快播是不是有毒,请帮看一下是不是中了毒

请帮看一下是不是中了毒 - 故障解答 - 电脑教程网

请帮看一下是不是中了毒

日期:2006-05-07   荐:
.Cdv993 请帮看一下是不是中了毒 006-12-19,00:10:24 System Repair Engineer 2.0.21.505 (2.0 RC 2) Smallfrogs (http://www.KZTechs.com) Windows Server 2003 Enterprise Edition Service Pack 1 (Build 3790) - 管理权限用户 - 完整功能 以下内容被选中:     所有的启动项目(包括注册表、启动文件夹、服务等)     浏览器加载项     正在运行的进程(包括进程模块信息)     文件关联 启动项目 注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]     <Internat.exe><Internat.exe> [Microsoft Corporation] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]     <FlashPlayerUpdate><C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe> [Adobe Systems, Inc.] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]     <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [Symantec Corporation]     <vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe> [Symantec Corporation]     <!ewido><"C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized> [Anti-Malware Development a.s.] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]     <avp6_post_uninstall><> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]     <shell><Explorer.exe> [Microsoft Corporation]     <Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]     <UIHost><%SystemRoot%\system32\logonui.exe> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]     <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll> [Anti-Malware Development a.s.] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] (www.dngz.net)为您排除一切电脑故障     <WinlogonNotify: NavLogon><C:\WINDOWS\system32\NavLogon.dll> [Symantec Corporation] ================================== 启动文件夹 [iSCSI]  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\iSCSI.lnk><N> [lock]  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\lock.exe><N> ================================== 服务 [Symantec Event Manager / ccEvtMgr]  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation> [Symantec Password Validation / ccPwdSvc]  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation> [Symantec Settings Manager / ccSetMgr]  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation> [Symantec AntiVirus Definition Watcher / DefWatch]  <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation> [SavRoam / SavRoam]  <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec> [Symantec Network Drivers Service / SNDSrvc]  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation> [Symantec SPBBCSvc / SPBBCSvc]  <"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation> [Symantec AntiVirus / Symantec AntiVirus]  <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation> ================================== 浏览器加载项 [启动迅雷]  {0062C9BD-B349-40DE-91A0-755F37ACD559} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD> [Windows Media Player]  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation> [HTML Document]  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A> (www.dngz.net)版权所有 [XML DOM Document]  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A> [Windows Media Player]  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [Microsoft Web Browser]  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation> [SearchAssistantOC]  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A> [Shockwave Flash Object]  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.> [XML HTTP 3.0]  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A> [XML DOM Document]  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A> [&使用迅雷下载]  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A> [&使用迅雷下载全部链接]  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A> ================================== 正在运行的进程 [PID: 672][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> [PID: 792][\?\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)> [PID: 848][\?\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)>     [C:\WINDOWS\system32\NavLogon.dll] <Symantec Corporation><10.0.1.1000> [PID: 932][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> [PID: 952][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.2.3790.0 (srv03_rtm.030324-2048)> [PID: 1164][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)>

