在打开某个网页时会时自动弹出另一个页面，比较固定的是这两个http://www.lovewall.net/index.php?ref=love，和http://img.shenme.net/u/tl/qp1/index.htm?userid=16545，
已经查过没有中毒，以下是日志
Logfile of HijackThis v1.99.1
Scan saved at 16:13:49, on 2006-5-13
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\pavsrv51.exe
e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
e:\program files\熊猫\熊猫钛金版2006防病毒+防间谍软件\firewall\PNMSRV.EXE
C:\WINDOWS\System32\svchost.exe
e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\PsImSvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
E:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\APVXDWIN.EXE
C:\WINDOWS\System32\ctfmon.exe
e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\WebProxy.exe
E:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
F:\Program Files\Tencent\QQ\QQ.exe
F:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\avciman.exe
e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\psimreal.exe
I:\Safety\HijackThis.exe

O1 - Hosts: 202.98.196.1 www.lovewall.net/index.php?ref=love
O1 - Hosts: 202.98.196.1 www.94ml.com
O1 - Hosts: 202.98.196.1 http://img.shenme.net/u/tl/qp1/index.htm?userid=16545
O2 - BHO: (no name) - {889D2FEB-5411-4565-8998-1DD2C5261283}? - (no file)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\PROGRA~1\FlashGet\jccatch.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\System32\kakatool.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [APVXDWIN] "e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [ATIPTA] ; C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AudioDeck] ; C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &使用迅雷下载 - e:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - e:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 豪杰超级解霸V8实时播放 - e:\Herosoft\HeroV8\MPURLGET.HTM
O9 - Extra button: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - e:\Herosoft\HeroV8\STHSDVD.EXE
O9 - Extra 'Tools' menuitem: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - e:\Herosoft\HeroV8\STHSDVD.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'e:\program files\
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145275565484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1145897681218
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E74D6ED-B1B6-41BE-834E-775A3677781F}: NameServer = 202.98.192.68,202.98.198.168
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF650810-AB9B-4079-93E7-84AAF6692051}: NameServer = 202.98.198.168 202.98.192.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E74D6ED-B1B6-41BE-834E-775A3677781F}: NameServer = 202.98.192.68,202.98.198.168
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\PavFnSvr.exe (file missing)
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Unknown owner - e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\pavsrv51.exe (file missing)
O23 - Service: Panda Network Manager (PNMSRV) - Unknown owner - e:\program files\熊猫\熊猫钛金版2006防病毒+防间谍软件\firewall\PNMSRV.EXE (file missing)
O23 - Service: Panda IManager Service (PSIMSVC) - Unknown owner - e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\PsImSvc.exe (file missing)
O23 - Service: Panda TPSrv (TPSrv) - Unknown owner - e:\Program Files\熊猫\熊猫钛金版2006防病毒+防间谍软件\TPSrv.exe (file missing)
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - E:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

先修复这4项
O1 - Hosts: 202.98.196.1 www.lovewall.net/index.php?ref=love
O1 - Hosts: 202.98.196.1 www.94ml.com
O1 - Hosts: 202.98.196.1 http://img.shenme.net/u/tl/qp1/index.htm?userid=16545
O2 - BHO: (no name) - {889D2FEB-5411-4565-8998-1DD2C5261283}? - (no file)
修复后就重启
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
www.27814939.ys168.com

引用:
【我无邪的贴子】先修复这4项 O1 - Hosts: 202.98.196.1 www.lovewall.net/index.php?ref=love O1 - Hosts: 202.98.196.1 www.94ml.com O1 - Hosts: 202.98.196.1 http://img.shenme.net/u/tl/qp1/index.htm?userid=16545 O2 - BHO: (no name) - {889D2FEB-5411-4565-8998-1DD2C5261283}? - (no file) 修复后就重启 不好意思，这三项是我自己加的，目的是屏蔽这三个网址，经常弹出的就是这三个，但是加了也没用，照弹不误。