ÕâÊÇÏÖÔÚ¼ì²âµÄ£¬ÒѾÐÞ¸´¹ýÁË£¬¿´¿´»¹ÓÐʲôÎÊÌâû£¿
Logfile of HijackThis v1.99.1
Scan saved at 16:14:26, on 2006-7-12
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\KV2006\KVSrvXP.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\Rundll32.exe
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\WINNT\system32\rundll32.exe
C:\PROGRA~1\SkyNet\Firewall\pfw.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\KV2006\KVMonXP.kxp
C:\WINNT\system32\ctfmon.exe
C:\Program Files\KV2006\TrojDie.kxp
C:\Program Files\KV2006\KRegEx.exe
C:\Program Files\KV2006\UIHost.exe
E:\À×ÓêêÍ\·½°¸\GG\jl.exe
E:\À×ÓêêÍ\·½°¸\jx\jx\jx\game.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
D:\ha_hijackthis_1991\HijackThis.exe
R3 - URLSearchHook: bho Class - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll
O2 - BHO: Yahoo!Photo - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll
O2 - BHO: ÑÅ»¢ÖúÊÖ - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\Program Files\KV2006\KvShell.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINNT\downlo~1\CnsHook.dll
O3 - Toolbar: @msdxmLC.dll,-1@2052,µç̨(£¦R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: ÑÅ»¢ÖúÊÖ - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: ½Ãñɱ¶¾¹¤¾ßÀ¸ - {B5A34A93-D538-43A7-8371-864CB6148D12} - C:\Program Files\KV2006\KvShell.dll
O4 - HKLM\..\Run: [Synchronization Manager> mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray> C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds> C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP> C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX> £¢C:\Program Files\Analog Devices\SoundMAX\Smax4.exe£¢ /tray
O4 - HKLM\..\Run: [HP Component Manager> £¢C:\Program Files\HP\hpcoretech\hpcmpmgr.exe£¢
O4 - HKLM\..\Run: [HP Software Update> £¢C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe£¢
O4 - HKLM\..\Run: [YLive.exe> C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse> £¢C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe£¢
O4 - HKLM\..\Run: [CnsMin> Rundll32.exe C:\WINNT\downlo~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [IMSCMig> C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [helper.dll> C:\WINNT\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [SKYNET Personal FireWall> C:\PROGRA~1\SkyNet\Firewall\pfw.exe
O4 - HKLM\..\Run: [TkBellExe> £¢C:\Program Files\Common Files\Real\Update_OB\realsched.exe£¢¡¡¡¡-osboot
O4 - HKLM\..\Run: [KvMonXP> £¢C:\Program Files\KV2006\KVMonXP.kxp£¢ /auto
O4 - HKLM\..\RunServices: [ÿ_zskhscuj>nv`cskyqnxniwmdksz_> c:\winnt\system32\_zskdmwinxnqyksc`vn>jucsh.exe
O4 - HKCU\..\Run: [KvXP> £¢C:\Program Files\KV2006\KvXP.kxp£¢ /ScanBoot
