com/scan/KAllScan.CAB
O16 - 安全 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MSN Messenger Setup Downloader) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - 安全 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Flash播放器) - http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
O16 - 安全 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN即时通讯相关插件4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - 安全 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O18 - 安全 - Protocol: OFFICE 相关 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O23 - 安全 - Service: AVP [卡巴斯基杀毒软件相关程序。] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe -r - (running)
O23 - 安全 - Service: NVSvc [是NVIDIA显示卡相关程序。] - C:\WINDOWS\System32\nvsvc32.exe - (not running)
O23 - 安全 - Service: SNMP [微软Windows自带的网络相关进程，用于局域网LAN和局域网基础配置。] - C:\WINDOWS\System32\snmp.exe - (not running)
O23 - 安全 - Service: SNMPTRAP [微软Microsoft Windows操作系统相关程序，用于监听简单网络管理协议SNMP的消息。] - C:\WINDOWS\System32\snmptrap.exe - (not running)

我也是中了这个毒，急得跳脚啊！！！

O40 - winlogon.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll - User Experience Controls Library - aef3d788dbf40c7c4d204ea45eb0c505
O40 - winlogon.exe - Microsoft Corporation - C:\WINDOWS\system32\serwvdrv.dll - Unimodem Serial Wave driver - 8c844682256cda31955ab56268a1a912
O40 - winlogon.exe - Microsoft Corporation - C:\WINDOWS\system32\umdmxfrm.dll - Unimodem Tranform Module - d8a40058337a5ea1089ccdee756217a4
O40 - lsass.exe - Microsoft Corporation - C:\WINDOWS\system32\serwvdrv.dll - Unimodem Serial Wave driver - 8c844682256cda31955ab56268a1a912
O40 - lsass.exe - Microsoft Corporation - C:\WINDOWS\system32\umdmxfrm.dll - Unimodem Tranform Module - d8a40058337a5ea1089ccdee756217a4
O40 - lsass.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll - User Experience Controls Library - aef3d788dbf40c7c4d204ea45eb0c505
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\system32\serwvdrv.dll - Unimodem Serial Wave driver - 8c844682256cda31955ab56268a1a912
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\system32\umdmxfrm.dll - Unimodem Tranform Module - d8a40058337a5ea1089ccdee756217a4
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll - User Experience Controls Library - aef3d788dbf40c7c4d204ea45eb0c505
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll - User Experience Controls Library - aef3d788dbf40c7c4d204ea45eb0c505
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\System32\serwvdrv.dll - Unimodem Serial Wave driver - 8c844682256cda31955ab56268a1a912
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\System32\umdmxfrm.dll - Unimodem Tranform Module - d8a40058337a5ea1089ccdee756217a4
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\System32\mtxoci.dll - Microsoft database support DLL for Oracle - 8b7a5ec4cc21bd8d2945b3e01fe29a80
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\System32\serwvdrv.dll - Unimodem Serial Wave driver - 8c844682256cda31955ab56268a1a912
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\System32\umdmxfrm.dll - Unimodem Tranform Module - d8a40058337a5ea1089ccdee756217a4
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll - User Experience Controls Library - aef3d788dbf40c7c4d204ea45eb0c505
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\System32\serwvdrv.dll - Unimodem Serial Wave driver - 8c844682256cda31955ab56268a1a912
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\System32\umdmxfrm.dll - Unimodem Tranform Module - d8a40058337a5ea1089ccdee756217a4
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll - User Experience Controls Library - aef3d788dbf40c7c4d204ea45eb0c505
O40 - svchost.exe - Microsoft Corporation - c:\windows\system32\wiaservc.dll - Still Image Devices Service - 780ca13102ca3aa00b8391cb469045a4
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\System32\sti.dll - Still Image Devices client DLL  - dfe3ecf659a352a9efcaa6eb0c1e529c
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll - User Experience Controls Library - aef3d788dbf40c7c4d204ea45eb0c505
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\System32\serwvdrv.dll - Unimodem Serial Wave driver - 8c844682256cda31955ab56268a1a912
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\System32\umdmxfrm.dll - Unimodem Tranform Module - d8a40058337a5ea1089ccdee756217a4
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\System32\upnpui.dll - UPNP Tray Monitor and Folder - c7736fed5f67f772fc8de5ce1198fc5b
O40 - Explorer.EXE - Adobe Systems, Inc. - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll - PDF Shell Extension - 4b0991cd076b617a2231b19a6663c1c9
O40 - Explorer.EXE -  - C:\WINDOWS\System32\msdmo.dll -  - 5f2a1317fab96fe887447e5fd96838b7
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\System32\perfos.dll - Windows System Performance Objects DLL - 30e9be60d32de12b56e2eef0e9500369
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\System32\DSOUND.dll - DirectSound - 033a45ab696eef481707c2808c806e1a
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\System32\KsUser.dll - User CSA Library - 15914e0bf4dda56cf797993dccb637d1
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\System32\shimgvw.dll - Windows 图片和传真查看器 - 34fc3e8f2e5bcd28e1dcdca4dd24238a
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\gdiplus.dll - Microsoft

