麻烦版主啦
StartupList report, 2005-8-17, 12:34:49
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Administrator\桌面\idx\HijackThis.EXE
Detected: Windows 2000 SP4 (WinNT 5.00.2195)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\Program Files\rising\Rfw\rfwsrv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
C:\PROGRA~1\北京通信\宽带E~1\app\pppoeservice.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\inetsrv\inetinfo.exe
C:\WINNT\Explorer.EXE
C:\Program Files\rising\Rfw\RfwMain.exe
C:\Program Files\MagicSet\DS.EXE
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Maxthon\Maxthon.exe
C:\PROGRA~1\北京通信\宽带E~1\app\EnterNet.exe
C:\Documents and Settings\Administrator\桌面\dd\mhdd.exe
d:\Progra~1\Shanda\Mland\data\mland.dat
D:\Program Files\Shanda\MLand\data\mland.dat
C:\WINNT\system32\conime.exe
C:\Program Files\Winamp\winamp.exe
C:\Documents and Settings\Administrator\桌面\idx\HijackThis.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINNT\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Synchronization Manager = mobsync.exe /logon
Super Rabbit Desktop Set = C:\Program Files\MagicSet\DS.EXE /Load
RfwMain = "C:\Program Files\rising\Rfw\rfwmain.exe" -Startup
RavTimer = C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
RavMon = C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
TkBellExe = ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
LogitechVideoRepair = ; D:\Program Files\Logitech\Video\ISStart.exe
LogitechVideoTray = ; D:\Program Files\Logitech\Video\LogiTray.exe
PCSuiteTrayApplication = D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
PcSync = D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
--------------------------------------------------
Shell & screensaver key from C:\WINNT\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=(无)
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper
Objects:
(no name) - C:\WINNT\system32\xunleibho_v4.dll - {0005A87D-D626-4B3A-84F9-1D9571695F55}
(no name) - D:\Program Files\qq2005\QQIEHelper.dll - {54EBD53A-9BC1-480B-966A-843A333CA162}
(no name) - C:\PROGRA~1\FLASHGET\jccatch.dll - {A5366673-E8CA-11D3-9CD9-0090271D075B}
--------------------------------------------------
Enumerating Download Program Files:
[{33564D57-0000-0010-8000-00AA00389B71}]
CODEBASE = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
[Update Class]
InProcServer32 = C:\WINNT\System32\iuctl.dll
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38236.9529513889
[Shockwave Flash
Object]
InProcServer32 = C:\WINNT\system32\Macromed\Flash\flash.ocx
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
--------------------------------------------------
Enumerating ShellService
ObjectDelayLoad items:
Network.ConnectionTray: C:\WINNT\system32\NETSHELL.dll
WebCheck: C:\WINNT\system32\webcheck.dll
SysTray: st
object.dll
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
IEXPLORE.EXE = IEXPLORE.EXE http://%64%69%79%69%2E%37%37%31%36%39%2E%6F%72%67
--------------------------------------------------
End of report, 5,393 bytes
Report generated in 1.653 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
