HijackThis_815汉化版扫描日志 V1.99.1
保存于 22:05:49, 日期 2005-10-4
操作系统: Windows 2000 SP4 (WinNT 5.00.2195)
浏览器: Internet Explorer v6.00 SP1 (6.00.2800.1106)
当前运行的进程:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\瑞星\RAV\CCENTER.EXE
D:\瑞星\RAV\Ravmond.exe
C:\WINNT\system32\MSTask.exe
D:\瑞星\RAV\RavStub.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\svchost.exe
D:\瑞星\RAV\RAVTIMER.EXE
D:\瑞星\RAV\RAVMON.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\system32\Internat.exe
D:\杀木马\HijackThis1991汉化版\HijackThis1991zww.exe
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL (file missing)
O3 - IE工具栏增项: (no name) - {37DE7A73-1E01-47d6-BB9B-99BEDB7A22E2} - (no file)
O3 - IE工具栏增项: 天下搜索 - {56A7DC70-E102-4408-A34A-AE06FEF01586} - C:\WINNT\Downloaded Program Files\CONFLICT.2\IEBar.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - IE工具栏增项: (no name) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - (no file)
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [CnsMin] Rundll32.exe C:\WINNT\DOWNLO~1\CONFLICT.1\CnsMin.dll,Rundll32
O4 - 启动项HKLM\\Run: [RavTimer] D:\瑞星\RAV\RAVTIMER.EXE
O4 - 启动项HKLM\\Run: [RavMon] D:\瑞星\RAV\RAVMON.EXE -SYSTEM
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [internat.exe] Internat.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O11 - Options group: [!CNS] 上网助手-地址栏搜索
O16 - DPF: {229610B2-3C6D-41EE-BD17-4D929DD16B3D} (Mediaplay Control) - http://juexiang0009.go.zccn.net/MediaplayProj1.ocx
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} - http://game.qq.com/QQGame2.cab
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} (天下搜索) - http://iebar.t2t2.com/iebar.cab
O16 - DPF: {AB996D39-07BA-11D8-88D6-0050BA40F862} (MdPlayer2 Control) - http://www.ooomm.com/HtmlEffect.ocx
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/ravkill/rsonline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2370A5A9-DC5F-4688-9269-EEB589343CD2}: NameServer = 202.101.107.55
O18 - 列举现有的协议: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINNT\system32\mbprot.dll
O18 - 列举现有的协议: mbox - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINNT\system32\mbprot.dll
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: helpeserver (helpseervers) - Unknown owner - C:\WINNT\helpes.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - D:\瑞星\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\瑞星\RAV\Ravmond.exe