O41 - BaseTDI - basetdi - C:\WINDOWS\system32\drivers\basetdi.sys - (running) - basetdi - Beijing Rising Technology Co., Ltd. - e737715afdcc999b806ac3c1120ec04e
O41 - gameenum - Game Port Enumerator - C:\WINDOWS\system32\drivers\gameenum.sys - (running) - Game Port Enumerator - Microsoft Corporation - 90d951a8876631e617ed64a9ddf0bafc
O41 - kl1 - Kaspersky Unified Driver - C:\WINDOWS\system32\drivers\kl1.sys - (running) - Kaspersky Unified Driver - Kaspersky Lab - 5445b03cd42dedf5f85b9daf712fdd09
O41 - klif - spuper-ptor - C:\WINDOWS\system32\drivers\klif.sys - (running) - spuper-ptor - Kaspersky Lab - 2985985b39e13643f941b6396fb915dd
O41 - npkcrypt - nProtect KeyCrypt Driver - C:\Program Files\Tencent\QQ\npkcrypt.sys - (running) - nProtect KeyCrypt Driver - INCA Internet Co., Ltd. - 8bcb281a2540e7aff0cd00f9878fe21f
O41 - NwlnkIpx - NWLINK2 IPX Protocol Driver - C:\WINDOWS\system32\drivers\nwlnkipx.sys - (running) - NWLINK2 IPX Protocol Driver - Microsoft Corporation - e700e93f7c4acb65dca2b7dda9b36ce3
O41 - NwlnkNb - NWLINK2 IPX Netbios Protocol Driver - C:\WINDOWS\system32\drivers\nwlnknb.sys - (running) - NWLINK2 IPX Netbios Protocol Driver - Microsoft Corporation - 56d34a67c05e94e16377c60609741ff8
O41 - NwlnkSpx - NWLINK2 SPX Protocol Driver - C:\WINDOWS\system32\drivers\nwlnkspx.sys - (running) - NWLINK2 SPX Protocol Driver - Microsoft Corporation - c0bb7d1615e1acbdc99757f6ceaf8cf0
O41 - PMJ151NM - Panasonic DVC Web Camera - C:\WINDOWS\system32\drivers\PMJ151NM.sys - (running) - Panasonic DVC Web Camera - Matsushita Electric Industrial Co. ,Ltd, - d7cd8506ae89cca8cc21fa5f139fb465
O41 - Processor - Processor Device Driver - C:\WINDOWS\system32\drivers\processr.sys - (running) - Processor Device Driver - Microsoft Corporation - d07a26cc7ad1aab212fe61f65da8b68c
O41 - ROOTMODEM - Legacy Non-Pnp Modem Device Driver - C:\WINDOWS\system32\drivers\rootmdm.sys - (running) - Legacy Non-Pnp Modem Device Driver - Microsoft Corporation - d8b0b4ade32574b2d9c5cc34dc0dbbe7
O41 - TDDI - Parallel Printer Driver - C:\WINDOWS\system32\drivers\tddi.sys - (running) - Parallel Printer Driver - Microsoft Corporation - 2239fecc1e708686d872aa2b69c443c7
O41 - ViaIde - Generic PCI IDE Bus Driver - C:\WINDOWS\system32\drivers\viaide.sys - (running) - Generic PCI IDE Bus Driver - Microsoft Corporation - 1c0cbb4e50d37059ce41cd134f6b5ab7
O41 - 61883 - 61883 Device Class - C:\WINDOWS\system32\drivers\61883.sys - (not running) - 61883 Device Class - Microsoft Corporation - 5bee618443de08bae98047d631ed3872
O41 - Avc - AVC Driver - C:\WINDOWS\system32\drivers\avc.sys - (not running) - AVC Driver - Microsoft Corporation - 991bd56aa395e53b8b81fb70036ffbdd
O41 - CCDECODE - WDM Closed Caption VBI Codec - C:\WINDOWS\system32\drivers\ccdecode.sys - (not running) - WDM Closed Caption VBI Codec - Microsoft Corporation - fdc06e2ada8c468ebb161624e03976cf
O41 - kmsinput - kmsinput - C:\WINDOWS\system32\drivers\kmsinput.sys - (not running) -  -  - f8d6ebcb50c02b42c5ffd5393229c6b6
