自动弹出网页,插件IEHelper在安全模式下不能清除.删除了文件夹病毒仍然存在.瑞星不能杀.


用超级兔子查到的问题

找到未知IE插件：C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper2006812_4825.dll

Win Survey (MSIBM)
桌面媒体
estAlive

日志

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit           

+ C:\WINDOWS\system32\userinit.exe    Userinit Logon Application    Microsoft Corporation    c:\windows\system32\userinit.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell           

+ Explorer.exe    Windows Explorer    Microsoft Corporation    c:\windows\explorer.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run           

+ BigDog303    Vimicro    Vimicro    c:\windows\vm303_sti.exe

+ EZEJMNAP    ThinkPad EasyEject Support Application    Lenovo Group Limited    c:\program files\thinkpad\utilities\ezejmnap.exe

+ igfxhkcmd    hkcmd Module    Intel Corporation    c:\windows\system32\hkcmd.exe

+ igfxpers    persistence Module    Intel Corporation    c:\windows\system32\igfxpers.exe

+ igfxtray    igfxTray Module    Intel Corporation    c:\windows\system32\igfxtray.exe

+ IMEKRMIG6.1            File not found: ;

+ IMJPMIG8.1            File not found: ;

+ MSPY2002            c:\windows\system32\ime\pintlgnt\imscinst.exe

+ PHIME2002A    微軟新注音輸入法 2002a    Microsoft Corporation    c:\windows\system32\ime\tintlgnt\tintsetp.exe

+ PHIME2002ASync    微軟新注音輸入法 2002a    Microsoft Corporation    c:\windows\system32\ime\tintlgnt\tintsetp.exe

+ RavTask    RavTimer    Beijing Rising Technology Co., Ltd.    c:\program files\rising\rav\ravtask.exe

+ RfwMain    Rising Personal FireWall Main Program    Beijing Rising Technology Co., Ltd.    c:\program files\rising\rfw\rfwmain.exe

+ SunJavaUpdateSched    Java(TM) 2 Platform Standard Edition binary    Sun Microsystems, Inc.    c:\program files\java\jre1.5.0_03\bin\jusched.exe

+ TPHOTKEY            c:\program files\lenovo\pkgmgr\hotkey\tphkmgr.exe

+ TPKMAPHELPER    Keyboard Customizer    Lenovo    c:\program files\thinkpad\utilities\tpkmapap.exe
日志:

C:\Documents and Settings\cll\「开始」菜单\程序\启动

+ 腾讯QQ.lnkQQTENCENTc:\program files\tencent\qq\qq.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

+ ctfmon.exeCTF LoaderMicrosoft Corporationc:\windows\system32\ctfmon.exe

+ Xplus_spyFile not found: C:\Program Files\Xplus\xvcclip.exe

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components

+ Internet ExplorerWindows NT User Data Migration ToolMicrosoft Corporationc:\windows\system32\shmgrate.exe

+ Internet Explorer 6IE 5.0 Per-User Install UtilityMicrosoft Corporationc:\windows\system32\ie4uinit.exe

+ Microsoft Outlook Express 6Outlook Express Setup LibraryMicrosoft Corporationc:\program files\outlook express\setup50.exe

+ Microsoft Windows Media PlayerMicrosoft Windows Media Player 安装实用程序Microsoft Corporationc:\windows\inf\unregmp2.exe

+ Microsoft Windows Media PlayerADVPACKMicrosoft Corporationc:\windows\system32\advpack.dll

+ NetMeeting 3.01ADVPACKMicrosoft Corporationc:\windows\system32\advpack.dll

+ Outlook ExpressWindows NT User Data Migration ToolMicrosoft Corporationc:\windows\system32\shmgrate.exe

+ Themes SetupMicrosoft(C) Register ServerMicrosoft Corporationc:\windows\system32\regsvr32.exe

+ Windows Messenger 4.7ADVPACKMicrosoft Corporationc:\windows\system32\advpack.dll

+ Windows 桌面更新Microsoft(C) Register ServerMicrosoft Corporationc:\windows\system32\regsvr32.exe

+ 通讯簿 6Outlook Express Setup LibraryMicrosoft Corporationc:\program files\outlook express\setup50.exe

+ 浏览器自定义组件Microsoft Internet Explorer Customization DLLMicrosoft Corporationc:\windows\system32\iedkcs32.dll

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler

+ Browseui 预加载程序Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ 组件类别缓存程序Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

+ CDBurnWindows Shell Common DllMicrosoft Corporationc:\windows\system32\shell32.dll

+ PostBootReminderWindows Shell Common DllMicrosoft Corporationc:\windows\system32\shell32.dll

+ SysTraySystray shell service objectMicrosoft Corporationc:\windows\system32\stobject.dll

+ WebCheckWeb Site MonitorMicrosoft Corporationc:\windows\system32\webcheck.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ shell32.dllWindows Shell Common DllMicrosoft Corporationc:\windows\system32\shell32.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ %DESC_PublishDropTarget%Photo Printing WizardMicrosoft Corporationc:\windows\system32\photowiz.dll

+ .CAB file viewerCabinet File Viewer Shell ExtensionMicrosoft Corporationc:\windows\system32\cabview.dll

