Logfile of HijackThis v1.99.1
Scan saved at 8:28:28, on 2006-9-30
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
E:\WINNT\System32\smss.exe
E:\WINNT\system32\winlogon.exe
E:\WINNT\system32\services.exe
E:\WINNT\system32\lsass.exe
E:\WINNT\system32\svchost.exe
E:\Program Files\Rising\Rav\CCenter.exe
E:\Program Files\Rising\Rav\Ravmond.exe
E:\WINNT\system32\spoolsv.exe
E:\WINNT\system32\msdtc.exe
E:\WINNT\system32\svchost.exe
E:\Program Files\Rising\Rav\RavStub.exe
E:\WINNT\System32\llssrv.exe
E:\WINNT\System32\svchost.exe
E:\WINNT\system32\server.exe
f:\LavaSoft\ShareMailPro\SmpEngine.exe
E:\WINNT\system32\stisvc.exe
E:\WINNT\System32\WBEM\WinMgmt.exe
E:\WINNT\System32\svchost.exe
E:\WINNT\system32\Dfssvc.exe
E:\Program Files\Rising\Rav\RavTask.exe
F:\LavaSoft\ShareMailPro\ShareMailPro.exe
F:\LavaSoft\ShareMailPro\SmpMonitor.exe
E:\WINNT\System32\svchost.exe
E:\WINNT\system32\conime.exe
E:\WINNT\3Sy.exe
E:\WINNT\explorer.exe
E:\Program Files\Maxthon\Maxthon.exe
F:\shanghai\专杀工具\ha_hijackthis_1991\HijackThis.exe

R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: (no name) - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - (no file)
O2 - BHO: google bar  - {607E95A1-8F89-4343-B9BC-2EFC2B291BB4} - E:\WINNT\system32\googlebar.dll
O2 - BHO: Spoolsv Class - {9C363D55-07D7-433d-A13E-D9C105202F6F} - E:\WINNT\system32\drivers\spoolsv.dll
O2 - BHO: BrowserProxy4  - {BCF4D74B-E6BD-4C8F-83D7-90D6439705B9} - E:\WINNT\system32\AlxTbl.dll
O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINNT\system32\msdxm.ocx
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - E:\Program Files\ToolBar888\MyToolBar.dll
O4 - HKLM\..\Run: [svhoost] E:\WINNT\system32\checksys.exe
O4 - HKLM\..\Run: [RavTask] "E:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [ShareMailProMonitor] f:\LavaSoft\ShareMailPro\SmpMonitor.exe
O4 - HKLM\..\Run: [System] E:\WINNT\TEMP\\setup.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\zenbee\安装\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\zenbee\安装\FlashGet-v1.71\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\zenbee\安装\FlashGet-v1.71\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\zenbee\安装\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\zenbee\安装\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\zenbee\安装\qq\SendMMS.htm
O9 - Extra button: 酷标 - {1D901067-2529-4A9B-9B6B-7A1DB3A44CB5} - E:\Program Files\coolsign\coolsign.dll
O9 - Extra button: (no name) - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - (no file)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINNT\web\related.htm
O10 - Broken Internet access because of LSP provider 'e:\winnt\system32\cdnns.dll' missing
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O17 - HKLM\System\CCS\Services\Tcpip\..\{4AB5A9AE-AEE2-4CB2-A47E-49BA4BF6487A}: NameServer = 202.109.116.116,202.96.209.133
O17 - HKLM\System\CS1\Services\Tcpip\..\{4AB5A9AE-AEE2-4CB2-A47E-49BA4BF6487A}: NameServer = 202.109.116.116,202.96.209.133
O17 - HKLM\System\CS2\Services\Tcpip\..\{4AB5A9AE-AEE2-4CB2-A47E-49BA4BF6487A}: NameServer = 202.109.116.116,202.96.209.133
O23 - Service: ClipBook (ClipSrv) - Unknown owner - E:\WINNT\system32\clipsrv.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - E:\WINNT\System32\dmadmin.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Unknown owner - E:\WINNT\system32\mnmsrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - E:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: ShareMailPro - Unknown owner - f:\LavaSoft\ShareMailPro\SmpEngine.exe
O23 - Service: Utility Manager (UtilMan) - Unknown owner - E:\WINNT\System32\UtilMan.exe



我的机器进不了安全模式。不重装系统能好吗

O23 - Service: ClipBook (ClipSrv) - Unknown owner - E:\WINNT\system32\clipsrv.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Unknown owner - E:\WINNT\system32\mnmsrvc.exe
O23 - Service: ShareMailPro - Unknown owner - f:\LavaSoft\ShareMailPro\SmpEngine.exe
O23 - Service: Utility Manager (UtilMan) - Unknown owner - E:\WINNT\System32\UtilMan.exe
这些都是什么程序?自己看一下是不是自己安装的程序的服务?

这是公司的电脑。第2个是NetMeeting，第3个是公司的邮件服务。
其他2个不详，因为我刚接受这个电脑，前任的人走了

那你自己在网上搜索一下,看看是什么?日志里面没有发现太大的问题

就是总会弹出一些网站，虽然不是XX的，但是都是一些广告啊，
网上购物之类的，老是产生错误，让我重起IE
http://www.sylph.com.cn/
http://www.layoyo.cn/
http://www.bopmo.cn/
http://www.cyc90.com/
http://www.cyc90.net/
http://www.cyc90.cyc.net/
http://www.ishowbao.com/
http://www.9istyle.com/pop/mop.html
http://u.sh.xoyo.com/
http://free.bbvod.net
这是弹出的网页地址

这个现象有超级兔子修复一下IE应该可以解决这个问题

超级兔子IE修复专家我用过了。黄山IE修复我也用过了。。
重起之后还是这样。因为我的机器以前是别人用的，给我的时候就不能进安全模式，郁闷啊。。。。。公司天天运作，我这是邮件服务器不能重做系统。。。

我汗，世界还真是小- -，BAIDU上搜过来的，一看怎么安装QQ的目录是zenbee，原来是你啊