O41 - MODEMCSA - Unimodem CSA Filter - C:\WINDOWS\system32\drivers\MODEMCSA.sys - (not running) - Unimodem CSA Filter - Microsoft Corporation - 1992e0d143b09653ab0f9c5e04b0fd65
O41 - MSDV - Microsoft DV Camera and VCR Driver - C:\WINDOWS\system32\drivers\msdv.sys - (not running) - Microsoft DV Camera and VCR Driver - Microsoft Corporation - 8575d788395c4d6378d98d1ed7cdadb9
O41 - MSTEE - WDM Tee/Communication Transform Filter  - C:\WINDOWS\system32\drivers\mstee.sys - (not running) - WDM Tee/Communication Transform Filter  - Microsoft Corporation - d5059366b361f0e1124753447af08aa2
O41 - NABTSFEC - WDM NABTS/FEC VBI Codec - C:\WINDOWS\system32\drivers\nabtsfec.sys - (not running) - WDM NABTS/FEC VBI Codec - Microsoft Corporation - ac31b352ce5e92704056d409834beb74
O41 - NdisIP - Microsoft IP Driver - C:\WINDOWS\system32\drivers\ndisip.sys - (not running) - Microsoft IP Driver - Microsoft Corporation - abd7629cf2796250f315c1dd0b6cf7a0
O41 - nm - Netmon NT Driver - C:\WINDOWS\system32\drivers\nmnt.sys - (not running) - Netmon NT Driver - Microsoft Corporation - 66516333c8fceb4096e2a28bddf44f0f
O41 - Ptserial - HSP Modem Serial Device Driver - C:\WINDOWS\system32\drivers\ptserial.sys - (not running) - HSP Modem Serial Device Driver - PCTEL, INC. - 4c8eaf587a2c729d663e77a3c1e773e4
O41 - Ser2pl - USB-to-Serial Cable Driver - C:\WINDOWS\system32\drivers\ser2pl.sys - (not running) - USB-to-Serial Cable Driver - Prolific Technology Inc. - b490ad520257dda26c1d587a71e527b5
O41 - SLIP - Microsoft Slip Deframing Filter Minidriver - C:\WINDOWS\system32\drivers\slip.sys - (not running) - Microsoft Slip Deframing Filter Minidriver - Microsoft Corporation - 1ffc44d6787ec1ea9a2b1440a90fa5c1
O41 - streamip - Microsoft IP Driver - C:\WINDOWS\system32\drivers\streamip.sys - (not running) - Microsoft IP Driver - Microsoft Corporation - a9f9fd0212e572b84edb9eb661f6bc04
O41 - TSP - spuper-ptor - C:\WINDOWS\system32\drivers\klif.sys - (not running) - spuper-ptor - Kaspersky Lab - 2985985b39e13643f941b6396fb915dd
O41 - usbser - USB Modem Driver - C:\WINDOWS\system32\drivers\usbser.sys - (not running) - USB Modem Driver - Microsoft Corporation - 569ecf031c32ae099f2dc0cc3d3eb334
O41 - Vmodem - HSP Modem Modem Device Driver - C:\WINDOWS\system32\drivers\vmodem.sys - (not running) - HSP Modem Modem Device Driver - PCTEL, INC. - 4a21e872548678c2f6a2183c72cb9434
O41 - Vpctcom - HSP Modem Virtual Control Device - C:\WINDOWS\system32\drivers\vpctcom.sys - (not running) - HSP Modem Virtual Control Device - PCtel, Inc. - bfba41e09ba6b51278a0e613f493b2c3
O41 - Vvoice - HSP Modem device driver - C:\WINDOWS\system32\drivers\vvoice.sys - (not running) - HSP Modem device driver - PCtel, Inc. - bc0d1e9c88e4d5e87b043b81055e4322
O41 - WSTCODEC - WDM WST Codec Driver - C:\WINDOWS\system32\drivers\wstcodec.sys - (not running) - WDM WST Codec Driver - Microsoft Corporation - 233cdd1c06942115802eb7ce6669e099
O41 - xyantivirus - xyantivirus - C:\bxy_vrv\filemon.sys - (not running) -  -  -

