主題: ie老自動彈出視窗
查看單個文章
舊 2006-06-01, 06:02 AM   #1
psac
榮譽會員
 
psac 的頭像
榮譽勳章
UID - 3662
在線等級: 級別:30 | 在線時長:1048小時 | 升級還需:37小時級別:30 | 在線時長:1048小時 | 升級還需:37小時級別:30 | 在線時長:1048小時 | 升級還需:37小時級別:30 | 在線時長:1048小時 | 升級還需:37小時級別:30 | 在線時長:1048小時 | 升級還需:37小時
註冊日期: 2002-12-07
住址: 木柵市立動物園
文章: 17381
現金: 5253 金幣
資產: 33853 金幣
預設 ie老自動彈出視窗
Q:

我的ie老自動彈出視窗請大家看下。
我的ie老自動彈出視窗請大家看下是那個工作行程的問題,怎麼解決?
我用惡意軟件清理助手在安全模式下清理了也不行!鬱悶中!
[PID: 472][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 528][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 552][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 596][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 608][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 756][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 800][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 860][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 956][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 972][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1280][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1288][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll] <Kaspersky Lab><5.0.676.1>
[C:\WINDOWS\system32\PYJJU.IME] <北京六合源軟件技術有限公司><2, 2, 0, 4>
[C:\WINDOWS\system32\MicrosoftNet.dll] <TODO: <公司名>><1.0.0.1>
[d:\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 1>
[d:\NetTransport 2\NTIEHelper.dll] <Xi><1.91.12>
[PID: 1528][C:\WINDOWS\system32\RUNDLL32.EXE] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NvMcTray.dll] <NVIDIA Corporation><6.14.10.6085>
[PID: 1536][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] <RealNetworks, Inc.><0.1.0.3018>
[PID: 1552][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1560][C:\Program Files\pcsporl\Sporl.exe] <N/A><N/A>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll] <Kaspersky Lab><5.0.676.20>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scbridge.dll] <Kaspersky Lab><5.0.676.1>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll] <Kaspersky Lab><5.0.676.0>
[C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx] <Macromedia, Inc.><8,0,24,0>
[PID: 1764][C:\WINDOWS\system32\nvsvc32.exe] <NVIDIA Corporation><6.14.10.6085>
[PID: 1904][C:\WINDOWS\system32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 1672][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2108][C:\Program Files\Maxthon\Maxthon.exe] <Maxthon International Ltd.><1, 5, 1, 39>
[C:\Program Files\Maxthon\maxzlib.dll] < ><1, 0, 0, 2>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll] <Kaspersky Lab><5.0.676.20>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scbridge.dll] <Kaspersky Lab><5.0.676.1>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll] <Kaspersky Lab><5.0.676.0>
[C:\Program Files\Maxthon\Services\RealTime\real_time.dll] <><1, 0, 0, 1>
[C:\WINDOWS\system32\PYJJU.IME] <北京六合源軟件技術有限公司><2, 2, 0, 4>
[C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx] <Macromedia, Inc.><8,0,24,0>
[PID: 3260][C:\WINDOWS\system32\PYINTAU.EXE] <北京六合源軟件技術有限公司><2, 2, 1, 4>
[C:\WINDOWS\system32\PYCODEU.dll] <北京六合源軟件技術有限公司><2, 2, 0, 4>
[C:\WINDOWS\system32\PYJJCZU.dll] <北京六合源軟件技術有限公司><2, 2, 0, 0>
[PID: 2588][d:\Thunder Network\Thunder\Program\Thunder5.exe] <Thunder Networking Technologies,LTD><5.1.6.198>
[d:\Thunder Network\Thunder\Program\updatedownload.dll] <Thunder Networking Technologies,LTD><1, 0, 1, 3>
[d:\Thunder Network\Thunder\Program\download_interface.dll] <Thunder Networking Technologies,LTD><1, 0, 2, 69>
[d:\Thunder Network\Thunder\Program\log4cplus.dll] <><1, 0, 2, 1>
