我的计算机不时的自动跳出网页http://www.ad-w-a-r-e.com/cgi-bin/PopupV3?ID={49E0305C-676D-0E2C-7F8D-F91975A5C89C}&type=normal&mSkip=1&rnd=31678,我把他放在IE的受限制的网站的名单中,还是不行,我把他放在弹出的网页里拦截无效,请高师指教,我用瑞星软件查杀无毒,我在线等结果!!!!!!!!!!!!!!!!!
2006-10-23,15:50:50
System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<MSPY2002><; C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC> [(Verified)N/A]
<SKYNET Personal FireWall><C:\Program Files\SkyNet\FireWall\pfw.exe> [广州众达天网技术有限公司]
<ats><; > [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Media Center]
<WinlogonNotify: Media Center><C:\WINDOWS\system32\jt0s07d7e.dll> [N/A]
==================================
启动文件夹
N/A
==================================
服务
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT]
<"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[internetServer / internetServer]
<><N/A>
[KVWSC / KVWSC]
<"C:\Program Files\KV2006\KVWsc.exe"><Jiangmin Co.Ltd>
[Network IPSEC Connections / lDOMANE]
<C:\WINDOWS\SYSTEM32\RUNDLL.EXE C:\WINDOWS\SYSTEM32\WBEM\SSDJMM86.DLL,Export 1087><N/A>
[Messenger / Messenger]
<-->%SystemRoot%\System32\msgsvc.dll><Microsoft Corporation>
[Microsoft Corporation / Microsoft Corporation]
<C:\WINDOWS\system\SVCHOST.EXE><N/A>
[PnpWMmng / PnpWMmng]
<><N/A>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Servicel / Servicel]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\jetspeed.dll><>
[Volume Optimization / SmallCenter]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\dxslue65.dll><Microsoft Corporation>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[Standard Update Net Service / stdupnet]
<C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\stdupnet.dll,Service -s><Microsoft Corporation>
[User Profile Hive Cleanup / UPHClean]
<C:\Program Files\UPHClean\uphclean.exe><Microsoft Corporation>
[weburl / weburl]
<><N/A>
[Msupdate / Windows update更新服务]
<><N/A>
==================================
驱动程序
[aeaudio / aeaudio]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Albus / Albus]
<\SystemRoot\system32\drivers\Albus.SYS><N/A>
[Service for WDM 3D Audio Driver / ALCXSENS]
<system32\drivers\ALCXSENS.SYS><Sensaura>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[BaseTDI / BaseTDI]
<\??\C:\WINDOWS\system32\drivers\basetdi.sys><Beijing Rising Technology Co., Ltd.>
[ExpScaner / ExpScaner]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[gyedxt5 / gyedxt54]
<\SystemRoot\System32\DRIVERS\gyedxt54.sys><N/A>
[hidport / hidport]
<\SystemRoot\system32\drivers\hidport.sys><Microsoft Corporation>
[HookCont / HookCont]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[KSysCall Service / KSysCall]
<\??\C:\PROGRA~1\KV2006\KSysCall.sys><Jiangmin Co. Ltd.>
[KVDP_1 / KVDP_1]
<\??\C:\PROGRA~1\KV2006\KVDP_1.sys><Jiangmin Co., Ltd.>
[MEMSCAN / MEMSCAN]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[ngyncw8 / ngyncw89]
<\SystemRoot\System32\DRIVERS\ngyncw89.sys><Microsoft Corporation>
[npkcrypt / npkcrypt]
<\??\D:\Program Files\qq\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PNP08497 / PNP08497]
<\SystemRoot\system32\Drivers\pnp08497.sys><Anti Driver>
[PnpWmkDrv / PnpWmkDrv]
<\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys><N/A>
[PProtect / PProtect]
<\??\C:\PROGRA~1\KV2006\PProtect.sys><Jiangmin Co. Ltd.>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[SKNFW / SKNFW]
<\??\C:\WINDOWS\system32\Drivers\SKNFW.sys><N/A>
[SkyProcs / SkyProcs]
<\??\C:\Program Files\SkyNet\FireWall\SkyProcs.sys><N/A>
[smwdm / smwdm]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