希望哪个高手看到后，能给我个解决办法。

[CODE]

2007-01-28,16:27:02

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional  (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <PCTVOICE><pctspk.exe>  []
    <kav><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe">  [Kaspersky Lab]
    <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe>  [奇虎网]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [(Verified)RealNetworks, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\System32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <CDBurn><>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[卡巴斯基反病毒6.0 / AVP][Running/Auto Start]
  <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe -r><Kaspersky Lab>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[PMJ151 AutoLaunch Service / PMJ151LA][Running/Auto Start]
  <C:\WINDOWS\PMJ151LA.BIN><N/A>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Disabled]
  <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\System32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\System32\drivers\klif.sys><Kaspersky Lab>
[kmsinput / kmsinput][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\drivers\kmsinput.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Panasonic DVC Web Camera / PMJ151NM][Running/Auto Start]
  <System32\DRIVERS\PMJ151NM.sys><Matsushita Electric Industrial Co. ,Ltd,>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[W2K Pctel Serial Device Driver / Ptserial][Stopped/Manual Start]
  <System32\DRIVERS\ptserial.sys><PCTEL, INC.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[Prolific Serial port driver / Ser2pl][Stopped/Manual Start]
  <System32\DRIVERS\ser2pl.sys><Prolific Technology Inc.>
[TDDI / TDDI][Running/Auto Start]
  <\??\C:\WINDOWS\System32\drivers\tddi.sys><Microsoft Corporation>
[TSP / TSP][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[W2K Vmodem / Vmodem][Stopped/Manual Start]
  <System32\DRIVERS\vmodem.sys><PCTEL, INC.>
[W2K Vpctcom / Vpctcom][Stopped/Manual Start]
  <System32\DRIVERS\vpctcom.sys><PCtel, Inc.>
[W2K Vvoice / Vvoice][Stopped/Manual Start]
  <System32\DRIVERS\vvoice.sys><PCtel, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[xyfilemon / xyantivirus][Stopped/Auto Start]
  <\??\C:\bxy_vrv\filemon.sys><N/A>

