»úÆ÷¹·²¡¶¾£¬ÎҵĻúÆ÷Öв¡¶¾ÁË£¬¾È£¬

ÎҵĻúÆ÷Öв¡¶¾ÁË£¬¾È£¬ - ¹ÊÕϽâ´ð - µçÄԽ̳ÌÍø
Õ¾µãµ¼º½
Ïà¹ØÁ´½Ó

ÎҵĻúÆ÷Öв¡¶¾ÁË£¬¾È£¬

ÈÕÆÚ£º2007-06-18   ¼ö£º
.Cbw370 ¸÷룬ºÜÆæ¹Ö£¬ÎÒÖØװϵͳµÄʱºòÒѾ­°ÑËùÓÐÅÌ·ûÈ«²¿¸ñʽ»¯ÁË£¬¶øÇÒÔÚ×°Íø¿¨Çý¶¯Ö®Ç°ÒѾ­×°ºÃÁËɱ¶¾Èí¼þ£¬µ«ÊÇÔÚװһЩӦÓóÌÐòµÄ¹ý³ÌÖоͷ¢ÏÖÓв¡¶¾£¬¶øÇÒºÜÀ÷º¦Å¶£®²»ÖªµÀÔõô¸ã¶¨£¬Çë´ó¼Ò°ïæ°¡¡¡Ð»Ð»£¡×¢¡¡ÎÒÓõÄÊÇÒƶ¯Ó²ÅÌ×°Ó¦ÓóÌÐò£¬Óв¡¶¾µÄÔ­Òò¿ÉÄÜÊÇËü´øÀ´µÄ£¬µ«ÊÇÎÒÔÚÓÃ֮ǰÒѾ­ÌرðÔÚÆäËûµçÄÔÉÏÃæÓÃɱ¶¾Èí¼þ²éɱ¹ýµÄ£¬¶øÇÒËûÔÚÆäËûµçÄÔÉÏÃæûÓгöÏÖÈκÎÎÊÌâµÄŶ£¡Çë´ó¼Ò°ïÎÒ¿´¿´£¬ÈÕÖ¾Îļþ£º HijackThis_815ºº»¯°æɨÃèÈÕÖ¾ V1.99.1 ±£´æÓÚ¡¡ ¡¡ ¡¡13:36:01, ÈÕÆÚ 2007-1-3 ²Ù×÷ϵͳ£º¡¡Windows XP SP2 (WinNT 5.01.2600) ä¯ÀÀÆ÷£º¡¡ ¡¡ Internet Explorer v6.00 SP2 (6.00.2900.2180) µ±Ç°ÔËÐеĽø³Ì£º¡¡ ¡¡ ¡¡ ¡¡ C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\program files\internet explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\conime.exe H:\ɱ¶¾\HijackThisºº»ª°æ\123.com F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,rundll32.exe C:\WINDOWS\system32\winsys16_061231.dll start O1 - Hosts: 202.109.114.142 survey88.allyes.com O1 - Hosts: 202.109.114.142 adtaobao.allyes.com O1 - Hosts: 202.109.114.142 smarttaobao.allyes.com O1 - Hosts: 202.109.114.142 code.qihoo.com O1 - Hosts: 202.109.114.142 union.mop.com O1 - Hosts: 202.109.114.142 js.kkunion.com O1 - Hosts: 202.109.114.142 v.kkunion.com O1 - Hosts: 202.109.114.142 v.21cn.com O1 - Hosts: 202.109.114.142 iplusms.allyes.com O1 - Hosts: 202.109.114.142 mms.t2t2.com O1 - Hosts: 202.109.114.142 ivr.dobig.net O1 - Hosts: 202.109.114.142 www.u8u.com O1 - Hosts: 202.109.114.142 u.u8u.com O1 - Hosts: 202.109.114.142 img.zhangxiu.com O1 - Hosts: 202.109.114.142 tl.linktone.com , O1 - Hosts: 202.109.114.142 channel.e78.com O1 - Hosts: 202.109.114.142 u.7town.com O1 - Hosts: 202.109.114.142 union.95ol.com.cn O1 - Hosts: 202.109.114.142 mms1.95ol.com.cn O1 - Hosts: 202.109.114.142 mfs.95ol.com.cn O1 - Hosts: 202.109.114.142 tl.a8.com O1 - Hosts: 202.109.114.142 ad01.a8.com O1 - Hosts: 202.109.114.142 u2.caiku.com O1 - Hosts: 202.109.114.142 mms.caiku.com