瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 继续求助!十分讨厌的掌门网,依然无法去除

123   3  /  3  页   跳转

继续求助!十分讨厌的掌门网,依然无法去除

收藏
飞侠119
头像
初生襁褓狮
  • 帖子:27
  • 注册: 2006-04-29
  • 来自:
发表于: 2006-06-07 14:39 | 只看楼主 短消息 资料
字号: 21楼

正在运行的进程
[PID: 468][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 524][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 548][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 592][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 604][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\system32\w2pxdrv.dll]  <Proxy Labs><2, 0, 1, 1>
[PID: 784][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\system32\w2pxdrv.dll]  <Proxy Labs><2, 0, 1, 1>
[PID: 832][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\System32\w2pxdrv.dll]  <Proxy Labs><2, 0, 1, 1>
[PID: 928][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\System32\w2pxdrv.dll]  <Proxy Labs><2, 0, 1, 1>
[PID: 972][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\System32\w2pxdrv.dll]  <Proxy Labs><2, 0, 1, 1>
[PID: 1064][C:\KAV2005\KWatch.EXE]  <Kingsoft Corporation><2005, 9, 27, 51>
    [C:\KAV2005\KAVIPC2.DLL]  <Kingsoft Corporation><2004, 12, 28, 20>
    [C:\KAV2005\KAEPlat.DLL]  <Kingsoft Corp.><2005, 12, 29, 56>
    [C:\KAV2005\KAEMem.DAT]  <Kingsoft><2006, 4, 12, 13>
    [C:\KAV2005\KAEUnpack.DAT]  <Kingsoft Corp.><2006, 3, 21, 17>
[PID: 1120][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.1699 (xpsp2.050610-1533)>
    [C:\WINDOWS\System32\AdobePDF.dll]  <Adobe Systems Incorporated.><7.0.0.00>
    [C:\Program Files\Adobe\Acrobat 7.0\Distillr\AdistRes.CHS]  <N/A><N/A>
    [C:\WINDOWS\system32\awmon.dll]  <Symantec Corporation><9.2.1>
[PID: 1392][C:\WINDOWS\System32\drivers\CDAC11BA.EXE]  <Macrovision><4.20.020>
[PID: 1416][C:\Program Files\DigitalPersona\UareUPro\DpHost.exe]  <Digital Persona, Inc.><1.1.0.0>
    [C:\Program Files\DigitalPersona\UareUPro\DPPS.dll]  <Digital Persona, Inc.><1.1.0.0>
    [C:\Program Files\DigitalPersona\UareUPro\DpCmpMgt.dll]  <Digital Persona, Inc.><1.1.0.0>
    [C:\Program Files\DigitalPersona\UareUPro\DpDtObjs.dll]  <Digital Persona, Inc.><1.1.0.0>
    [C:\Program Files\DigitalPersona\UareUPro\DPDevAgt.dll]  <Digital Persona, Inc.><1.1.0.0>
    [C:\WINDOWS\System32\dpDevCtl.dll]  <DigitalPersona, Inc.><2.1.1.499>
[PID: 1480][C:\WINDOWS\System32\inetsrv\inetinfo.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\System32\w2pxdrv.dll]  <Proxy Labs><2, 0, 1, 1>
[PID: 1500][C:\KAV2005\KPfwSvc.EXE]  <Kingsoft Corporation><2005, 9, 5, 28>
[PID: 1524][C:\WINDOWS\System32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.5672>
[PID: 1592][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  <Analog Devices, Inc.><3, 2, 6, 0>
[PID: 1744][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\System32\AcSignIcon.dll]  <Autodesk><16.0.0.86>
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  <Autodesk><16.0.0.86>
    [C:\PROGRA~1\COMMON~1\system\msdc32.dll]  <C1NETHELPER><1, 0, 0, 1>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.CHS]  <Adobe Systems, Inc.><7.0.0.0>
    [C:\WINDOWS\System32\nvcpl.dll]  <NVIDIA Corporation><6.14.10.5672>
    [C:\WINDOWS\System32\nvshell.dll]  <NVIDIA Corporation><6.14.10.5672>
    [C:\WINDOWS\System32\NVWRSZHC.DLL]  <NVIDIA Corporation><6.14.10.5672>
[PID: 1884][C:\WINDOWS\System32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 1908][C:\Program Files\MSN Messenger\msnmsgr.exe]  <Microsoft Corporation><7.5.0324>
    [C:\WINDOWS\System32\w2pxdrv.dll]  <Proxy Labs><2, 0, 1, 1>
    [C:\WINDOWS\System32\msdmo.dll]  <N/A><N/A>
    [C:\KAV2005\KAScript.DLL]  <Kingsoft Corporation><2006, 2, 10, 60>
    [C:\KAV2005\KAEPlat.DLL]  <Kingsoft Corp.><2005, 12, 29, 56>
    [C:\KAV2005\KAEMem.DAT]  <Kingsoft><2006, 4, 12, 13>
    [C:\KAV2005\KAEUnpack.DAT]  <Kingsoft Corp.><2006, 3, 21, 17>
[PID: 1916][C:\Program Files\jj4\jjsvr4.exe]  <加加开发组><4.0.0.20>
[PID: 1932][C:\KAV2005\KPFW32.EXE]  <Kingsoft Corporation><2006, 1, 17, 609>
    [C:\KAV2005\KAVIPC2.DLL]  <Kingsoft Corporation><2004, 12, 28, 20>
    [C:\KAV2005\KAConfig.DLL]  <Kingsoft Corporation><2005, 3, 23, 30>
    [C:\KAV2005\FiltList.dll]  <N/A><N/A>
    [C:\KAV2005\KAVPassp.DLL]  <Kingsoft Corporation><2006, 5, 26, 246>
    [C:\WINDOWS\System32\AcSignIcon.dll]  <Autodesk><16.0.0.86>
    [C:\KAV2005\KAEPlat.DLL]  <Kingsoft Corp.><2005, 12, 29, 56>
    [C:\KAV2005\KAEMem.DAT]  <Kingsoft><2006, 4, 12, 13>
    [C:\KAV2005\KAEUnpack.DAT]  <Kingsoft Corp.><2006, 3, 21, 17>
    [C:\WINDOWS\System32\w2pxdrv.dll]  <Proxy Labs><2, 0, 1, 1>
    [C:\KAV2005\KAScript.DLL]  <Kingsoft Corporation><2006, 2, 10, 60>
[PID: 2000][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
gototop
 