浏览器加载项
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, >
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll, 金山软件股份有限公司>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[GUpdate Class]
  {3C38DEE8-BE1A-4DEC-B232-2C78706CC7EA} <C:\WINDOWS\Downloaded Program Files\gupdate.dll, N/A>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\WINDOWS\DOWNLO~1\POWERP~1.DLL, PPStream Inc.>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Java Plug-in 1.5.0_09]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll, N/A>
[LiveMediaOcx Control]
  {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} <C:\PROGRA~1\Tencent\qqlive\qqlive.ocx, Tencent>
[Qzone Media Tools]
  {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} <C:\PROGRA~1\Tencent\QQ\VQQPLA~1.OCX, Tencent Technology (Shenzhen) Company Limited>
[KSHScan Control]
  {ACFE8232-03C5-4AEC-AF5E-42B806724096} <C:\WINDOWS\System32\Kingsoft\ONLINE~1\KSHScan.OCX, kingsoft>
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
[Tencent Safety Online Base Module]
  {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\DOWNLO~1\TSOBase.ocx, Tencent Corporation>
[WebActivater Control]
  {C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\System32\3DShowVM.ocx, QQ>
[Java Plug-in 1.5.0_09]
  {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll, N/A>
[Java Plug-in 1.5.0_09]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\System32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[MSN Chat Control 4.5]
  {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} <C:\WINDOWS\Downloaded Program Files\MSNChat45.ocx, Microsoft Corporation>
[&V使用Vagaa哇嘎下载]
  <C:\Program Files\Vagaa\Vagaa\Data\vg.htm, N/A>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 560][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 636][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 668][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 712][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 724][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 888][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 936][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1064][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1128][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1256][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  [Windows (R) 2000 DDK provider, 5.00.2195.1620]
[PID: 1588][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 1, 0, 0, 1002]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
[PID: 1772][C:\WINDOWS\System32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.5216]
    [C:\WINDOWS\PMJ151LA.BIN]  [Matsushita Electric Industrial Co. ,Ltd,, 1, 0, 0, 0]
[PID: 1816][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.02]
[PID: 1884][C:\WINDOWS\System32\snmp.exe]  [Microsoft Corporation, 5.1.2600.28 (xpclnt_qfe.010827-1803)]
[PID: 1920][C:\Program Files\360safe\safemon\360tray.exe]  [奇虎网, 1, 0, 1, 1002]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 1, 0, 0, 1002]
    [C:\Program Files\360safe\safemon\SafeKrnl.dll]  [奇虎网, 1, 0, 0, 1001]
    [C:\Program Files\360safe\AntiAdwa.dll]  [360Safe.com, 2, 2, 2, 1000]
[PID: 1928][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1952][C:\WINDOWS\System32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 1960][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 1, 0, 0, 1002]
[PID: 1760][C:\Program Files\Tencent\TT\TTraveler.exe]  [腾讯公司, 3.1.0.261]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 1, 0, 0, 1002]
    [C:\Program Files\Tencent\TT\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 4]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.304]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 404][C:\WINDOWS\System32\wuauclt.exe]  [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[PID: 1548][E:\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 1, 0, 0, 1002]
[PID: 1032][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [, 1, 0, 0, 1002]
    [C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll]  [Xiang Feng Technology, 2, 2, 0, 1612]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
API HOOK
警告！System Repair Engineer 提醒
你下面的函数内容与预期值不符，他
们可能被一些恶意的软件所修改：
RVA  错误： LoadLibraryA
RVA  错误： LoadLibraryExA
RVA  错误： LoadLibraryExW
RVA  错误： LoadLibraryW
入口点错误：CreateProcessA
入口点错误：CreateProcessW

自己顶！！！ 高手乱入啊！！！帮我搞定它啊！！！

关闭所有浏览窗口以及一些不必要的程序
运行SREng2,使用：系统修复－－浏览器加载项－－选中以下的项删除
C:\WINDOWS\Downloaded Program Files\gupdate.dll


删除
C:\WINDOWS\Downloaded Program Files\gupdate.dll

修改主页看一下