[PID: 1284][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> 欢迎来到(www.dngz.net) [PID: 1452][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> [PID: 1492][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> [PID: 1524][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> [PID: 1608][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe] <Symantec Corporation><103.5.4.3>     [C:\Program Files\Common Files\Symantec Shared\ccL35.dll] <Symantec Corporation><103.5.4.3>     [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.5.4.3>     [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><103.5.4.3> [PID: 1672][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe] <Symantec Corporation><103.5.4.3>     [C:\Program Files\Common Files\Symantec Shared\ccL35.dll] <Symantec Corporation><103.5.4.3>     [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.5.4.3>     [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\BB.DLL] <Symantec Corporation><1,5,1,3>     [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL] <Symantec Corporation><1,5,1,3>     [C:\Program Files\Common Files\Symantec Shared\ccSet.dll] <Symantec Corporation><103.5.4.3>     [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] <Symantec Corporation><103.5.4.3> [PID: 1964][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> [PID: 2004][C:\WINDOWS\system32\msdtc.exe] <Microsoft Corporation><2001.12.4720.1830 (srv03_sp1_rtm.050324-1447)> [PID: 392][C:\Program Files\Symantec AntiVirus\DefWatch.exe] <Symantec Corporation><10.0.1.1000> [PID: 436][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> dngz.net您的电脑医生 [PID: 508][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> [PID: 280][C:\Program Files\Symantec AntiVirus\Rtvscan.exe] <Symantec Corporation><10.0.1.1000>     [C:\WINDOWS\system32\CBA.DLL] <LANDesk Software Ltd.><6.12.0.137 E>     [C:\WINDOWS\system32\MsgSys.dll] <LANDesk Software Ltd.><6.12.0.137 E>     [C:\WINDOWS\system32\NTS.dll] <LANDesk Software Ltd.><6.12.0.137 E>     [C:\WINDOWS\system32\PDS.DLL] <LANDesk Software Ltd.><6.12.0.137 E>     [C:\Program Files\Symantec AntiVirus\NAVLU.dll] <Symantec Corporation><10.0.1.1000>     [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL] <Symantec Corporation><10.0.1.1000>     [c:\program files\common files\symantec shared\ssc\ScsComms.dll] <Symantec Corporation><10.0.1.1000>     [C:\Program Files\Symantec AntiVirus\I2ldvp3.dll] <Symantec Corporation><10.0.1.1000>     [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.5.4.3>     [C:\Program Files\Common Files\Symantec Shared\ccL35.dll] <Symantec Corporation><103.5.4.3>     [C:\Program Files\Common Files\Symantec Shared\ccDec.dll] <Symantec Corporation><103.5.4.3>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\decsdk.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll] <Symantec Corporation><3.02.12.35>

(www.dngz.net)版权所有

    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll] <Symantec Corporation><3.02.12.35>     [C:\Program Files\Common Files\Symantec Shared\ccScan.dll] <Symantec Corporation><103.5.4.3>     [C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL] <Symantec Corporation><1.4.0.11>     [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061216.007\ccEraser.dll] <Symantec Corporation><106.3.3.2>     [C:\Program Files\Symantec AntiVirus\DefUtDCD.dll] <Symantec Corporation><3.1.13a.0>     [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061216.007\ecmsvr32.dll] <Symantec Corporation><61.3.0.18>     [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061216.007\NAVEX32a.DLL] <Symantec Corporation><20061.3.0.12>     [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061216.007\NAVENG32.DLL] <Symantec Corporation><20061.3.0.12> dngz.net     [C:\Program Files\Symantec AntiVirus\NAVAP32.DLL] <Symantec Corporation><9.5.0.44>     [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] <Symantec Corporation><9.5.0.44>     [C:\Program Files\Symantec AntiVirus\IMail.dll] <Symantec Corporation><10.0.1.1000>     [C:\Program Files\Symantec AntiVirus\NotesExt.dll] <Symantec Corporation><10.0.1.1000>     [C:\Program Files\Symantec AntiVirus\vpmsece3.dll] <Symantec Corporation><10.0.1.1000>     [C:\Program Files\Symantec AntiVirus\SymProtectStorage.dll] <Symantec Corporation><10.0.1.1000>     [C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll] <Symantec Corporation><1,5,1,3>     [C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll] <Symantec Corporation><10.0.1.1000>     [C:\Program Files\Symantec AntiVirus\Cliscan.dll] <Symantec Corporation><10.0.1.1000> [PID: 1256][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.3790.1830 (srv03_sp1_rtm.050324-1447)>     [C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>     [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll] <Symantec Corporation><10.0.1.1000>     [C:\Program Files\ewido anti-spyware 4.0\context.dll] <Anti-Malware Development a.s.><4, 0, 0, 172>     [C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll] <Anti-Malware Development a.s.><4, 0, 0, 172> [PID: 1860][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] <Symantec Corporation><103.5.4.3>     [C:\Program Files\Common Files\Symantec Shared\ccL35.dll] <Symantec Corporation><103.5.4.3>     [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.5.4.3>     [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] <Symantec Corporation><103.5.4.3>     [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] <Symantec Corporation><103.5.4.3> dngz.net版权所有     [C:\WINDOWS\system32\SYMREDIR.DLL] <Symantec Corporation><5.5.2.1>     [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><103.5.4.3>     [C:\Program Files\Symantec AntiVirus\SavEmail.dll] <Symantec Corporation><10.0.1.1000>     [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] <Symantec Corporation><103.5.4.3> [PID: 1892][C:\PROGRA~1\SYMANT~1\VPTray.exe] <Symantec Corporation><10.0.1.1000>     [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] <Symantec Corporation><9.5.0.44>     [C:\Program Files\Symantec AntiVirus\Cliscan.dll] <Symantec Corporation><10.0.1.1000>     [C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL] <Symantec Corporation><10.0.1.1000>     [C:\Program Files\Symantec AntiVirus\Cliproxy.dll] <Symantec Corporation><10.0.1.1000> [PID: 1916][C:\WINDOWS\system32\Internat.exe] <Microsoft Corporation><5.00.2920.0000> [PID: 2032][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> [PID: 2016][D:\服务端\iSCSI.exe] <浙江地区专用><9, 0, 0, 1> [PID: 428][C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\lock.exe] <N/A><3, 1, 1, 133> [PID: 692][d:\qzserver\qzserver.exe] <><3.0.2005.323>     [d:\qzserver\SERVERDLL.DLL] <><3.0.2005.323>     [d:\qzserver\SKINDLL.DLL] <N/A><N/A>     [d:\qzserver\SERSOCK.DLL] <N/A><N/A>     [d:\qzserver\DOWNLIST.DLL] <N/A><N/A> [PID: 864][D:\服务端\iSCSIMonitor.exe] <Sunward Information Technology Co.Ltd><9, 0, 0, 1> [PID: 1660][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> [PID: 3960][C:\WINDOWS\system32\wbem\wmiprvse.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> [PID: 504][C:\Program Files\Faronics\Deep Freeze Enterprise\DF5 Install Programs\DF5Console.exe] <Faronics Corporation><5,70,220,1426>

