因为是在公司，而且弹出的都是些非常色情的flash，点击连接到一些诸如“九州梦网”等的视频内容提供网站。高手帮我解惑，如何能够除去这个东东。

好像不开Maxthon的时候是没有弹出窗口的，但是如果开了Maxthon的话也不是一定会弹出窗口，他是很随机的，一天大约会弹出两到三次。尽管我用Maxthon最新版接管了所有的IE关联，但是弹出窗口不在Maxthon中显示，而是自己的一个窗体（只有关闭按钮），不知道是不是和Maxthon有关。

搜索了一下论坛里的帖子，没有发现同样的情况，下面附上我的HijackThis分析的log
Logfile of HijackThis v1.99.0
Scan saved at 08:43:49 上午, on 2005-10-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
D:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Yahoo!\MiniMsgr\YMiniSvr.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\SnowFox\DesktopSprite2\DesktopSprite.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Maxthon\Maxthon.exe
E:\TC651\totalcmd\Totalcmd.exe
C:\ZRM2000\ZRW32.EXE
D:\Program Files\Thunder Network\Thunder\Thunder.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis\HijackThis.exe

O1 - Hosts: 0:0:0:0:0:0:0:0 localhost
O1 - Hosts: fec0::1:209:6bff:fee2:2ab2 qjj.testlab.dlsp.com
O1 - Hosts: fe80::20d:60ff:fe33:a624 g6.testlab.dlsp.com
O1 - Hosts: http://mysms.9158.com/ 127.0.0.1
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - D:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MEobjectSDT - {D4D5C535-BA95-4327-870D-A33826FDD17A} - C:\WINDOWS\system32\obwbkya.dll
O2 - BHO: YMIN IEBand - {D4F7605B-084D-4353-A1E1-C1BC3161938C} - C:\PROGRA~1\Yahoo!\MiniMsgr\ymini.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O3 - Toolbar: Net Snippets - {67970B26-F57D-4455-8262-81C3AE3B8B5E} - C:\PROGRA~1\NETSNI~1\NetSnip.dll
O3 - Toolbar: 完美网译通 - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll
O3 - Toolbar: CyberArticle Express - {769A6A36-ED24-4376-BC7C-80225BF35698} - d:\Program Files\CyberArticle\CAExp.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [KAVPersonal50] "d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [MessengerPlus3] "d:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [MiniMsgr] C:\PROGRA~1\Yahoo!\MiniMsgr\YMiniSvr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "d:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [DesktopSprite] D:\Program Files\SnowFox\DesktopSprite2\DesktopSprite.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Yahoo! Search - file:///d:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: &使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: Add to Net Snippets - C:\PROGRA~1\NETSNI~1\Res\Clipper.htm
O8 - Extra context menu item: Edit with Altova X&MLSpy - D:\Program Files\Altova\XMLSpy2005\spy.htm
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Google 搜索(&G) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///d:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///d:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 保存: 完整网页... - d:\Program Files\CyberArticle\script\Save.htm
O8 - Extra context menu item: 保存: 更多保存内容... - d:\Program Files\CyberArticle\script\SaveAuto.htm
O8 - Extra context menu item: 反向链接 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到 Net Snippets - D:\PROGRA~1\NETSNI~1\Res\Clipper.htm
O8 - Extra context menu item: 添加到广告猎手 - D:\Program Files\Maxthon\config/blacklist.htm
O8 - Extra context menu item: 类似网页 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: 缓存的网页快照 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: 翻译英文字词(&T) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - D:\Program Files\Altova\XMLSpy2005\spy.htm
O9 - Extra 'Tools' menuitem: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - D:\Program Files\Altova\XMLSpy2005\spy.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Snippets - {7130DF06-BBC1-4e16-83D4-1F875E65B695} - C:\PROGRA~1\NETSNI~1\NetSnip.dll
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: 雅虎邮箱通 - {D1B76CE4-CCCA-4B22-9ECB-09F85C140904} - yminimsgr:ClickIEBT (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Program Files\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Program Files\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B234C268-A755-49A1-8A52-C8408A99AD7C} (WebDraw Class) - http://dlmms.ndrcms.edu.cn/L0202/512/html/webutil.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2A5278A2-B2A2-464A-ACFB-F287DF337F65}: NameServer = 192.168.67.1,202.106.0.120,202.96.69.38,202.96.64.68,202.96.75.68,202.96.75.64,202.106.196.115,202.96.86.18,202.96.86.24,202.96.119.113,202.96.128.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{2A5278A2-B2A2-464A-ACFB-F287DF337F65}: NameServer = 192.168.67.1,202.106.0.120,202.96.69.38,202.96.64.68,202.96.75.68,202.96.75.64,202.106.196.115,202.96.86.18,202.96.86.24,202.96.119.113,202.96.128.68
O17 - HKLM\System\CS2\Services\Tcpip\..\{2A5278A2-B2A2-464A-ACFB-F287DF337F65}: NameServer = 192.168.67.1,202.106.0.120,202.96.69.38,202.96.64.68,202.96.75.68,202.96.75.64,202.106.196.115,202.96.86.18,202.96.86.24,202.96.119.113,202.96.128.68
O18 - Protocol: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\system32\mbprot.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: kavsvc - Kaspersky Lab - d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: mst Defrag - mst software, Martin Stiemerling, Germany - C:\Program Files\mst software\mst Defrag\mstDfrgS.exe
O23 - Service: Intel(R) NMS - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing)
O23 - Service: SDAgent Service - 北京兴华基业软件技术有限公司 - C:\Program Files\Common Files\smartde\sde.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

SDAgent初步感觉好像和SDAgent这个service有关，请各位达人指点迷津。
另外好像还有个现象也许也和这个有关：
有的时候Maxthon的超级拖拽就不好使了，这时候搜索任何的字符都会自动链接到http://www.265.com/

【回复“差不离儿”的帖子】



关闭所有不必要的窗口，使用HijackThis扫描后修复（在需要修复的项目前面打对勾，然后按“Fix checked”或“修复”，修复前会询问您是否需要备份，请选择“Yes”或“是”）：
O1 - Hosts: 0:0:0:0:0:0:0:0 localhost
O1 - Hosts: fec0::1:209:6bff:fee2:2ab2 qjj.testlab.dlsp.com
O1 - Hosts: fe80::20d:60ff:fe33:a624 g6.testlab.dlsp.com
O1 - Hosts: http://mysms.9158.com/ 127.0.0.1
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll（这项不认识，请确认下）
O2 - BHO: MEobjectSDT - {D4D5C535-BA95-4327-870D-A33826FDD17A} - C:\WINDOWS\system32\obwbkya.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll（这项不认识，请确认下）
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll（这项不认识，请确认下）
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll（这项不认识，请确认下）
O3 - Toolbar: 完美网译通 - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O18 - Protocol: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\system32\mbprot.dll
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing)
O23 - Service: SDAgent Service - 北京兴华基业软件技术有限公司 - C:\Program Files\Common Files\smartde\sde.exe
显示隐藏文件和系统文件，删除（如果存在的话）：
C:\Program Files\Common Files\smartde文件夹
C:\WINDOWS\system32\mbprot.dll
C:\WINDOWS\WORLD2文件夹
C:\WINDOWS\system32\obwbkya.dll
待修复完成，如果问题依旧，请附上新的在安全模式下扫描的HijackThis扫描日志。
以上建议仅供参考，如果您认识其中的一些设置抑或是您的手动设置，就不必执行。

谢谢天使之剑大侠的及时援助，按照你的建议进行了修复，暂时还没有发现有弹出窗口出现，谢谢