发表于: 2006-03-27 13:56 | 显示全部 短消息 资料
字号: 1楼

【求助】

HijackThis_815汉化版扫描日志 V1.99.1
保存于      13:42:50, 日期 2006-3-27
操作系统:  Windows XP  (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 (6.00.2600.0000)

当前运行的进程:         
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Rising\Rav\CCenter.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Rising\Rav\Ravmond.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\explorer.exe
D:\WINDOWS\System32\wuass32.exe
D:\WINDOWS\lsass.exe
D:\WINDOWS\system32\cmd.exe
D:\WINDOWS\system32\ftp.exe
E:\海關資料\baoguan\haiguan\海关其他资料\Lina\新建文件夹 (2)\Lina(李娜)\KILL\新建文件夹\HijackThis1991zww.exe

F2 - REG:system.ini: Shell=explorer.exe D:\WINDOWS\system32\sxlntr.exe
F3 - REG:win.ini: load=D:\WINDOWS\system32\sxlntr.exe
F3 - REG:win.ini: run=D:\WINDOWS\system32\sxlntr.exe
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - 启动项HKLM\\Run: [Microsoft (R) User Authorization Service] D:\WINDOWS\System32\wuass32.exe
O4 - 启动项HKLM\\Run: [Microsoft (R) User Authorization Service] D:\WINDOWS\System32\wuass32.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\System32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O20 - Winlogon Notify: ddirectz - ddirectz.dll (file missing)
O20 - Winlogon Notify: msupdate - D:\WINDOWS\SYSTEM32\msupdate32.dll
O20 - Winlogon Notify: ur32megareg - D:\Documents and Settings\All Users.WINDOWS\Documents\Settings\ur32mega.dll (file missing)
O21 - SSODL: DCOM Server - {2C1CD3D7-86AC-4068-93BC-A02304BB8C34} - D:\WINDOWS\System32\dcom_14.dll
O21 - SSODL: JgzQwIs - {0D2518F9-A78F-B253-B586-6E4250288F4E} - D:\WINDOWS\System32\cdac.dll
O21 - SSODL: C-Media Audio - {3C3985FF-6D5A-317F-CA47-B77DCAE8D7DA} - \winhope8.dll (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: Windows User Authorization Service (UserAuthSvc) - Unknown owner - D:\WINDOWS\System32\wuass32.exe
O23 - NT 服务: WIN IExplorer  - Unknown owner - D:\WINDOWS\lsass.exe

最后编辑2006-03-27 14:19:07