HijackThis_zww汉化版扫描日志 V1.99.1
保存于      10:25:39, 日期 2006-9-4
操作系统：  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器：    Internet Explorer v6.00 (6.00.2462.0000)

当前运行的进程：         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
E:\PROGRAM FILES\RISING\RAV\Ravmond.exe
E:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
e:\Program Files\Rising\Rav\RavService.exe
C:\WINNT\system32\regsvc.exe
e:\Program Files\Rising\Rav\CCenter.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\CNNIC\Cdn\cdnup.exe
E:\Program Files\Rising\Rav\RavTimer.exe
E:\Program Files\Rising\Rav\RavTray.exe
E:\Program Files\Rising\Rav\RavMon.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\WINNT\SOUNDMAN.EXE
C:\WINNT\system32\VTTimer.exe
C:\WINNT\system32\VTtrayp.exe
C:\WINNT\system32\internat.exe
E:\Program Files\Kingsoft\XDict\XDICT.EXE
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\wuauclt.exe
E:\Program Files\Rising\Rav\RsAgent.exe
C:\WINNT\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Rising\Rav\Rav.exe
F:\新建文件夹\hijackthis\HijackThis1991zww.exe

R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - (no file)
O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DESKAD~1\deskipn.dll
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O2 - BHO: IHiu Class - {616E0E15-E4E4-4f8d-8212-0BC61A4ACBE4} - C:\WINNT\system32\COOLBHO.dll
O2 - BHO: BHelper Class - {F2E37336-BFDB-409B-8D0E-6F013C438B20} - C:\WINNT\system32\4abo3490.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll
O2 - BHO: BqgLcpxn Class - {FC790455-F569-7A92-E8A3-8F42206B124C} - C:\WINNT\DOWNLO~1\apxljaym.dll (file missing)
O3 - IE工具栏增项: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [RavTimer] E:\Program Files\Rising\Rav\RavTimer.exe
O4 - 启动项HKLM\\Run: [RavTray] e:\Program Files\Rising\Rav\RavTray.exe
O4 - 启动项HKLM\\Run: [RavMon] e:\Program Files\Rising\Rav\RavMon.exe -system
O4 - 启动项HKLM\\Run: [hp 1000 firmware] d:\Program Files\hp LaserJet 1000\fwdl.exe
O4 - 启动项HKLM\\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [RaidTool] :C:\Program Files\VIA\RAID\raid_tool.exe
O4 - 启动项HKLM\\Run: [VTTimer] VTTimer.exe
O4 - 启动项HKLM\\Run: [VTTrayp] VTtrayp.exe
O4 - 启动项HKLM\\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - 启动项HKLM\\Run: [zt] C:\Program Files\Intel\svhost32.exe
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - HKCU\..\Run: [sys004] C:\WINNT\system32\rund1132.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: 金山词霸 2002.lnk = E:\Program Files\Kingsoft\XDict\XDICT.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm
O9 - 浏览器额外的按钮: (no name) - {233A9694-667E-11d1-9DFB-006097D5040A} - (no file)
O9 - 浏览器额外的按钮: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O10 - 未知的文件在 Winsock LSP: c:\winnt\system32\cdnns.dll
O10 - 未知的文件在 Winsock LSP: c:\winnt\system32\srvdll.dll
O10 - 未知的文件在 Winsock LSP: c:\winnt\system32\srvdll.dll
O11 - Options group: [CDNCLIENT]  中文上网
O11 - Options group: [TBH] 搜搜地址栏搜索
O14 - IERESET.INF: SEARCH_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=iear=iesearch(&A)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1506100F-451F-4262-AF66-B8590DB71705}: NameServer = 202.101.98.55,202.101.98.54
O17 - HKLM\System\CCS\Services\Tcpip\..\{96781F84-D472-4376-B295-0DFCA644D530}: NameServer = 202.101.98.54,202.101.98.55
O17 - HKLM\System\CS1\Services\Tcpip\..\{1506100F-451F-4262-AF66-B8590DB71705}: NameServer = 202.101.98.55,202.101.98.54
O18 - Filter: text/html - {0EB00690-8FA1-11D3-96C7-829E3EA50C29} - C:\WINNT\system32\IeFilter.dll
O21 - SSODL: DelayRun - {5A6F2F95-3191-433B-8533-EB0B596A7BAC} - C:\WINNT\system\4abd3490.dll (file missing)
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: RavService - Unknown owner - e:\Program Files\Rising\Rav\RavService.exe" /service (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - e:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\PROGRAM FILES\RISING\RAV\Ravmond.exe

Srvdll.dll
4abo3490.dll

不能共享打印