来帮我看一下吧
我“用户名和密码” 总是会多出来一个叫"shanlu"的用户,
我都删了N次了 ,过一阵还会出来 怎么样才能不让他再来我机器啊
还有就是我怀疑 他每次来我机器都会给我带来点东西
请帮我看一下 有没有什么可以的东西HijackThis_zww汉化版扫描日志 V1.99.1
保存于 下午 15:53:32, 日期 2006-9-27
操作系统: Windows 2000 SP4 (WinNT 5.00.2195)
浏览器: Internet Explorer v6.00 SP1 (6.00.2800.1106)
当前运行的进程:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\KAV2005\KWatch.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\SYSTEM32\RUNDLL32.EXE
C:\KAV2005\KPfwSvc.EXE
C:\PROGRA~1\MICROS~2\MSSQL\binn\sqlservr.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\KAV2005\KAVStart.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\system32\internat.exe
C:\KAV2005\KPFW32.EXE
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\ChinaNet\VnetClient.exe
C:\KAV2005\KMailMon.EXE
C:\Program Files\Internet Explorer\iexplore.exe
D:\JJ_TMS\jj_qtzy.exe
C:\WINNT\system32\calc.exe
C:\KAV2005\KAV32.EXE
C:\Program Files\Tencent\RTX\rtxc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\新建文件夹\文件夹\HijackThis1991汉化版\HijackThis1991zww.exe
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [KavStart] "C:\KAV2005\KAVStart.exe" -startup
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\RunServices: [Windows SSL Protocol] winsql.exe
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - HKCU\..\Run: [KavPFW] "C:\KAV2005\KPFW32.EXE"
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: 星空极速.lnk = C:\Program Files\ChinaNet\VnetClient.exe
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\新建文件夹\AC97\A1u660b\Allen\rebbit\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\新建文件夹\AC97\A1u660b\Allen\rebbit\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\新建文件夹\AC97\A1u660b\Allen\rebbit\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\新建文件夹\AC97\A1u660b\Allen\rebbit\SendMMS.htm
O11 - Options group: [CDNCLIENT] 中文上网
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1140838062460
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{22209A3A-F188-4DFA-BC57-F7B0A2832907}: NameServer = 61.177.7.1 221.228.255.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F0444C3-1EB0-4F48-B43A-23CD0A79E664}: NameServer = 10.1.0.21
O23 - NT 服务: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - C:\KAV2005\KPfwSvc.EXE
O23 - NT 服务: Kingsoft Antivirus KWatch Service (KWatchSvc) - Kingsoft Corporation - C:\KAV2005\KWatch.EXE
O23 - NT 服务: Windows Createddos (Windows Processdos) - Unknown owner - C:\WINNT\system32\dos.exe
