回复:修改IE主页。
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><DB00DAB7.dll,HBASKTAO.dll,HBLYFX.dll> [N/A]
和映像劫持
[Apaidi / Apaidi][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\Apaidi.sys><N/A>
[dvhk / dvhk][Stopped/Boot Start]
<\SystemRoot\system32\drivers\qgwsyza.sys><N/A>
[msiffei / msiffei][Stopped/Manual Start]
<System32\Drivers\msiffei.sys><N/A>
隐藏进程
[3672] C:\WINDOWS\ycizvjzg.exe