这是报告..各位高手帮小弟看看 十万火急.谢谢
Logfile of HijackThis v1.99.1
Scan saved at 11:02:48, on 2009-7-29
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v4.31 SP2 (4.31.0000.0001)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\应用软件\Kingsoft Internet Security\webshield\KSWebShield.exe
E:\应用软件\Kingsoft Internet Security\KPfwSvc.EXE
C:\WINDOWS\Explorer.EXE
E:\应用软件\Kingsoft Internet Security\KWatch.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Rundll32.exe
E:\应用软件\Kingsoft Internet Security\KAVStart.exe
C:\WINDOWS\System32\WScript.exe
D:\Program Files\QQ2009\Bin\QQ.exe
C:\WINDOWS\system32\ctfmon.exe
E:\应用软件\Kingsoft Internet Security\KPFW32.EXE
C:\WINDOWS\system32\conime.exe
D:\Program Files\QQ2009\Bin\TXPlatform.exe
E:\应用软件\Kingsoft Internet Security\KISSvc.EXE
E:\应用软件\Kingsoft Internet Security\KMailMon.EXE
E:\应用软件\bin\TTraveler.exe
C:\Program Files\Kingsoft\KAC\Service\kaccore.exe
C:\Program Files\Tencent\QQDownload\QQDownload.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.923\HijackThis.exe
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\SSPlus\SAddr1.dll
O2 - BHO: QQCycloneHelper Class - {0C7C23EE-A848-485B-873C-0ED954731014} - C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\SSPlus\SAddr1.dll
O2 - BHO: QQToolbar - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - C:\Program Files\Tencent\QQToolbar\IEBar.dll
O2 - BHO: (no name) - {70DF1AE4-AF9E-4457-8A6A-D2D49691FF4B} - (no file)
O2 - BHO: kingsoft browser shield - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} - E:\应用软件\Kingsoft Internet Security\KASBrowserShield.DLL
O3 - Toolbar: QQToolbar - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - C:\Program Files\Tencent\QQToolbar\IEBar.dll
O4 - HKLM\..\Run: [switch] c:\windows\system32\壁纸自动换.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [stup.exe] Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll,Rundll32 R
O4 - HKLM\..\Run: [qqlive] "E:\应用软件\QQLiveOneClick.exe" -system_startup
O4 - HKLM\..\Run: [KavStart] "E:\应用软件\Kingsoft Internet Security\KAVStart.exe" -startup
O4 - HKCU\..\Run: [QQ2009] "D:\Program Files\QQ2009\Bin\QQ.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KavPFW] "E:\应用软件\Kingsoft Internet Security\KPFW32.EXE" -startup
O4 - Startup: QQ游戏启动加速程序.lnk = ?
O8 - Extra context menu item: &使用超级旋风下载 - C:\Program Files\Tencent\QQDownload\geturl.htm
O8 - Extra context menu item: &使用超级旋风下载全部链接 - C:\Program Files\Tencent\QQDownload\getAllurl.htm
O8 - Extra context menu item: &使用超级旋风下载本页视频 - C:\Program Files\Tencent\QQDownload\geturlflv.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\QQ2009\Bin\AddEmotion.htm
O8 - Extra context menu item: 百度一下所选文字 (&S) - C:\Program Files\Common Files\baidu\Baidu.html
O11 - Options group: [TBH] 中文搜搜
O16 - DPF: {32D72994-45B9-42B5-8980-FB561D1BE2D0} (nEdit Control) - https://ekey.163.com/nEdit.cab
O16 - DPF: {5AB1EF72-6CC6-4090-9030-8E0ACF7E6D3E} (XPPIECtrl Class) - http://nba.tom.com/video/xppie.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (PasswordEditCtrl Class) - https://www.tenpay.com/download/qqcert.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E03FB9B-C5A8-4BFD-9D8E-06387D5F141A}: NameServer = 202.99.160.68 202.99.166.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E03FB9B-C5A8-4BFD-9D8E-06387D5F141A}: NameServer = 202.99.160.68 202.99.166.4
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Kingsoft Basic Service (kaccore) - Kingsoft Corporation - C:\Program Files\Kingsoft\KAC\Service\kaccore.exe
O23 - Service: Kingsoft Antivirus WebShield Service - Kingsoft Corporation - E:\应用软件\Kingsoft Internet Security\webshield\KSWebShield.exe
O23 - Service: Kingsoft Internet Security Common Service (KISSvc) - Kingsoft Corporation - E:\应用软件\Kingsoft Internet Security\KISSvc.EXE
O23 - Service: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - E:\应用软件\Kingsoft Internet Security\KPfwSvc.EXE
O23 - Service: Kingsoft Antivirus KWatch Service (KWatchSvc) - Kingsoft Corporation - E:\应用软件\Kingsoft Internet Security\KWatch.EXE

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; QQDownload 1.7; TencentTraveler 4.0)

下载文件批量提取工具提取下面文件
http://bbs.ikaka.com/attachment.aspx?attachmentid=486266
system32\drivers\dbu.sys

上传病毒样本到可疑文件交流区，地址为：http://bbs.ikaka.com/showforum-20002.aspx
或者直接发送给瑞星的邮件服务中心【病毒样本】地址为：http://mailcenter.rising.com.cn/uploadnew.aspx

大家说的简单详细些...小弟还是菜鸟 懂不不多= =.

这个带乱码的驱动程序很可疑，建议把它删除：c:\windows\system32\drivers\dbu.sys??桠
但是不确定，楼主自己知道是什么吗？

找正常系统里的这两个同名文件替换一下
C:\WINDOWS\System32\cmd.exe
C:\WINDOWS\system32\reg.exe

用SReng 修复：
启动项目 －－ 服务－－ 驱动程序之如下项禁用：
[db / lxunv]    <\SystemRoot\system32\drivers\dbu.sys??桠>

照 2 楼的做吧，他是让你把c:\windows\system32\drivers\dbu.sys上报进行分析，因为不确定它是什么

把c:\windows\system32\drivers\dbu.sys上传扫描下，http://www.virustotal.com/zh-cn/
是病毒的话，用sreng删除    启动项目 －－ 服务－－ 驱动程序

你现在的主页是什么？？