ÖÐÕÐÁË

[Õâ¸öÌù×Ó×îºóÓÉÐÀÌìÏÂÔÚ 2005/08/04 04:40pm µÚ 2 ´Î±à¼­]

Ö¢×´£º´ò¿ªÈκÎÒ»¸öÍøÒ³¶¼»á³öÏÖÒ»¸öÍøÕ¾µÄ¹ã¸æ(http://www.chaxun.com/img/ayqzl02.gif)¡£ÊÇËæ»úµÄ
ÓñùÈп´¹ý

×¢²á±írunϵÄɾÁË»¹ÓУ¬rundll32.exeɾÁË»¹³öÏÖ¡£
rundll32.exe Ñù±¾µØÖ·http://my.thysea.com/gaody/rundll32.exe
¸÷λ¸øµãÒâ¼û£¡

½øÐйýÇеØɱ¶¾Ã»

ÓиöÕâ¸ö²¡¶¾,²»Ïñ!
trot agent.op  c:\winnt \system32\meobjst.dll

Äã×°QQµÄʱºòÒ»Æð×°½øÈ¥µÄ.ÕâÊÇÖйú²©¿ÍµÄÁ÷Ã¥Èí¼þ

advapi32.exe.½â¾öÁË,ÖÕÓÚ²»ÌøÁË,¹ý»á°Ñ¹ý³ÌÕûÀí³öÀ´!!

vºÃÏñÊǺÍQQºÍ¹Ø!!NND TXÔ½À´Ô½²»Ïñ»°ÁË!

°¥£¡
û°ì·¨¡£¡£¡£
ÏÖÔڵĹ«Ë¾¶¼»á×öµãÁ÷Ã¥µÄ¶«Î÷À´Íµµã¶«Î÷¡£¡£¡£¡£¡£¡£

Ç¿ÁÒBSÖ®¡£¡£¡£¡£

[Õâ¸öÌù×Ó×îºóÓÉÂþÌìÓ£ÎèÔÚ 2005/08/07 08:33pm µÚ 1 ´Î±à¼­]

advapi32.exeÕâ¸öÎÒÖйýµÄ£¬ÊÇÖÖľÂí³¬¼¶Âé·³
½ø°²È«Ä£Ê½É¾³ý
  windows\backup\*.*
  windows\prefetch\advapi32*.*     avicap32*.*
  window\system32\MyIMLite\*.*
  windows\downloaded program files\0319\*.*
         ¿ªÊ¼ /ÔËÐÐ/   cmd /
          cd d
          del c:\advapi32.exe/s/a
           del c:\avicap32.exe/s/a
          del c:\MuSearch.dll/s/a
´ò¿ª×¢²á±í
£¬²éÕÒadvapi32.exe £¬ avicap32.exeºÍ  MuSearch.dll  È«²¿Çå³ý           
×îºóÇå³ýËùÓÐcookies,internetÁÙʱÎļþ

ÏÂÃæÒýÓÃÓÉwyjexplorerÔÚ 2005/08/05 12:57pm ·¢±íµÄÄÚÈÝ£º
Äã×°QQµÄʱºòÒ»Æð×°½øÈ¥µÄ.ÕâÊÇÖйú²©¿ÍµÄÁ÷Ã¥Èí¼þ

ÓÖÊÇÖйú²©¿ÍµÄÈí¼þ¡£¡£¡£¡£¡£

ÏÂÃæÒýÓÃÓÉÂþÌìÓ£ÎèÔÚ 2005/08/07 08:32pm ·¢±íµÄÄÚÈÝ£º
advapi32.exeÕâ¸öÎÒÖйýµÄ£¬ÊÇÖÖľÂí³¬¼¶Âé·³
½ø°²È«Ä£Ê½É¾³ý
  windows\backup\*.*
  windows\prefetch\advapi32*.*     avicap32*.*
...

2000ϾͲ»ÊÇÕâÑùɱµÄ... :em13:  :em13:

²©¿ÍÖйúµÄжÔØ·½·¨£º.¹Ø±ÕËùÓÐIE¡£
£ £ 
£ £ ¡¡¡¡.ʹÓÃÈÎÎñ¹ÜÀíÆ÷ɾ³ýBCUP.exe½ø³Ì¡£
£ £ 
£ £ ¡¡¡¡.´ò¿ªÔËÐУ¬Ö´ÐÐregsvr32-u c:\ϵͳĿ¼\BoCaiToolBar.dll
£ £ 
£ £ ¡¡¡¡.½øÈëϵͳĿ¼¡£
£ £ 
£ £ ¡¡¡¡£¨win2000:\\winnt\system32£©
£ £ 
£ £ ¡¡¡¡£¨win98£º\\windows\system£©
£ £ 
£ £ ¡¡¡¡.ɾ³ýBCUP.exe£¬É¾³ýBoCaiToolBall.DLL
£ £ 
£ £ ¡¡¡¡.´ò¿ª×¢²á±í±à¼­Æ÷
£ £ 
£ £ ¡¡¡¡É¾³ýHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BCUpdate
£ £ 
£ £ ¡¡¡¡.ɾ³ýHKEY_LOCAL_MACHINE\SOFTWARE\BlogChina\BC]