O4 - HKCU\..\Run: [ctfmon.exe> ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: ÉÏ´«µ½QQÍøÂçÓ²ÅÌ - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: ʹÓÃÍø¼Ê¿ì³µÏÂÔØ - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: ʹÓÃÍø¼Ê¿ì³µÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Ìí¼Óµ½QQ×Ô¶¨ÒåÃæ°å - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: Ìí¼Óµ½QQ±íÇé - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: Ìí¼Óµ½ÑÅ»¢¶©ÔÄ(£¦Y) - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT
O8 - Extra context menu item: ÓÃQQ²ÊÐÅ·¢Ë͸ÃͼƬ - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: ÑÅ»¢ËÑË÷ - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java ¿ØÖÆ̨ - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra button: Yahoo 1GµçÓÊ - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - (file missing)
O9 - Extra button: Ñ°±¦ÀÖȤ¶à - {59BC54A2-56B3-44a0-93E5-432D58746E26} - (file missing)
O9 - Extra button: ÑÅ»¢ÖúÊÖ - {5D73EE86-05F1-49ed-B850-E423120EC338} - (file missing)
O9 - Extra button: Çé¾°ÁÄÌì - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - (file missing)
O9 - Extra 'Tools' menuitem: ÐÞ¸´ä¯ÀÀÆ÷ - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - (file missing)
O9 - Extra 'Tools' menuitem: ÇåÀíÉÏÍø¼Ç¼ - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - (file missing)
O11 - Options group: [!CNS>¡¡¡¡ÍøÂçʵÃû
O17 - HKLM\System\CCS\Services\Tcpip\..\{13F0D7C1-DFB8-4B66-834E-31306D1376D1}: NameServer = 202.103.0.117,202.103.24.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{13F0D7C1-DFB8-4B66-834E-31306D1376D1}: NameServer = 202.103.0.117,202.103.24.68
O17 - HKLM\System\CS2\Services\Tcpip\..\{13F0D7C1-DFB8-4B66-834E-31306D1376D1}: NameServer = 202.103.0.117,202.103.24.68
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: KVSrvXP - Jiangmin Co. Ltd - C:\Program Files\KV2006\KVSrvXP.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
ллָ½Ì¿©
×òÌìÀË×Ó¸øÎÒ¿´Á˺óÎÒ¶ÔËû˵µÄ¼¸Ïî½øÐÐÁË´¦Àí£¬ÕâÊǽñÌìÎÒɨÃèµÄ£¬ÕâÀïлл¸÷λÀÏ´óÁË
Âó×ÓÒ²¹ýÀ´¿´¿´£¬ÄãµÄ¶«Î÷ºÃ¶àѽ
ºÇºÇ
O4 - HKLM\..\RunServices: [ÿ_zskhscuj>nv`cskyqnxniwmdksz_> c:\winnt\system32\_zskdmwinxnqyksc`vn>jucsh.exe
ÕâÏÊÇûÓÐÇåÀíµô¡£¡£
R3 - URLSearchHook: bho Class - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll
ÐÞ¸´£¬É¾³ý
ÔÌûÓÉ ÍøÂçvsÀË×Ó ÓÚ 2006-7-12 18:39 ·¢±í
O4 - HKLM\..\RunServices: nv`cskyqnxniwmdksz_> c:\winnt\system32\_zskdmwinxnqyksc`vn>jucsh.exe
ÕâÏÊÇûÓÐÇåÀíµô¡£¡£
R3 - URLSearchHook: bho Class - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\P ...
ÕâÏîÎÒÔõôҲÇå²»µôѽ£¿£¿ÔÚ°²È«×´Ì¬ÎÒ¾ÍÕÒ²»µ½Õâ¸ö½ø³Ì
ÐÞ¸´ºó£¬ÖØÆô£¬²éÕÒÎļþɾ³ý
ÓÃʲô¹¤¾ß¿ÉÒÔ¶¨Î»²éÕÒ£¿ÎÒÔÚĿ¼Àï²é¸ù±¾ÕÒ²»µ½Ñ½
ÔÌûÓÉ jxby068298 ÓÚ 2006-7-13 09:47 ·¢±í
ÓÃʲô¹¤¾ß¿ÉÒÔ¶¨Î»²éÕÒ£¿ÎÒÔÚĿ¼Àï²é¸ù±¾ÕÒ²»µ½Ñ½
Ôõô¶¨Î»Îļþѽ£¿
»Ø¸´£ºÔõô¶¨Î»Îļþѽ£¿
ÓÃɨÃ豨¸æÏÔʾµÄ·¾¶£¬¸´ÖƵ½É¾³ý¹¤¾ß killboxºº»¯°æÀïÃæ¡£
ÔÌûÓÉ ºìÌÒjacker ÓÚ 2006-7-13 16:48 ·¢±í