O1 - Hosts: 202.109.114.142 code1.caiku.com O1 - Hosts: 202.109.114.142 pub.lele.com O1 - Hosts: 202.109.114.142 u.lele.com O1 - Hosts: 202.109.114.142 7town.com O1 - Hosts: 202.109.114.142 tvsend.7town.com O1 - Hosts: 202.109.114.142 ivrsend.7town.com O1 - Hosts: 202.109.114.142 tlt.7town.com O1 - Hosts: 202.109.114.142 gsend.7town.com O1 - Hosts: 202.109.114.142 smssend.7town.com O1 - Hosts: 202.109.114.142 mmssend.moyu.com O1 - Hosts: 202.109.114.142 91ivr.com O1 - Hosts: 202.109.114.142 myad.91ivr.com O1 - Hosts: 202.109.114.142 u.91ivr.com O1 - Hosts: 202.109.114.142 union.91ivr.com O1 - Hosts: 203.191.146.205 corep.dmcast.com O1 - Hosts: 203.191.146.205 m081.dmcast.com O1 - Hosts: 203.191.146.205 dcww.dmcast.com O1 - Hosts: 203.191.146.205 renren.dmcast.com O1 - Hosts: 203.191.146.205 files.henbang.net O1 - Hosts: 203.191.146.205 bannerbox.cn O1 - Hosts: 203.191.146.205 www.bannerbox.cn O1 - Hosts: 203.191.146.205 action.coopen.cn O1 - Hosts: 203.191.146.205 u4.sky99.cn O1 - Hosts: 203.191.146.205 u1.sky99.cn O1 - Hosts: 203.191.146.205 u2.sky99.cn O1 - Hosts: 203.191.146.205 u3.sky99.cn O1 - Hosts: 203.191.146.205 sky99.cn O1 - Hosts: 203.191.146.205 u.sky99.cn O1 - Hosts: 203.191.146.205 u.ete.cn O1 - Hosts: 203.191.146.205 ip.alexaanywhere.com O1 - Hosts: 203.191.146.205 www.365tan.com (www.dngz.net) O1 - Hosts: 203.191.146.205 www.winopen.cn O1 - Hosts: 203.191.146.205 www.tanip.com O1 - Hosts: 203.191.146.205 alexaanywhere.com O1 - Hosts: 203.191.146.205 jssb.alexaanywhere.com O1 - Hosts: 203.191.146.205 ns250.alexaanywhere.com O1 - Hosts: 203.191.146.205 sb.alexaanywhere.com O1 - Hosts: 203.191.146.205 ip.alexaanywhere.com O1 - Hosts: 203.191.146.205 pop.9v.cn O1 - Hosts: 203.191.146.205 xuni.myad.cn O1 - Hosts: 203.191.146.205 iebar.t2t2.com O1 - Hosts: 203.191.146.205 error.newcell.cn O1 - Hosts: 203.191.146.205 auto.search.msn.com O1 - Hosts: 203.191.146.205 cns.3721.com O1 - Hosts: 203.191.146.205 seek.3721.com O1 - Hosts: 203.191.146.205 name.cnnic.cn

