我还原了系统还在.重装了系统还装....杀了每次运行.exe文件又回来了...救命啊...
日志如下
[CODE]

2007-04-28,20:52:35

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <wrlkv374><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iexpl0re.exe>  []
    <e6><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\crasos.exe>  []
    <3h><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Servera.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <fy><C:\WINDOWS\Sysfy3\svchost.exe>  []
    <JT><C:\WINDOWS\SysJT3\svchost.exe>  []
    <J2><C:\WINDOWS\system32\SysJ2\svchost.exe>  []
    <sun><C:\WINDOWS\SysSun2\svchost.exe>  []
    <sj><C:\WINDOWS\Syssj5\svchost.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [(Verified)Microsoft Windows Publisher]
    <MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)Microsoft Windows Publisher]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Publisher]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <Exprer><C:\WINDOWS\Exprer.exe>  []
    <nwiztlbb><C:\WINDOWS\system32\nwiztlbb.exe>  []
    <nwizAskTao><C:\WINDOWS\system32\nwizAskTao.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <360Safe><Rundll32.exe F:\360safe\360safe\AntiAdwa.dll,KillAdware>  [360Safe.com]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\KAV6\KaScrScn.scr>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Disk Driver Service / Disk Service][Stopped/Auto Start]
  <C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.EXE><N/A>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Yamaha DS1 Audio Driver (WDM) / ds1][Stopped/Manual Start]
  <system32\drivers\ds1wdm.sys><Yamaha Corp.>
[Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start]
  <system32\drivers\es1371mp.sys><Creative Technology Ltd.>
[KWatch2 / KWatch2][Running/]
  <2 - 系统找不到指定的文件。
><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start]
  <system32\DRIVERS\pcntpci5.sys><AMD Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[vmx_svga / vmx_svga][Stopped/Manual Start]
  <system32\DRIVERS\vmx_svga.sys><VMware, Inc.>
[131218 / 131218][Running/Manual Start]
  <2 - 系统找不到指定的文件。
><N/A>

=================================
浏览器加载项
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\Program Files\flashget\jccatch.dll, Amaze Soft>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\HFGameOPT\GameClient.exe, 上海浩方在线信息技术有限公司>
[联想]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.lenovo.com, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\Program Files\flashget\flashget.exe, Amaze Soft>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\Program Files\flashget\jccatch.dll, Amaze Soft>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\flash.ocx, Macromedia, Inc.>
[上传到QQ网络硬盘]
  <E:\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\flashget\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\flashget\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <E:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\QQ\SendMMS.htm, N/A>