»Ø¸´£ºÔõô¶¨Î»Îļþѽ£¿
ÓÃɨÃ豨¸æÏÔʾµÄ·¾¶£¬¸´ÖƵ½É¾³ý¹¤¾ß killboxºº»¯°æÀïÃæ¡£
ÎÒÊÇÕâÑù£¬ÓõÄÖØÆôɾ³ý£¬µ«ÊǹýºóɨÃ軹ÊÇ·¢ÏÖÕâ¸öÎļþ´æÔÚ
ÔÚ°²È«Ä£Ê½ÏÂɨÃèÓÖɨÃè²»³öÀ´
½¨ÒéÖØз¢Ò»¸ö±¨¸æ£¬¾ÍÔÚ±¾ÌùÀïÃæ»Ø¸´£¬ÇëÎðÖØпªÐÂÌû×Ó£¬///²¡¶¾Ä¾Âí°æÃæÓÐÏÞ
Logfile of HijackThis v1.99.1
Scan saved at 11:57:11, on 2006-7-14
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\KV2006\KVSrvXP.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\Rundll32.exe
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\WINNT\system32\rundll32.exe
C:\PROGRA~1\SkyNet\Firewall\pfw.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\KV2006\KVMonXP.kxp
C:\WINNT\system32\ctfmon.exe
C:\Program Files\KV2006\TrojDie.kxp
C:\Program Files\KV2006\KRegEx.exe
C:\Program Files\KV2006\UIHost.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\ha_hijackthis_1991\HijackThis.exe
R3 - URLSearchHook: bho Class - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll
O2 - BHO: Yahoo!Photo - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll
O2 - BHO: ÑÅ»¢ÖúÊÖ - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\Program Files\KV2006\KvShell.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINNT\downlo~1\CnsHook.dll
O3 - Toolbar: @msdxmLC.dll,-1@2052,µç̨(£¦R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: ÑÅ»¢ÖúÊÖ - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: ½Ãñɱ¶¾¹¤¾ßÀ¸ - {B5A34A93-D538-43A7-8371-864CB6148D12} - C:\Program Files\KV2006\KvShell.dll
O4 - HKLM\..\Run: [Synchronization Manager> mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray> C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds> C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP> C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX> £¢C:\Program Files\Analog Devices\SoundMAX\Smax4.exe£¢ /tray
O4 - HKLM\..\Run: [HP Component Manager> £¢C:\Program Files\HP\hpcoretech\hpcmpmgr.exe£¢
O4 - HKLM\..\Run: [HP Software Update> £¢C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe£¢
O4 - HKLM\..\Run: [YLive.exe> C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse> £¢C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe£¢
O4 - HKLM\..\Run: [CnsMin> Rundll32.exe C:\WINNT\downlo~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [IMSCMig> C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [helper.dll> C:\WINNT\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [SKYNET Personal FireWall> C:\PROGRA~1\SkyNet\Firewall\pfw.exe
O4 - HKLM\..\Run: [TkBellExe> £¢C:\Program Files\Common Files\Real\Update_OB\realsched.exe£¢¡¡¡¡-osboot
O4 - HKLM\..\Run: [KvMonXP> £¢C:\Program Files\KV2006\KVMonXP.kxp£¢ /auto
O4 - HKLM\..\RunServices: [ÿ_zskhscuj>nv`cskyqnxniwmdksz_> c:\winnt\system32\_zskdmwinxnqyksc`vn>jucsh.exe
O4 - HKCU\..\Run: [KvXP> £¢C:\Program Files\KV2006\KvXP.kxp£¢ /ScanBoot