[d:\Thunder Network\Thunder\Program\stlport_vc646.dll] <STLport Consulting, Inc.><4.6.2003.1031>
[d:\Thunder Network\Thunder\Program\asyn_dns.dll] <N/A><N/A>
[d:\Thunder Network\Thunder\Program\msgmanage.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 15>
[d:\Thunder Network\Thunder\Program\historyinfo_manage.dll] <Thunder Networking Technologies,LTD><5, 2, 0, 148>
[d:\Thunder Network\Thunder\Program\RegisterDll.dll] <Thunder Networking Technologies,LTD><1, 2, 0, 7>
[d:\Thunder Network\Thunder\Program\FloatBar.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 2>
[d:\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll] < ><1, 0, 0, 5>
[d:\Thunder Network\Thunder\Components\InMedia\iEmbed.dll] < ><2, 1, 0, 29>
[d:\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 4>
[d:\Thunder Network\Thunder\Program\iTargetAd.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 60>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll] <Kaspersky Lab><5.0.676.20>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scbridge.dll] <Kaspersky Lab><5.0.676.1>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll] <Kaspersky Lab><5.0.676.0>
[PID: 168][C:\Documents and Settings\admin\桌面\掃瞄工具\SREng.exe] <Smallfrogs Studio><2.0.12.350>
瀏覽器載入項:
瀏覽器載入項
[CaiShowBH Class]
{3AF40CB8-B3BA-4E2D-8968-4BF8DB172997} <C:\Program Files\CaiShow Tech\CaiShow\BrowerHelper.dll, TODO: <公司名>>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Tencent\qq\QQIEHelper.dll, 深圳市騰訊電腦系統有限公司>
[NetAccelerate Class]
{5673A7C0-95CC-4646-BB07-3BD71234CEF9} <C:\WINDOWS\system32\MicrosoftNet.dll, TODO: <公司名>>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <d:\NetTransport 2\NTIEHelper.dll, Xi>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\Tencent\qq\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\Tencent\qq\QQIEHelper.dll, 深圳市騰訊電腦系統有限公司>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[金山快譯(&K)]
{6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <d:\FASTAI~1\IEBand.dll, >
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Shell Automation Service]
{13709620-C279-11CE-A49E-444553540000} <%SystemRoot%\system32\SHELL32.dll, N/A>
[RealPlayer SMIL Download Handler]
{224E833B-2CC6-42D9-AE39-90B6A38A4FA2} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[CaiShowBH Class]
{3AF40CB8-B3BA-4E2D-8968-4BF8DB172997} <C:\Program Files\CaiShow Tech\CaiShow\BrowerHelper.dll, TODO: <公司名>>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Tencent\qq\QQIEHelper.dll, 深圳市騰訊電腦系統有限公司>
[NetAccelerate Class]
{5673A7C0-95CC-4646-BB07-3BD71234CEF9} <C:\WINDOWS\system32\MicrosoftNet.dll, TODO: <公司名>>
[金山快譯(&K)]
{6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <d:\FASTAI~1\IEBand.dll, >
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <d:\NetTransport 2\NTIEHelper.dll, Xi>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[>>彩信發送<<]
<res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm, N/A>
[上傳到QQ網路硬碟]
<D:\Tencent\qq\AddToNetDisk.htm, N/A>
[使用影音傳送帶下載]
<D:\NetTransport 2\NTAddLink.html, N/A>
[使用影音傳送帶下載全部鏈接]
<D:\NetTransport 2\NTAddList.html, N/A>
[使用迅雷下載]
<d:\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下載全部鏈接]
<d:\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[新增到QQ自定義面板]
<D:\Tencent\qq\AddPanel.htm, N/A>
[新增到QQ表情]
<D:\Tencent\qq\AddEmotion.htm, N/A>
[新增到雅虎訂閱(&Y)]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT, N/A>
[用QQ彩信發送該圖片]
<D:\Tencent\qq\SendMMS.htm, N/A>
[用炫彩圖鈴發送該圖片]
<C:\Program Files\CaiShow Tech\CaiShow\SendMMS.htm, N/A>
[訪問唯一下載查找]
<http://www.onlydown.cn/down.htm, N/A>
2006-05-31,17:42:32

