¡¾ÇóÖú¡¿ÎªÊ²Ã´ÎÒÒ»¿ª»ú¾ÍÓÐIEXPLORE.exe!ÎÒû¿ªIE°¡£¡
ÈÕÆÚ£º2007-04-12 ¼ö£º
ΪʲôÎÒÒ»¿ª»ú¾ÍÓÐIEXPLORE.exe!ÎÒû¿ªIE°¡£¡¡¡
¡¡
ÎÒ¿ªIEºóÓÐÒ»¸öÏàͬµÄ½ø³Ì³öÏÖ£¡²»¹ýÓû§Ãû²»Í¬Å¶£¡¡¡
¡¡
Ìù³öÎҵĽø³Ì£º¡¡
¡¡
¡¡
ÎÒµÄhijackthis.log¡¡
HijackThis_zwwºº»¯°æɨÃèÈÕÖ¾ V1.99.1¡¡
±£´æÓÚ ¡¡ ¡¡ 23:34:28, ÈÕÆÚ 2005-10-18¡¡
²Ù×÷ϵͳ£º Windows XP SP2 (WinNT 5.01.2600)¡¡
ä¯ÀÀÆ÷£º ¡¡ Internet Explorer v6.00 SP2 (6.00.2900.2180)¡¡
µ±Ç°ÔËÐеĽø³Ì£º ¡¡ ¡¡ ¡¡ ¡¡
C:\WINDOWS\System32\smss.exe¡¡
C:\WINDOWS\system32\winlogon.exe¡¡
C:\WINDOWS\system32\services.exe¡¡
C:\WINDOWS\system32\lsass.exe¡¡
C:\WINDOWS\system32\Ati2evxx.exe¡¡
C:\WINDOWS\system32\svchost.exe¡¡
C:\WINDOWS\System32\svchost.exe¡¡
C:\WINDOWS\system32\spoolsv.exe¡¡
C:\WINDOWS\system32\Ati2evxx.exe¡¡
C:\WINDOWS\Explorer.EXE¡¡
C:\WINDOWS\SOUNDMAN.EXE¡¡
D:\Program Files\SkyNet\FireWall\PFW.exe¡¡
C:\Program Files\KV2005\KVMonXP.kxp¡¡
C:\Program Files\wsearch\Search.exe¡¡
C:\WINDOWS\system32\internat.exe¡¡
D:\Program Files\volumouse\volumouse.exe¡¡
C:\PROGRA~1\KV2005\KVSrvXP.exe¡¡
C:\Program Files\KV2005\kvwsc.exe¡¡
C:\WINDOWS\system32\svchost.exe¡¡
C:\Program Files\UPHClean\uphclean.exe¡¡
C:\Program Files\Internet Explorer\IEXPLORE.EXE¡¡
D:\Program Files\HijackThis1991ºº»¯°æ\HijackThis1991zww.exe¡¡
C:\WINDOWS\system32\taskmgr.exe¡¡
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll¡¡
O2 - BHO: (no name) - {1272F701-349D-4DB3-BBCD-10CBDCD049FE} - (no file)¡¡
O2 - BHO: NaviHelperObj Class - {3E422F49-1566-40D3-B43D-077EF739AC32} - C:\WINDOWS\system32\NaviHelper.dll (file missing)¡¡
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - d:\Program Files\Tencent\qq\QQIEHelper.dll¡¡
O2 - BHO: Router Layer - {5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} - C:\WINDOWS\System32\aclayer.dll (file missing)¡¡
O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - (no file)¡¡
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\Program Files\KV2005\KvShell.dll¡¡
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll¡¡
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - D:\PROGRA~1\KuGoo3\KUGOO3~1.OCX¡¡
O3 - IE¹¤¾ßÀ¸ÔöÏî: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll¡¡
O3 - IE¹¤¾ßÀ¸ÔöÏî: (no name) - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - (no file)¡¡
O3 - IE¹¤¾ßÀ¸ÔöÏî: ½Ãñɱ¶¾¹¤¾ßÀ¸ - {B5A34A93-D538-43A7-8371-864CB6148D12} - C:\Program Files\KV2005\KvShell.dll¡¡
O4 - Æô¶¯ÏîHKLM\\Run: [IMJPMIG8.1] £¢C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE£¢ /Spoil /RemAdvDef /Migration32¡¡
O4 - Æô¶¯ÏîHKLM\\Run: [SoundMan] SOUNDMAN.EXE¡¡
O4 - Æô¶¯ÏîHKLM\\Run: [SKYNET Personal FireWall] D:\Program Files\SkyNet\FireWall\PFW.exe¡¡
O4 - Æô¶¯ÏîHKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC¡¡
O4 - Æô¶¯ÏîHKLM\\Run: [KvMonXP] £¢C:\Program Files\KV2005\KVMonXP.kxp£¢ /auto¡¡
O4 - Æô¶¯ÏîHKLM\\Run: [MoveSearch] C:\Program Files\wsearch\Search.exe¡¡
O4 - HKCU\..\Run: [internat.exe] internat.exe¡¡
O4 - HKCU\..\Run: [$Volumouse$] £¢D:\Program Files\volumouse\volumouse.exe£¢ /nodlg¡¡
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present¡¡
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: £¦Ê¹ÓÃѸÀ×ÏÂÔØ - d:\Program Files\Thunder Network\Thunder\geturl.htm¡¡
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ʹÓÃÍø¼Ê¿ì³µÏÂÔØ - d:\Program Files\FlashGet\jc_link.htm¡¡
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ʹÓÃÍø¼Ê¿ì³µÏÂÔØÈ«²¿Á´½Ó - d:\Program Files\FlashGet\jc_all.htm¡¡
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ΢Èí - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.microsoft.com/china/index.htm (file missing)¡¡
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\QQ2005\QQ.EXE (file missing)¡¡
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: ÌÚѶQQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\QQ2005\QQ.EXE (file missing)¡¡
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe¡¡
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: £¦FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe¡¡
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\qq\QQIEHelper.dll¡¡
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: QQìŲʹ¤¾ßÌõÉèÖà - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\qq\QQIEHelper.dll¡¡
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe¡¡
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe¡¡
O10 - δ֪µÄÎļþÔÚ Winsock LSP: c:\windows\system32\kvwspxp.dll¡¡
O10 - δ֪µÄÎļþÔÚ Winsock LSP: c:\windows\system32\kvwspxp.dll¡¡
O10 - δ֪µÄÎļþÔÚ Winsock LSP: c:\windows\system32\kvwspxp.dll¡¡
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://tv.5460.net/plugin/PowerPlr.ocx¡¡
O20 - AppInit_DLLs: APIHookDll.dll¡¡
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\WINDOWS\system32\iprepair.dll¡¡
O23 - NT ·þÎñ: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe¡¡
O23 - NT ·þÎñ: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe¡¡
O23 - NT ·þÎñ: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe¡¡
O23 - NT ·þÎñ: kavsvc - Kaspersky Lab - d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe¡¡
O23 - NT ·þÎñ: KVSrvXP - JiangMin New Tech Ltd. - C:\PROGRA~1\KV2005\KVSrvXP.exe¡¡
O23 - NT ·þÎñ: KVWSC - Jiangmin Co.Ltd - C:\Program Files\KV2005\kvwsc.exe¡¡
O23 - NT ·þÎñ: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe¡¡
O23 - NT ·þÎñ: Web Themes - Unknown owner - C:\WINDOWS\Themes.exe
±êÇ©£º