O4 - HKCU\..\Run: [ctfmon.exe> ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: ÉÏ´«µ½QQÍøÂçÓ²ÅÌ - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: ʹÓÃÍø¼Ê¿ì³µÏÂÔØ - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: ʹÓÃÍø¼Ê¿ì³µÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Ìí¼Óµ½QQ×Ô¶¨ÒåÃæ°å - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: Ìí¼Óµ½QQ±íÇé - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: Ìí¼Óµ½ÑÅ»¢¶©ÔÄ(£¦Y) - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT
O8 - Extra context menu item: ÓÃQQ²ÊÐÅ·¢Ë͸ÃͼƬ - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: ÑÅ»¢ËÑË÷ - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java ¿ØÖÆ̨ - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra button: Yahoo 1GµçÓÊ - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - (file missing)
O9 - Extra button: Ñ°±¦ÀÖȤ¶à - {59BC54A2-56B3-44a0-93E5-432D58746E26} - (file missing)
O9 - Extra button: ÑÅ»¢ÖúÊÖ - {5D73EE86-05F1-49ed-B850-E423120EC338} - (file missing)
O9 - Extra button: Çé¾°ÁÄÌì - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - (file missing)
O9 - Extra 'Tools' menuitem: ÐÞ¸´ä¯ÀÀÆ÷ - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - (file missing)
O9 - Extra 'Tools' menuitem: ÇåÀíÉÏÍø¼Ç¼ - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - (file missing)
O11 - Options group: [!CNS>¡¡¡¡ÍøÂçʵÃû
O17 - HKLM\System\CCS\Services\Tcpip\..\{13F0D7C1-DFB8-4B66-834E-31306D1376D1}: NameServer = 202.103.0.117,202.103.24.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{13F0D7C1-DFB8-4B66-834E-31306D1376D1}: NameServer = 202.103.0.117,202.103.24.68
O17 - HKLM\System\CS2\Services\Tcpip\..\{13F0D7C1-DFB8-4B66-834E-31306D1376D1}: NameServer = 202.103.0.117,202.103.24.68
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: KVSrvXP - Jiangmin Co. Ltd - C:\Program Files\KV2006\KVSrvXP.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
ÕâÊÇÎÒ¸ÕɨÃèµÄ
O4 - HKLM\..\RunServices: [ÿ_zskhscuj>nv`cskyqnxniwmdksz_> c:\winnt\system32\_zskdmwinxnqyksc`vn>jucsh.exe
»¹ÔÚ
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
Ö±½ÓÐÞ¸´
жÔØÍøÂçʵÃû£¬3721 £¬ÑÅ»¢
ÐÞ¸´£¬Ç¿ÐÐɾ³ýÏÂÃædllÎļþ£º
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINNT\downlo~1\CnsHook.dll
O4 - HKLM\..\RunServices: [ÿ_zskhscuj>nv`cskyqnxniwmdksz_> c:\winnt\system32\_zskdmwinxnqyksc`vn>jucsh.exe
Õâ¸ö¶«Î÷ÎÒÔÚ°²È«×´Ì¬ÏÂɾҲɾ²»µô£¬°´Â·¾¶²éÕÒÎļþÒ²ÕÒ²»µ½
ÀÏ´óÓÐûÓа취¶Ô¸¶Ëû£¿
killboxÊÔÊÔ¡£
ÄåÍáËÀÁË£ºÄÇЩÍøÂçʵÃû¡¢ÑÆ»¢£¬Áô×ÅËüÃǸÉʲô£¬¹âÓÐÕâЩ»úÆ÷Ò²ºÃ²»µ½ÄÄÈ¥£¡£¡»¹ÓÐÄÇô¶àµÄÆô¶¯Ï£¡£¡£¡
ÔÌûÓÉ ºìÌÒjacker ÓÚ 2006-7-14 20:13 ·¢±í
killboxÊÔÊÔ¡£
¾ÍÊÇÓÃKILLBOXɾ²»µô£¬°²È«×´Ì¬ÏÂҲɾ²»µô£¬ÖØÆôɾ³ýÒ²²»ÐÐ
»»±ùÈÐ IceSword
ok,ÎÒÊÔÊÔ |
|
ÉèΪÊ×Ò³
¼ÓÈëÊÕ²Ø
ÁªÏµÎÒÃÇ
´òÓ¡±¾ÎÄ¡¡
·µ»Ø¶¥²¿¡¡
¼ÓÈëÊղء¡
¹Ø±Õ´°¿Ú