+ ActiveX 高速缓存文件夹Object Control ViewerMicrosoft Corporationc:\windows\system32\occache.dll

+ Audio Media Properties HandlerMedia File Property Extractor Shell ExtensionMicrosoft Corporationc:\windows\system32\shmedia.dll

+ Auto Update Property Sheet ExtensionAutomatic Updates Control PanelMicrosoft Corporationc:\windows\system32\wuaucpl.cpl

+ Avi Properties HandlerMedia File Property Extractor Shell ExtensionMicrosoft Corporationc:\windows\system32\shmedia.dll

+ BandProxyShell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ CDF Extension Copy HookShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Channel MenuChannel Definition File ViewerMicrosoft Corporationc:\windows\system32\cdfview.dll

+ Channel PropertiesChannel Definition File ViewerMicrosoft Corporationc:\windows\system32\cdfview.dll

+ Code Download AgentWeb Site MonitorMicrosoft Corporationc:\windows\system32\webcheck.dll

+ Compatibility PageCompatibility Tab Shell Extension DLLMicrosoft Corporationc:\windows\system32\slayerxp.dll

+ Compressed (zipped) Folder Right Drag HandlerCompressed (zipped) FoldersMicrosoft Corporationc:\windows\system32\zipfldr.dll

+ Compressed (zipped) Folder SendTo TargetCompressed (zipped) FoldersMicrosoft Corporationc:\windows\system32\zipfldr.dll

+ ConnectionAgentWeb Site MonitorMicrosoft Corporationc:\windows\system32\webcheck.dll

+ Crypto PKO ExtensionCrypto Shell ExtensionsMicrosoft Corporationc:\windows\system32\cryptext.dll

+ Crypto Sign ExtensionCrypto Shell ExtensionsMicrosoft Corporationc:\windows\system32\cryptext.dll

+ Darwin App PublisherShell Application ManagerMicrosoft Corporationc:\windows\system32\appwiz.cpl

+ DfsShellDistributed File System shell extensionMicrosoft Corporationc:\windows\system32\dfsshlex.dll

+ Directory Context Menu VerbsDirectory Service Common UIMicrosoft Corporationc:\windows\system32\dsuiext.dll

+ Directory Object FindDirectory Service FindMicrosoft Corporationc:\windows\system32\dsquery.dll

+ Directory Property UIDirectory Service Common UIMicrosoft Corporationc:\windows\system32\dsuiext.dll

+ Directory Query UIDirectory Service FindMicrosoft Corporationc:\windows\system32\dsquery.dll

+ Directory Start/Search FindDirectory Service FindMicrosoft Corporationc:\windows\system32\dsquery.dll

+ Disk Copy ExtensionWindows DiskCopyMicrosoft Corporationc:\windows\system32\diskcopy.dll

+ Disk Quota UIWindows Shell Disk Quota UI DLLMicrosoft Corporationc:\windows\system32\dskquoui.dll

+ Display Adapter CPL ExtensionAdvanced display adapter propertiesMicrosoft Corporationc:\windows\system32\deskadp.dll

+ Display Monitor CPL ExtensionAdvanced display monitor propertiesMicrosoft Corporationc:\windows\system32\deskmon.dll

+ Display Panning CPL ExtensionFile not found: deskpan.dll

+ Display TroubleShoot CPL ExtensionAdvanced display performance propertiesMicrosoft Corporationc:\windows\system32\deskperf.dll

+ DS Security PageDirectory Service Security UIMicrosoft Corporationc:\windows\system32\dssec.dll

+ Extensions Manager FolderExtensions ManagerMicrosoft Corporationc:\windows\system32\extmgr.dll

+ Favorites BandShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ FTP Folders WebviewMicrosoft Internet Explorer FTP Folder Shell ExtensionMicrosoft Corporationc:\windows\system32\msieftp.dll

+ Fusion CacheMicrosoft .NET Runtime Execution EngineMicrosoft Corporationc:\windows\system32\mscoree.dll

+ GDI+ 文件缩略图解压缩程序Windows 图片和传真查看器Microsoft Corporationc:\windows\system32\shimgvw.dll

+ HTML 缩略图的解压缩程序Windows 图片和传真查看器Microsoft Corporationc:\windows\system32\shimgvw.dll

+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\windows\system32\hticons.dll

+ ICC 配置文件Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\windows\system32\icmui.dll

+ ICM 打印机管理Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\windows\system32\icmui.dll

+ ICM 监视器管理Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\windows\system32\icmui.dll

+ ICM 扫描仪管理Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\windows\system32\icmui.dll

+ IE4 套件初始屏幕Shell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Installed Apps EnumeratorShell Application ManagerMicrosoft Corporationc:\windows\system32\appwiz.cpl

+ InternetShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ InternetShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Internet Name SpaceShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Internet 临时文件Shell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Internet 临时文件Shell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ InternetShortcutShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ ISFBand OCShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Microsoft Agent Character Property Sheet HandlerMicrosoft Agent Property Sheet HandlerMicrosoft Corporationc:\windows\msagent\agentpsh.dll

