每次开机就跳出www.daqimm.com这个网页,而且自动加收藏夹,添加桌面图标...........

2006-10-08,00:00:15

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <KAVPersonal50><"c:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize>  [Kaspersky Lab]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <MSConfig><C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{08315C1A-9BA9-4B7C-A432-26885F78DF28}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Cmaudio><; RunDll32 cmicnfg.cpl,CMICtrlWnd>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <DigiCarrier><; e:\Program Files\DigiBook\DigiCarrier.exe>  [N/A]
    <DigiTray><; e:\Program Files\DigiBook\DigiTray.exe>  [N/A]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  [N/A]
    <NMGameX_AutoRun><; C:\WINDOWS\system32\Rundll32.exe NMGameX.dll,LiveProcess /aa>  [N/A]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <ScanRegistry><; scanregw.exe>  [Microsoft Corporation]
    <StormCodec_Helper><; "e:\Program Files\Storm Codec\StormSet.exe" /S /opti>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Super Rabbit IEPro><; C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD>  [Super Rabbit Soft]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]

==================================
启动文件夹
N/A

==================================
服务
[Apache2 / Apache2]
  <"C:\wt2ksrv\bin\Apache.exe" -k runservice><Apache Software Foundation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kaspersky Anti-Virus Service / kavsvc]
  <"c:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"><Kaspersky Lab>
[Windows Inisaller Connecions / Miconniecions]
  <C:\WINDOWS\System32\System.exe><N/A>
[MySql / MySql]
  <C:\wt2ksrv\bin\mysqld-opt><N/A>
[PopWinIe / PopWinIe]
  <C:\WINDOWS\system32\PopWin.exe -service><Microsoft Corporation>
[System Event Notification / SENS]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dbkdpfxu.dll><N/A>
[Windows System Report Service / winsrs]
  <C:\WINDOWS\system32\winsrs.exe><N/A>

==================================

接上

驱动程序
[C-Media WDM Audio Interface / cmuda]
  <system32\drivers\cmuda.sys><C-Media Inc>
[d347bus / d347bus]
  <\SystemRoot\system32\DRIVERS\d347bus.sys><>
[d347prt / d347prt]
  <\SystemRoot\System32\Drivers\d347prt.sys><>
[dbkdpfxu / dbkdpfxu]
  <\??\C:\WINDOWS\system32\drivers\dbkdpfxu.sys><N/A>
[Kl1 / Kl1]
  <\SystemRoot\System32\drivers\kl1.sys><Kaspersky Lab>
[Klif / Klif]
  <System32\drivers\klif.sys><Kaspersky Labs>
[Klmc / Klmc]
  <System32\drivers\klmc.sys><Kaspersky Lab>
[kmsinput / kmsinput]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp]
  <\??\C:\Program Files\Tencent\QQ\npkycryp.sys><N/A>
[OMCI / OMCI]
  <\SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS><N/A>
[PNP07224 / PNP07224]
  <\SystemRoot\system32\Drivers\pnp07224.sys><Anti Driver>
[StarForce Protection Environment Driver v6 / prodrv06]
  <\SystemRoot\System32\drivers\prodrv06.sys><Protection Technology>
[StarForce Protection Helper Driver v2 / prohlp02]
  <\SystemRoot\System32\drivers\prohlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver v1 / prosync1]
  <\SystemRoot\System32\drivers\prosync1.sys><Protection Technology>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[StarForce Protection Helper Driver / sfhlp01]
  <\SystemRoot\System32\drivers\sfhlp01.sys><Protection Technology>
[SiS315 / SiS315]
  <system32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
[SIS AGP Bus Filter / sisagp]
  <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>

==================================
浏览器加载项
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[WebActivater Control]
  {C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================