O1 - Hosts: 203.191.146.205 toolsbar.kuaiso.com O1 - Hosts: 203.191.146.205 www.kuaiso.com O1 - Hosts: 203.191.146.205 kuaiso.com O1 - Hosts: 203.191.146.205 www.copyso.com O1 - Hosts: 203.191.146.205 union.copyso.com O1 - Hosts: 203.191.146.205 auto.search.msn.com O1 - Hosts: 203.191.146.205 ok.mop-hz.com O1 - Hosts: 203.191.146.205 www.ncast.cn O1 - Hosts: 203.191.146.205 www.ads3721.com O1 - Hosts: 203.191.146.205 360.ads3721.com O1 - Hosts: 203.191.146.205 www.maohehe.com O1 - Hosts: 203.191.146.205 www.5566.net O1 - Hosts: 203.191.146.205 5566.net O1 - Hosts: 203.191.146.205 www.gjj.cc O1 - Hosts: 203.191.146.205 gjj.cc O1 - Hosts: 203.191.146.205 www.9495.com O1 - Hosts: 203.191.146.205 9495.com O1 - Hosts: 203.191.146.205 my123.com O1 - Hosts: 203.191.146.205 www.my123.com O1 - Hosts: 203.191.146.205 7b.com.cn O1 - Hosts: 203.191.146.205 www.7b.com.cn O1 - Hosts: 203.191.146.205 www.3567.com O1 - Hosts: 203.191.146.205 3567.com O1 - Hosts: 203.191.146.205 www.37021.com O1 - Hosts: 203.191.146.205 37021.com (www.dngz.net)°æȨËùÓÐ O1 - Hosts: 203.191.146.205 www.haourl.com O1 - Hosts: 203.191.146.205 haourl.com O1 - Hosts: 203.191.146.205 www.37021.net O1 - Hosts: 203.191.146.205 37021.net O1 - Hosts: 203.191.146.205 www.4199.com O1 - Hosts: 203.191.146.205 4199.com O2 - BHO: IEMonitor Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\WINDOWS\system32\IESHEL~1.DLL O2 - BHO: (no name) - {0BE77EA2-CA1D-4324-9411-656F048DB802} - C:\WINDOWS\system32\mbefzrucsomivix.dll O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush0.dll O2 - BHO: ʵÓÃËÑË÷ - {6CFD436C-7AAD-4e50-992F-C0C87A94CAD2} - C:\Program Files\superutilbar\superutilbar.dll O2 - BHO: ljxg - {6FC85C72-0F25-45C1-BBE1-12F23FB6E558} - C:\PROGRA~1\COMMON~1\usdp\vwht.dll O2 - BHO: ZFLSZFLRYDKP - {C03BEB0B-B49B-4D9D-898E-DE9379316EB4} - C:\WINDOWS\system32\YELRYEKQWDIOV.DLL O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{3489B~1\Bar888.dll O2 - BHO: IEHlprObj Class - {DE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\POPNTS.DLL O2 - BHO: cnwin Class - {EC497BD8-460F-44F0-B2A4-8C2B2198035B} - C:\WINDOWS\system32\cnwin.dll O2 - BHO: (no name) - {F770522B-198D-4134-9D74-D30F41B3BA44} - C:\WINDOWS\system32\fptjgfypxryjd.dll O3 - IE¹¤¾ßÀ¸ÔöÏî: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{3489B~1\Bar888.dll O3 - IE¹¤¾ßÀ¸ÔöÏî: ʵÓÃËÑË÷¹¤¾ßÌõ2.0 - {03465FF5-00AE-411a-9C34-960ED566EC03} - C:\Program Files\superutilbar\superutilbar.dll O4 - Æô¶¯ÏîHKLM\\Run: [IMJPMIG8.1] £¢C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE£¢ /Spoil /RemAdvDef /Migration32 O4 - Æô¶¯ÏîHKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - Æô¶¯ÏîHKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - Æô¶¯ÏîHKLM\\Run: [ShStatEXE] £¢C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE£¢ /STANDALONE ~ O4 - Æô¶¯ÏîHKLM\\Run: [McAfeeUpdaterUI] £¢C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe£¢ /StartedFromRunKey O4 - Æô¶¯ÏîHKLM\\Run: [Network Associates Error Reporting Service] £¢C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe£¢ O4 - Æô¶¯ÏîHKLM\\Run: [SoundMan] SOUNDMAN.EXE O4 - Æô¶¯ÏîHKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - Æô¶¯ÏîHKLM\\Run: [IEBarUp] RunDll32 £¢C:\WINDOWS\system32\IeBar1.dll£¢,Run O4 - Æô¶¯ÏîHKLM\\Run: [System] C:\Program Files\Common Files\System\Updaterun.exe O4 - Æô¶¯ÏîHKLM\\Run: [] C:\WINDOWS\system32\Systemi.exe O4 - Æô¶¯ÏîHKLM\\Run: [wdfmgr32] C:\WINDOWS\system32\wdfmgr32.exe O4 - Æô¶¯ÏîHKLM\\Run: [Desktop] £¢C:\WINDOWS\system32\rundll32.exe£¢ £¢C:\WINDOWS\system32\NTService32.dll£¢,Run O4 - Æô¶¯ÏîHKLM\\Run: [4m] rundll32.exe C:\WINDOWS\qvmqqbh74.dll _start@16 O4 - Æô¶¯ÏîHKLM\\RunOnce: [obaxe] %systemroot%\system32\Rundll32.exe %systemroot%\system32\obaxe.dll,DllUnregisterServer O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updatereal] C:\WINDOWS\realupdate.exe other O4 - HKCU\..\Run: [winsamps] C:\WINDOWS\winamps.exe O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: µ¼³öµ½ Microsoft Office Excel(£¦X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ÐÅÏ¢¼ìË÷ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: ScCardLogn - C:\WINDOWS\ScNotify.dll O23 - NT ·þÎñ: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - NT ·þÎñ: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe dngz.netÄúµÄµçÄÔÒ½Éú O23 - NT ·þÎñ: CMServerToXPM (CMServerToXP) - Unknown owner - C:\Windows\system32\ZFLSYFLRXDJPV.EXE O23 - NT ·þÎñ: McAfee Framework ·þÎñ (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - NT ·þÎñ: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - NT ·þÎñ: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - NT ·þÎñ: uuu.eeewl.com - Unknown owner - C:\WINDOWS\system32\nsvce32.exe O23 - NT ·þÎñ: Windows NT Service32 - Unknown owner - C:\WINDOWS\system32\rundll32.exe£¢ £¢C:\WINDOWS\system32\NTService32.dll£¢,Start (file missing) ¡¡

ÁíÍ⣬Çë´ó¼Ò°ïÎÒ¿´¿´£¬ÎÒÕâµ½µ×ÖеÄÊÇʲô²¡¶¾£¬Ó¦¸ÃÓÃʲô¶«Î÷ɱѽ¡¡£¡¸÷λǰ±²¾È¼±°¡£¬Ôڵȴð¸´Å¶£¬Íò·Ö¸Ðл£¡£±

¶àл´ó¼Ò£¬¸Õ²ÅÖØ×°ÁËһϣ¬ÎÒÏÈÊÔÊÔ¿´¿´

ÄãÖÐÁËN¶àÁ÷Ã¥Èí¼þ:D :D

±êÇ©£º

Powered by µçÄԽ̳ÌÍø © 2004-2015 pc.ximizi.com Inc.