System Repair Engineer 2.0.12.350 (2.0 RC 1)
Windows XP Professional Service Pack 2 - 管理權限用戶 - 完整功能

以下內容被選中:
所有的啟動專案(包括註冊表、啟動資料夾、服務等)
瀏覽器載入項
正在執行的工作行程(包括工作行程模塊訊息)
文件關聯


啟動專案
註冊表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ScanRegistry><C:\Program Files\pcsporl\Sporl.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<caishowmanage><C:\Program Files\CaiShow Tech\CaiShow\UpdateManager.EXE>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<nwiz><nwiz.exe /install>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<KAVPersonal50><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Userinit><C:\WINDOWS\system32\userinit.exe,C:\Program Files\Eset\freeme.exe /s,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>

==================================
啟動資料夾
服務
[HID Input Service Time / HID sever]
<C:\WINDOWS\system32\Hsever.exe><N/A>
[Kaspersky Anti-Virus Service / kavsvc]
<"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"><Kaspersky Lab>
[NVIDIA Display Driver Service / NVSvc]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[winaua / winaua]
<C:\DOCUME~1\admin\LOCALS~1\Temp\aua1\aua1.exe -R><N/A>

==================================
瀏覽器載入項
[CaiShowBH Class]
{3AF40CB8-B3BA-4E2D-8968-4BF8DB172997} <C:\Program Files\CaiShow Tech\CaiShow\BrowerHelper.dll, TODO: <公司名>>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Tencent\qq\QQIEHelper.dll, 深圳市騰訊電腦系統有限公司>
[NetAccelerate Class]
{5673A7C0-95CC-4646-BB07-3BD71234CEF9} <C:\WINDOWS\system32\MicrosoftNet.dll, TODO: <公司名>>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <d:\NetTransport 2\NTIEHelper.dll, Xi>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\Tencent\qq\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\Tencent\qq\QQIEHelper.dll, 深圳市騰訊電腦系統有限公司>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[金山快譯(&K)]
{6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <d:\FASTAI~1\IEBand.dll, >
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Shell Automation Service]
{13709620-C279-11CE-A49E-444553540000} <%SystemRoot%\system32\SHELL32.dll, N/A>
[RealPlayer SMIL Download Handler]
{224E833B-2CC6-42D9-AE39-90B6A38A4FA2} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[CaiShowBH Class]
{3AF40CB8-B3BA-4E2D-8968-4BF8DB172997} <C:\Program Files\CaiShow Tech\CaiShow\BrowerHelper.dll, TODO: <公司名>>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Tencent\qq\QQIEHelper.dll, 深圳市騰訊電腦系統有限公司>
[NetAccelerate Class]
{5673A7C0-95CC-4646-BB07-3BD71234CEF9} <C:\WINDOWS\system32\MicrosoftNet.dll, TODO: <公司名>>
[金山快譯(&K)]
{6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <d:\FASTAI~1\IEBand.dll, >
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <d:\NetTransport 2\NTIEHelper.dll, Xi>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[>>彩信發送<<]
<res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm, N/A>
[上傳到QQ網路硬碟]
<D:\Tencent\qq\AddToNetDisk.htm, N/A>
[使用影音傳送帶下載]
<D:\NetTransport 2\NTAddLink.html, N/A>
[使用影音傳送帶下載全部鏈接]
<D:\NetTransport 2\NTAddList.html, N/A>
[使用迅雷下載]
<d:\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下載全部鏈接]
<d:\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[新增到QQ自定義面板]
<D:\Tencent\qq\AddPanel.htm, N/A>
[新增到QQ表情]
<D:\Tencent\qq\AddEmotion.htm, N/A>
[新增到雅虎訂閱(&Y)]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT, N/A>
[用QQ彩信發送該圖片]
<D:\Tencent\qq\SendMMS.htm, N/A>
[用炫彩圖鈴發送該圖片]
<C:\Program Files\CaiShow Tech\CaiShow\SendMMS.htm, N/A>
[訪問唯一下載查找]
<http://www.onlydown.cn/down.htm, N/A>