<system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
==================================
浏览器加载项
[江民杀毒工具栏]
{B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\KV2006\KvShell.dll, Jiangmin Co.Ltd>
[FiltrateWebObj Class]
{42AFACEE-2A77-41EB-9EE2-D9F8AF827F90} <C:\Program Files\KV2006\KVBHO.dll, Jiangmin Co.Ltd>
[BrowseHelper Class]
{80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\KV2006\KvShell.dll, Jiangmin Co.Ltd>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Schedule Class]
{8B316DA1-9950-4926-B9EA-1AEC124AFA45} <c:\windows\system32\sscli.dll, >
[使用网际快车下载]
<C:\PROGRA~1\FLASHGET\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<C:\PROGRA~1\FLASHGET\jc_all.htm, N/A>
[使用迅雷下载]
<C:\Program Files\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
<C:\Program Files\Thunder\Program\GetAllUrl.htm, N/A>
==================================
正在运行的进程
[PID: 1232][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.2]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 1416][C:\Program Files\KV2006\UIHost.exe] [Jiangmin Co. Ltd, 9.2.0.50822]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\Program Files\KV2006\UpdateX.dll] [JiangMin Co.Ltd., 9, 0, 5, 831]
[C:\Program Files\KV2006\ComUI.dll] [Jiangmin Ltd., 9. 0. 0.509]
[PID: 2256][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.2]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[PID: 4328][C:\WINDOWS\explorer.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.2]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\WINDOWS\system32\oabcconf.dll] [N/A, N/A]
[c:\windows\system32\sscli.dll] [, 5, 0, 2195, 6696]
[C:\Program Files\Super Rabbit\HappyPlayer\Codecs\mmfinfo.dll] [N/A, N/A]
[C:\Program Files\Super Rabbit\HappyPlayer\Codecs\mkunicode.dll] [N/A, N/A]
[C:\Program Files\KV2006\KvShell.dll] [Jiangmin Co.Ltd, 9, 0, 5, 830]
[C:\Program Files\KV2006\UpdateX.dll] [JiangMin Co.Ltd., 9, 0, 5, 831]
[C:\Program Files\KV2006\lang\Kvxp0804.lng] [N/A, N/A]
[C:\Program Files\KV2006\APIImpl.dll] [JiangMin Ltd., 9.0.0.500]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[c:\windows\system32\WmShell.dll] [KillSoft, 1.0.0.1]
[C:\WINDOWS\system32\WINABCX.IME] [PKUETI, 5.22.216]
[PID: 4644][D:\下栽文件盒\sreng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\WINDOWS\system32\stdstub.dll] [MS Stdup, 1, 0, 0, 4]
[C:\WINDOWS\system32\stdplay.dll] [ , 1, 0, 0, 5]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.2]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 www.ccnnic.com
127.0.0.1 www.ccnnlc.com
127.0.0.1 www.bodoto.com
127.0.0.1 bj.bodoto.com
127.0.0.1 nb.bodoto.com
127.0.0.1 hangzhou.bodoto.com
127.0.0.1 jh.bodoto.com
127.0.0.1 shangh.bodoto.com
127.0.0.1 my.bodoto.com
127.0.0.1 mail.bodoto.com
127.0.0.1 www.bodoto.net
127.0.0.1 www.bodoto.cn
127.0.0.1 www.bodoto.com.cn
127.0.0.1 www.bodoto.net.cn
127.0.0.1 www.bodoto.org
127.0.0.1 www.edmchina.com
127.0.0.1 www.edmchina.net
127.0.0.1 www.edmchina.cn
127.0.0.1 www.edmchina.com.cn
127.0.0.1 ad.edmchina.com
127.0.0.1 agent.edmchina.com
127.0.0.1 sales.edmchina.com
127.0.0.1 mail.edmchina.com
127.0.0.1 edmchina.com
127.0.0.1 edmchina.net
127.0.0.1 edmchina.cn
127.0.0.1 edmchina.com.cn
127.0.0.1 www.pk265.com
127.0.0.1 pk265.com
127.0.0.1 www.qqbao.com
127.0.0.1 www.qqbao.net
127.0.0.1 www.qqbao.cn
127.0.0.1 www.qqbao.com.cn
127.0.0.1 qqbao.com
127.0.0.1 qqbao.cn
127.0.0.1 qqbao.com.cn
127.0.0.1 ad.pvka.com
127.0.0.1 da.pvka.com
127.0.0.1 www.20060106.com
127.0.0.1 20060106.com
127.0.0.1 www.huajundown.com
127.0.0.1 www.huajundown.net
127.0.0.1 huajundown.net
==================================