接上

正在运行的进程
[PID: 560][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 584][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 628][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 640][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 800][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 848][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 928][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\dbkdpfxu.dll]  [N/A, N/A]
[PID: 1012][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1116][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1556][C:\wt2ksrv\bin\Apache.exe]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\bin\libapr.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\wt2ksrv\bin\libaprutil.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\wt2ksrv\bin\libapriconv.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\wt2ksrv\bin\libhttpd.dll]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_access.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_actions.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_alias.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_asis.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_auth.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_autoindex.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_cern_meta.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_cgi.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_dir.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_env.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_expires.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_file_cache.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_headers.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_imap.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_include.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_isapi.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_log_config.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_mime.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_negotiation.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_rewrite.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_setenvif.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_userdir.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\bin\php4apache2.dll]  [N/A, N/A]
    [C:\wt2ksrv\bin\php4ts.dll]  [The PHP Group, 4.3.4.4]
    [C:\wt2ksrv\bin\ZendExtensionManager.dll]  [N/A, N/A]
    [c:\wt2ksrv\bin\php-4.3.x\ZendOptimizer.dll]  [N/A, N/A]
[PID: 1688][C:\wt2ksrv\bin\Apache.exe]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\bin\libapr.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\wt2ksrv\bin\libaprutil.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\wt2ksrv\bin\libapriconv.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\wt2ksrv\bin\libhttpd.dll]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_access.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_actions.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_alias.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_asis.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_auth.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_autoindex.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_cern_meta.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_cgi.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_dir.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_env.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_expires.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_file_cache.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_headers.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_imap.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_include.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_isapi.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_log_config.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_mime.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_negotiation.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_rewrite.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_setenvif.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\modules\mod_userdir.so]  [Apache Software Foundation, 2.0.48]
    [C:\wt2ksrv\bin\php4apache2.dll]  [N/A, N/A]
    [C:\wt2ksrv\bin\php4ts.dll]  [The PHP Group, 4.3.4.4]
    [C:\wt2ksrv\bin\ZendExtensionManager.dll]  [N/A, N/A]
    [c:\wt2ksrv\bin\php-4.3.x\ZendOptimizer.dll]  [N/A, N/A]
[PID: 1580][C:\wt2ksrv\bin\mysqld-opt.exe]  [N/A, N/A]
[PID: 2568][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\RRLTFT.DAT]  [N/A, N/A]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
[PID: 2416][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2860][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\HPBMMON.DLL]  [Hewlett-Packard, 10.00.16]
    [C:\WINDOWS\system32\hpdomon.dll]  [Hewlett-Packard, 03.42.00]
    [C:\WINDOWS\system32\HPBHealr.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\IMFPrint.DLL]  [Zenographics, Inc., 5, 54, 330, 0]
    [C:\WINDOWS\system32\Imf32.dll]  [Zenographics, Inc., 5, 60, 1204, 0]
    [C:\WINDOWS\system32\ZTAG32.dll]  [Zenographics, Inc., 5, 60, 1210, 0]
    [C:\WINDOWS\system32\ZSPOOL.dll]  [Zenographics, Inc., 5, 51, 709, 0]
[PID: 2388][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\RRLTFT.DAT]  [N/A, N/A]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [c:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll]  [Kaspersky Lab, 5.0.527.1]
    [C:\Program Files\Tencent\QQ\qdshm.dll]  [, 1, 0, 101, 20]
    [C:\Program Files\ewido anti-spyware 4.0\context.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
[PID: 3064][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [C:\WINDOWS\System32\RRLTFT.DAT]  [N/A, N/A]
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
[PID: 3936][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [C:\WINDOWS\System32\RRLTFT.DAT]  [N/A, N/A]
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
[PID: 3180][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [C:\WINDOWS\System32\RRLTFT.DAT]  [N/A, N/A]
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
[PID: 3244][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [C:\WINDOWS\System32\RRLTFT.DAT]  [N/A, N/A]
[PID: 3564][C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.781\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp]  [N/A, N/A]
    [C:\WINDOWS\System32\RRLTFT.DAT]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================

运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
Windows Inisaller Connecions
PopWinIe
[Windows System Report Service
，选择“删除服务”
点“设置”选择“否”

显示隐藏文件删除
C:\WINDOWS\System32\System.exe
C:\WINDOWS\system32\PopWin.exe
C:\WINDOWS\system32\winsrs.exe
查找cmicnfg.cpl删除

首先谢谢这为高手,还有一个比较弱的问题想问下:
如果没有
C:\WINDOWS\System32\System.exe
C:\WINDOWS\system32\winsrs.exe
查找cmicnfg.cpl
这三项是不是也就没事了~~~~~~~~~~~~~~~~~~
   
    还有就是跳出网页的问题是不是就是上面这些导致的?
 
谢谢回复我一下啊!!

显示隐藏文件,再找一下

一定要修复