事实而非 - 2006-5-3 23:10:00
开机后出现DLL。丢失 自动寻找PODCASTBARMINISTARTER。EXE文件 麻烦帮忙看下日志
HijackThis_zww汉化版扫描日志 V1.99.1
保存于 0:04:45, 日期 06-5-2
操作系统: Windows 98 SE (Win9x 4.10.2222A)
浏览器: Internet Explorer v6.00 SP1 (6.00.2800.1106)
当前运行的进程:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\GEMSTRMW.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\SCARDSVR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\SAFESIGNCERTREG.EXE
C:\WINDOWS\SYSTEM\VFP104.EXE
C:\WINDOWS\HACKER.COM.CN.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\CHINANET\VNETCLIENT.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
E:\新建文件夹\HIJACKTHIS1991ZWW.EXE
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - C:\PROGRA~1\CHINANET\VNETTR~1.DLL
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\SYSTEM\XUNLEIBHO_V8.DLL
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\YAHOO!\ASSIST~1\ASSIST\YDRAGS~1.DLL
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRAM FILES\BAIDU\BAR\BAIDUBAR.DLL (file missing)
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YANGLING.DLL
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS\SYSTEM\WMPDRM.DLL
O2 - BHO: NewWeb Controller - {9ACEEE30-143F-471A-AA45-72B061FE7D60} - C:\WINDOWS\SYSTEM\WINSC32.DLL
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\SYSTEM\KAKATOOL.DLL
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - 启动项HKLM\\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - 启动项HKLM\\Run: [SystemTray] SysTray.Exe
O4 - 启动项HKLM\\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - 启动项HKLM\\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - 启动项HKLM\\Run: [RegNetPass] C:\WINDOWS\SYSTEM\regcsp.exe
O4 - 启动项HKLM\\Run: [gemstrmw] C:\WINDOWS\SYSTEM\gemstrmw.exe /r
O4 - 启动项HKLM\\Run: [CertificateRegistration] SafeSignCertReg.exe
O4 - 启动项HKLM\\Run: [Update] C:\Program Files\Common Files\UPDAT\Update.exe
O4 - 启动项HKLM\\Run: [Windir] C:\WINDOWS\SYSTEM\Windir.exe
O4 - 启动项HKLM\\Run: [spoolsv] C:\WINDOWS\SYSTEM\spoolsv\spoolsv.exe -printer
O4 - 启动项HKLM\\Run: [MSService_v1.0] C:\WINDOWS\SYSTEM\VFP104.EXE
O4 - 启动项HKLM\\RunServices: [SchedulingAgent] mstask.exe
O4 - 启动项HKLM\\RunServices: [gemstrmw] C:\WINDOWS\SYSTEM\gemstrmw.exe /s
O4 - 启动项HKLM\\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - 启动项HKLM\\RunServices: [SCardSvr] C:\WINDOWS\SYSTEM\SCardSvr.exe
O4 - HKCU\..\Run: [Hacker.com.cn.exe] C:\WINDOWS\Hacker.com.cn.exe
O4 - HKCU\..\Run: [pbmini] C:\PROGRAM FILES\PCAST\PODCASTBARMINI\PodcastBarMiniStater.exe
O4 - Startup: 星空极速.lnk = C:\Program Files\ChinaNet\VnetClient.exe
O4 - Startup: 播霸网络电视.lnk = C:\Program Files\PCAST\PodcastbarMini\PodcastBarMiniStarter.exe
O4 - Global Startup: IE-BAR.lnk = C:\WINDOWS\rundll32.exe
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\getallurl.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\QQ\AddToNetDisk.htm
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\QQ\QQ.EXE
O9 - 浏览器额外的按钮: 百万图库 - {6713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www.26-3.com/star (file missing) (HKCU)
O9 - 浏览器额外的按钮: 铃声图片下载 - {7713E8D2-850A-101B-AFC0-4210102A8DA7} - http://www.26-3.com/sms/index.htm (file missing) (HKCU)
O15 - “受信任的站点”中添加项: http://www.icbc.com.cn
O16 - DPF: _{EF6205C1-3F17-4829-BCB5-1336ED89E356} - http://club.jiangmin.com/kvscan/KvDown.cab
O16 - DPF: {87CCFDB0-C4BE-4BC2-A78C-9EAA7CF96667} - http://ps.itv.mop.com/dn/files/vodupdate_1.0.0.8_20051009.cab
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {0EB487C8-E9AC-43A6-8C4C-083999B0622F} (InfosecCertInstall Class) - https://mybank.icbc.com.cn/icbc/perbank/certInStall.dll
© 2000 - 2025 Rising Corp. Ltd.