==================================
正在執行的工作行程
[PID: 480][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 536][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 560][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 604][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 616][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 756][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 804][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 840][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 888][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 948][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1240][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1440][C:\WINDOWS\system32\nvsvc32.exe] <NVIDIA Corporation><6.14.10.6085>
[PID: 1532][C:\WINDOWS\system32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 1812][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1988][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1968][C:\WINDOWS\system32\RUNDLL32.EXE] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\NvMcTray.dll] <NVIDIA Corporation><6.14.10.6085>
[PID: 1976][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] <RealNetworks, Inc.><0.1.0.3018>
[PID: 136][C:\Program Files\pcsporl\Sporl.exe] <N/A><N/A>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll] <Kaspersky Lab><5.0.676.20>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scbridge.dll] <Kaspersky Lab><5.0.676.1>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll] <Kaspersky Lab><5.0.676.0>
[PID: 1048][C:\Program Files\Maxthon\Maxthon.exe] <Maxthon International Ltd.><1, 5, 1, 39>
[C:\Program Files\Maxthon\maxzlib.dll] < ><1, 0, 0, 2>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll] <Kaspersky Lab><5.0.676.20>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scbridge.dll] <Kaspersky Lab><5.0.676.1>
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll] <Kaspersky Lab><5.0.676.0>
[C:\Program Files\Maxthon\Services\RealTime\real_time.dll] <><1, 0, 0, 1>
[C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx] <Macromedia, Inc.><8,0,24,0>
[PID: 992][C:\WINDOWS\explorer.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MicrosoftNet.dll] <TODO: <公司名>><1.0.0.1>
[d:\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 1>
[d:\NetTransport 2\NTIEHelper.dll] <Xi><1.91.12>
[PID: 1120][C:\Documents and Settings\admin\桌面\掃瞄工具\SREng.exe] <Smallfrogs Studio><2.0.12.350>

==================================
文件關聯
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================




A:





開始 執行 services.msc   禁用下面名稱的服務
winaua


再次執行 System Repair Engineer 在"系統修復"->"瀏覽器載入項" 中刪除下面專案

[NetAccelerate Class]
{5673A7C0-95CC-4646-BB07-3BD71234CEF9} <C:\WINDOWS\system32\MicrosoftNet.dll, TODO: <公司名>>
[NetAccelerate Class]
{5673A7C0-95CC-4646-BB07-3BD71234CEF9} <C:\WINDOWS\system32\MicrosoftNet.dll, TODO: <公司名>>



清空資料夾 C:\DOCUME~1\admin\LOCALS~1\Temp
C:\WINDOWS\system32\MicrosoftNet.dll <--刪除此文件



or...


用System Repair Engineer刪除
啟動項:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ScanRegistry><C:\Program Files\pcsporl\Sporl.exe>

服務:
[winaua / winaua]
<C:\DOCUME~1\admin\LOCALS~1\Temp\aua1\aua1.exe -R><N/A>

瀏覽器載入項:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<caishowmanage><C:\Program Files\CaiShow Tech\CaiShow\UpdateManager.EXE>
[CaiShowBH Class]
{3AF40CB8-B3BA-4E2D-8968-4BF8DB172997} <C:\Program Files\CaiShow Tech\CaiShow\BrowerHelper.dll, TODO: <公司名>>
[NetAccelerate Class]
{5673A7C0-95CC-4646-BB07-3BD71234CEF9} <C:\WINDOWS\system32\MicrosoftNet.dll, TODO: <公司名>>
[CaiShowBH Class]
{3AF40CB8-B3BA-4E2D-8968-4BF8DB172997} <C:\Program Files\CaiShow Tech\CaiShow\BrowerHelper.dll, TODO: <公司名>>
[用炫彩圖鈴發送該圖片]
<C:\Program Files\CaiShow Tech\CaiShow\SendMMS.htm, N/A>

重新啟動後刪除以上對應文件(Sporl.exe的文件暫時不刪)。

C:\Program Files\pcsporl\Sporl.exe這個程式很可疑,你知道是什麼嗎?能否壓縮後發給我moonforest#163.com
psac 目前離線  
送花文章: 3, 收花文章: 1631 篇, 收花: 3205 次