+ Microsoft AutoCompleteShell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Microsoft Browser ArchitectureShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Microsoft BrowserBandShell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Microsoft DocProp Inplace Calendar ControlMicrosoft DocProp Shell ExtMicrosoft Corporationc:\windows\system32\docprop2.dll

+ Microsoft DocProp Inplace Droplist Combo ControlMicrosoft DocProp Shell ExtMicrosoft Corporationc:\windows\system32\docprop2.dll

+ Microsoft DocProp Inplace Edit Box ControlMicrosoft DocProp Shell ExtMicrosoft Corporationc:\windows\system32\docprop2.dll

+ Microsoft DocProp Inplace ML Edit Box ControlMicrosoft DocProp Shell ExtMicrosoft Corporationc:\windows\system32\docprop2.dll

+ Microsoft DocProp Inplace Time ControlMicrosoft DocProp Shell ExtMicrosoft Corporationc:\windows\system32\docprop2.dll

+ Microsoft DocProp Shell ExtMicrosoft DocProp Shell ExtMicrosoft Corporationc:\windows\system32\docprop2.dll

+ Microsoft Internet 工具栏Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Microsoft Url History 服务Shell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Microsoft Url 搜索挂接Shell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Microsoft 多个自动完成列表容器Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Microsoft 历史自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Microsoft 数据链接Microsoft Data Access - OLE DB Core ServicesMicrosoft Corporationc:\program files\common files\system\ole db\oledb32.dll

+ Microsoft 外壳文件夹自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Midi Properties HandlerMedia File Property Extractor Shell ExtensionMicrosoft Corporationc:\windows\system32\shmedia.dll

+ MMC Icon HandlerMMC Shell Extension DLLMicrosoft Corporationc:\windows\system32\mmcshext.dll

+ MRU 自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Multimedia File Property SheetControl Panel Drivers AppletMicrosoft Corporationc:\windows\system32\mmsys.cpl

+ MyDocs Copy HookMy Documents Folder UIMicrosoft Corporationc:\windows\system32\mydocs.dll

+ MyDocs Drop TargetMy Documents Folder UIMicrosoft Corporationc:\windows\system32\mydocs.dll

+ MyDocs PropertiesMy Documents Folder UIMicrosoft Corporationc:\windows\system32\mydocs.dll

+ NTFS Security PageSecurity Shell ExtensionMicrosoft Corporationc:\windows\system32\rshx32.dll

+ Offline Files Folder OptionsClient Side Caching UIMicrosoft Corporationc:\windows\system32\cscui.dll

+ Offline Files MenuClient Side Caching UIMicrosoft Corporationc:\windows\system32\cscui.dll

+ OLE Docfile Property PageOLE DocFile Property PageMicrosoft Corporationc:\windows\system32\docprop.dll

+ PlusPack CPL ExtensionWindows Theme APIMicrosoft Corporationc:\windows\system32\themeui.dll

+ Portable Media Devices便携媒体设备命令行解释器扩展Microsoft Corporationc:\windows\system32\audiodev.dll

+ Portable Media Devices Menu便携媒体设备命令行解释器扩展Microsoft Corporationc:\windows\system32\audiodev.dll

+ PostAgentWeb Site MonitorMicrosoft Corporationc:\windows\system32\webcheck.dll

+ Printers Security PageSecurity Shell ExtensionMicrosoft Corporationc:\windows\system32\rshx32.dll

+ Remote Sessions CPL ExtensionRemote Sessions CPL ExtensionMicrosoft Corporationc:\windows\system32\remotepg.dll

+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

+ SafeGuard PrivateDisk extensionSafeGuard PrivateDisk Shell Extension DLLUtimaco Safeware AGc:\program files\ibm thinkvantage\safeguard privatedisk\pdshell.dll

+ Search Assistant OCShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Sendmail serviceSend MailMicrosoft Corporationc:\windows\system32\sendmail.dll

+ Sendmail serviceSend MailMicrosoft Corporationc:\windows\system32\sendmail.dll

+ Set Program Access and DefaultsShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Shell Application ManagerShell Application ManagerMicrosoft Corporationc:\windows\system32\appwiz.cpl

+ Shell Automation Inproc ServiceShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Shell Band Site MenuShell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Shell DocObject ViewerShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Shell extensions for Microsoft Windows Network objectsNetwork object shell UIMicrosoft Corporationc:\windows\system32\ntlanui2.dll

+ Shell extensions for sharingShell extensions for sharingMicrosoft Corporationc:\windows\system32\ntshrui.dll

+ Shell extensions for sharingShell extensions for sharingMicrosoft Corporationc:\windows\system32\ntshrui.dll

+ Shell Image Data FactoryWindows 图片和传真查看器Microsoft Corporationc:\windows\system32\shimgvw.dll

+ Shell Image Property HandlerWindows 图片和传真查看器Microsoft Corporationc:\windows\system32\shimgvw.dll

+ Shell Image VerbsWindows 图片和传真查看器Microsoft Corporationc:\windows\system32\shimgvw.dll

+ Shell properties for a DS objectDirectory Service FindMicrosoft Corporationc:\windows\system32\dsquery.dll