飞侠119
头像
初生襁褓狮
  • 帖子:27
  • 注册: 2006-04-29
  • 来自:
发表于: 2006-06-07 14:40 | 只看楼主 短消息 资料
字号: 22楼

[C:\WINDOWS\System32\hpwx3770.dll]  <Hewlett-Packard><3.2.2.674>
    [C:\WINDOWS\System32\hpgt3770.dll]  <Hewlett-Packard><1.0.2.682>
[PID: 2036][C:\WINDOWS\System32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 264][C:\Program Files\Activesoft\Active Messenger\Msger.exe]  <Activesoft><3, 0, 6, 1>
    [C:\WINDOWS\System32\w2pxdrv.dll]  <Proxy Labs><2, 0, 1, 1>
[PID: 2836][E:\game\sreng2\SREng.exe]  <Smallfrogs Studio><2.0.12.350>
    [C:\WINDOWS\System32\w2pxdrv.dll]  <Proxy Labs><2, 0, 1, 1>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
PROXYCAP MSAFD Tcpip [TCP/IP]
    w2pxdrv.dll(Proxy Labs, Winsock2 Proxy Driver)
PROXYCAP MSAFD Tcpip [UDP/IP]
    w2pxdrv.dll(Proxy Labs, Winsock2 Proxy Driver)
PROXYCAP MSAFD Tcpip [RAW/IP]
    w2pxdrv.dll(Proxy Labs, Winsock2 Proxy Driver)
PROXYCAP RSVP UDP Service Provider
    w2pxdrv.dll(Proxy Labs, Winsock2 Proxy Driver)
PROXYCAP RSVP TCP Service Provider
    w2pxdrv.dll(Proxy Labs, Winsock2 Proxy Driver)
PROXYCAP LSP
    w2pxdrv.dll(Proxy Labs, Winsock2 Proxy Driver)

==================================
gototop
 
我无邪
头像
高贵耄耋狮
  • 帖子:20720
  • 注册: 2004-06-10
  • 来自:广西玉林
发表于: 2006-06-07 20:00 | 短消息 资料
字号: 23楼

请问以下方法你做了?
C:\WINDOWS\System32\w2pxdrv.dll
关于这一项,有些麻烦
请到http://forum.ikaka.com/topic.asp?board=67&artid=5188931,下载,LSPFix.exe,WinsockXPFix这两个软件。
运行LSPFix.exe
删除
w2pxdrv.dll
附说明一份
LSPFix.exe这个软件主要用来辅助修复HijackThis扫描发现的O10项。
使用时,请关闭所有IE界面和文件夹界面后运行LSPFix,运行后,把要修复的那一个O10项从左边转到右边,点“Finish”即可。(不过这之前,需要在“I know what I`m doing”前面打勾。)
删除C:\WINDOWS\System32\w2pxdrv.dll
修复后,如果无法上网,请运行WinsockXPFix,让它修复一下。
运行System Repair Engineer,使用“启动项目,注册表”来删除以下选项。
(如果在注册表里无法识别那一下,可以选中一项后,点“编辑”这样会有很明细的路径)
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<CNETHELPER><rundll32.exe C:\PROGRA~1\COMMON~1\system\msdc32.dll,_S1>
gototop
 
<<上一主题|下一主题>>
123   3  /  3  页   跳转
页面顶部
Powered by Discuz!NT