==================================

正在运行的进程
[PID: 444][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 500][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 524][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 568][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 580][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 728][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 788][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 824][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\5.8.0.2469\wups.dll]  [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[PID: 1260][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.6693]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.6693]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\nvshell.dll]  [NVIDIA Corporation, 6.14.10.6693]
    [C:\Program Files\flashget\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\WINDOWS\system32\Exprer.dll]  [N/A, ]
    [C:\WINDOWS\Sysfy3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysJT3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\SysJ2\Ghook.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\WINDOWS\SysSun2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswl3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswm7\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syssj5\Ghook.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Kavs0.dll]  [N/A, ]
    [C:\WINDOWS\system32\nwizAskTao.dll]  [N/A, ]
    [C:\WINDOWS\system32\nwiztlbb.dll]  [N/A, ]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
[PID: 148][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\Sysfy3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysJT3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\SysJ2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysSun2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswl3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswm7\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syssj5\Ghook.dll]  [N/A, ]
[PID: 176][C:\KAV6\KPopMon.EXE]  [, 2004, 2, 2, 31]
    [C:\KAV6\KAVMLM.DLL]  [Kingsoft Corporation, 2003.11.12.10]
    [C:\WINDOWS\Syswl3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswm7\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syssj5\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysSun2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Sysfy3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysJT3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\SysJ2\Ghook.dll]  [N/A, ]
[PID: 1132][E:\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [E:\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [E:\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [E:\QQ\BasicCtrlDll.dll]  [Tencent, 7, 0, 101, 80]
    [E:\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [E:\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [E:\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [E:\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [E:\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [E:\QQ\LoginCtrl.dll]  [N/A, ]
    [E:\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [E:\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [E:\QQ\LoginCtrlRes.dll]  [, 1, 0, 0, 1]
    [E:\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [E:\QQ\QQMainFrame.dll]  [N/A, ]
    [E:\QQ\CQQApplication.dll]  [N/A, ]
    [E:\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [E:\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [E:\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [E:\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [E:\QQ\QQKnowledgeSearch.dll]  [, 1, 0, 0, 1]
    [E:\QQ\QQAllInOne.dll]  [N/A, ]
    [E:\QQ\GroupLive.dll]  [N/A, ]
    [E:\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [E:\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [E:\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [E:\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [E:\QQ\QQSysMsgMng.dll]  [N/A, ]
    [E:\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [E:\QQ\QQPlugin.dll]  [N/A, ]
    [E:\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [E:\QQ\QRingMng.dll]  [N/A, ]
    [E:\QQ\QQCustomFace.dll]  [N/A, ]
    [E:\QQ\QQAvatar.dll]  [N/A, ]
    [E:\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [E:\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [E:\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [E:\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [E:\QQ\BQQApplication.dll]  [N/A, ]
    [E:\QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [E:\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [E:\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [E:\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 280]
    [E:\QQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [E:\QQ\QQSceneMng.dll]  [N/A, ]
    [E:\QQ\QQZip.dll]  [tencent, 0, 3, 2, 4]
    [E:\QQ\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 1, 8, 81]
    [C:\WINDOWS\SysJT3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\SysJ2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Sysfy3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysSun2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syssj5\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswl3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswm7\Ghook.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Kavs0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\WINDOWS\system32\Exprer.dll]  [N/A, ]
[PID: 1052][E:\QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [E:\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 2980][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\flashget\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\WINDOWS\Syswl3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswm7\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syssj5\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysSun2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Sysfy3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysJT3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\SysJ2\Ghook.dll]  [N/A, ]
[PID: 3388][C:\program files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\flashget\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\WINDOWS\system32\SysJ2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Sysfy3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysJT3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysSun2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswm7\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syssj5\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswl3\Ghook.dll]  [N/A, ]
[PID: 3916][C:\WINDOWS\system32\SysJ2\svchost.exe]  [N/A, ]
    [C:\WINDOWS\system32\SysJ2\Ghook.dll]  [N/A, ]
[PID: 1152][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\Syswl3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswm7\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syssj5\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysSun2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Sysfy3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysJT3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\SysJ2\Ghook.dll]  [N/A, ]
[PID: 3728][C:\WINDOWS\SysJT3\svchost.exe]  [N/A, ]
    [C:\WINDOWS\SysJT3\Ghook.dll]  [N/A, ]
[PID: 3744][C:\WINDOWS\Sysfy3\svchost.exe]  [N/A, ]
    [C:\WINDOWS\Sysfy3\Ghook.dll]  [N/A, ]
[PID: 1388][C:\WINDOWS\SysSun2\svchost.exe]  [N/A, ]
    [C:\WINDOWS\SysSun2\Ghook.dll]  [N/A, ]
[PID: 1828][C:\WINDOWS\Syswl3\svchost.exe]  [N/A, ]
    [C:\WINDOWS\Syswl3\Ghook.dll]  [N/A, ]
[PID: 1340][C:\WINDOWS\Syswm7\svchost.exe]  [N/A, ]
    [C:\WINDOWS\Syswm7\Ghook.dll]  [N/A, ]
[PID: 1824][C:\WINDOWS\Syssj5\svchost.exe]  [N/A, ]
    [C:\WINDOWS\Syssj5\Ghook.dll]  [N/A, ]
[PID: 3724][C:\WINDOWS\system32\wscntfy.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\Syswl3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswm7\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syssj5\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysSun2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Sysfy3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysJT3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\SysJ2\Ghook.dll]  [N/A, ]
[PID: 2552][C:\WINDOWS\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\Syswl3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswm7\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syssj5\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysSun2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Sysfy3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysJT3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\SysJ2\Ghook.dll]  [N/A, ]
[PID: 268][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\system32\audiodev.dll]  [Microsoft Corporation, 5.2.3790.3646 (private/xpsp_mce.040810-0205)]
    [C:\WINDOWS\Syswl3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswm7\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syssj5\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysSun2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Sysfy3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysJT3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\SysJ2\Ghook.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Kavs0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\WINDOWS\system32\Exprer.dll]  [N/A, ]
[PID: 2484][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.372\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\WINDOWS\Syswl3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syswm7\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Syssj5\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysSun2\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\Sysfy3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\SysJT3\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\SysJ2\Ghook.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Kavs0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\WINDOWS\system32\Exprer.dll]  [N/A, ]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1      mmm.caifu18.net
127.0.0.1      www.18dmm.com
127.0.0.1      d.qbbd.com
127.0.0.1      www.5117music.com
127.0.0.1      www.union123.com
127.0.0.1      www.wu7x.cn
127.0.0.1      www.54699.com
127.0.0.1      www1.6tan.com
127.0.0.1      www2.6tan.com
127.0.0.1      www.97725.com
127.0.0.1      down.97725.com
127.0.0.1      ip.315hack.com
127.0.0.1      ip.54liumang.com
127.0.0.1      www.41ip.com
127.0.0.1      xulao.com
127.0.0.1      www.heixiou.com
127.0.0.1      www.9cyy.com
127.0.0.1      www.hunll.com
127.0.0.1      www.down.hunll.com
127.0.0.1      do.77276.com
127.0.0.1      www.baidulink.com
127.0.0.1      adnx.yygou.cn
127.0.0.1      222.73.220.45
127.0.0.1      www.f5game.com
127.0.0.1      www.guazhan.cn
127.0.0.1      wm,103715.com
127.0.0.1      www.my6688.cn
127.0.0.1      i.96981.com
127.0.0.1      d.77276.com
127.0.0.1      www1.cw988.cn
127.0.0.1      cool.47555.com
127.0.0.1      www.asdwc.com
127.0.0.1      55880.cn
127.0.0.1      61.152.169.234
127.0.0.1      cc.wzxqy.com
127.0.0.1      www.54699.com
127.0.0.1      t.gcuj.com
127.0.0.1      www.puma163.com
127.0.0.1      ceoww.com
127.0.0.1      boolom.com
127.0.0.1      adult-novel.cn
127.0.0.1      ll.chinasese.net
127.0.0.1      www.tellumore.com
127.0.0.1      www.o1wg.com
127.0.0.1      www.qq756.com
127.0.0.1      ll.chinasese.net

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

没人可以帮到我吗?

谁可以救我啊.我快烦死了.

真的没人可以帮我吗??

谁可以帮帮我啊.

我不大懂只能祈祷你的机子赶快恢复正常了