0739085 |
2006-02-13 08:22 |
每次启动后都会发生5-10分钟,在此期间按任何键都没有反应,但是鼠标能移动。 ijackThis_zww汉化版扫描日志 V1.99.1 保存于 8:31:35, 日期 06-2-13 操作系统: Windows 98 SE (Win9x 4.10.2222A) 浏览器: Internet Explorer v6.00 SP1 (6.00.2800.1106)
当前运行的进程: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE c:\windows\SYSTEM\KB891711\KB891711.EXE C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\DEFWATCH.EXE C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\RTVSCN95.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\INTERNAT.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\HEROSOFT\HERO2001\SYSEXPLR.EXE C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\VPTRAY.EXE C:\WINDOWS\RUNDLL32.EXE C:\PROGRAM FILES\TENCENT\ADPLUS\RUNNER.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE D:\21MP3THTGS\BITCOMET\BITCOMET.EXE D:\MYIE2\MAXTHON\MAXTHON.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE D:\MATH\PFCL\HIJACKTHIS1991汉化版\HIJACKTHIS1991ZWW.EXE
R3 - URLSearchHook: QQ Search Hook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\PROGRAM FILES\TENCENT\ADPLUS\IEHELP.DLL O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - D:\NET TRANSPORT\NTIEHELPER.DLL O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\PROGRAM FILES\TENCENT\ADPLUS\IEHELP.DLL O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - 启动项HKLM\\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - 启动项HKLM\\Run: [internat.exe] internat.exe O4 - 启动项HKLM\\Run: [SystemTray] SysTray.Exe O4 - 启动项HKLM\\Run: [SysExplr] C:\HEROSOFT\HERO2001\SYSEXPLR.EXE O4 - 启动项HKLM\\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - 启动项HKLM\\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - 启动项HKLM\\Run: [AddrPlus3] C:\PROGRA~1\TENCENT\ADPLUS\RUNNER.EXE C:\PROGRA~1\TENCENT\ADPLUS\QAHOOK.DLL Rundll32 O4 - 启动项HKLM\\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE O4 - 启动项HKLM\\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - 启动项HKLM\\RunServices: [defwatch] C:\PROGRA~1\SYMANT~1\SYMANT~1\defwatch.exe O4 - 启动项HKLM\\RunServices: [rtvscn95] C:\PROGRA~1\SYMANT~1\SYMANT~1\rtvscn95.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe O4 - Global Startup: 桌面传媒.lnk = C:\WINDOWS\rundll32.exe O8 - IE右键菜单中的新增项目: 使用影音传送带下载 - D:\net transport\NTAddLink.html O8 - IE右键菜单中的新增项目: 使用影音传送带下载全部链接 - D:\net transport\NTAddList.html O8 - IE右键菜单中的新增项目: 下载页面上的ED2(&K)链接 - D:\emule\ed2k.html O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O11 - Options group: [TBH] QQ地址栏搜索插件 O15 - “受信任的站点”中添加项: http://*.windowsupdate.microsoft.com O15 - “受信任的站点”中添加项: http://*.windowsupdate.com O16 - DPF: {0150EB11-5FB4-4D9E-85EA-0F155705227E} (Yahoo! 相册轻松上载工具 Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6cn.cab O16 - DPF: {3359C0B1-2363-40B3-AFCA-1ABC799AC486} (SSReaderPlug Control) - http://reg.ssreader.com/ssreaderplug.ocx O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) - http://218.85.138.27/vqqsdl1009.cab |
|