(www.dngz.net)

[PID: 3944][C:\WINDOWS\system32\conime.exe] <Microsoft Corporation><5.2.3790.1830 (srv03_sp1_rtm.050324-1447)> [PID: 3432][C:\Program Files\ewido anti-spyware 4.0\ewido.exe] <Anti-Malware Development a.s.><4, 0, 0, 201>     [C:\Program Files\ewido anti-spyware 4.0\engine.dll] <Anti-Malware Development a.s.><4, 0, 0, 172> [PID: 3240][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\371918.exe] <北京江民新科技术有限公司><2, 0, 0, 2> [PID: 700][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.203\SREng.exe] <Smallfrogs Studio><2.0.21.505> ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]

.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}]

Logfile of HijackThis v1.99.1 Scan saved at 23:56:15, on 2006-12-18 Platform: Windows 2003 SP1 (WinNT 5.02.3790) MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\System32\svchost.exe ~ C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\WINDOWS\system32\Internat.exe C:\WINDOWS\System32\svchost.exe D:\服务端\iSCSI.exe C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\lock.exe d:\qzserver\qzserver.exe D:\服务端\iSCSIMonitor.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Faronics\Deep Freeze Enterprise\DF5 Install Programs\DF5Console.exe C:\WINDOWS\system32\conime.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe H:\扫描\系统扫描\HijackThis.exe O1 - Hosts: QZSER 192.168.0.250 O1 - Hosts: QZSER 127.0.0.1

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [Internat.exe] Internat.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe O4 - Startup: iSCSI.lnk = ? O4 - Startup: lock.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm O9 - Extra button: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe O9 - Extra 'Tools' menuitem: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{D4ACFE7E-EC0B-4148-AE60-32DB7108813B}: NameServer = 202.98.96.68,61.139.2.69 (www.dngz.net) O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

看过了,呵呵.好像没有马子哦,你如果机子有问题,或许是潜伏的,在日志里头没有。 还有就是楼主的ewido anti-spyware 4.0版本太老了,现在都已经是7.5的啦;P 详细参阅http://bbs.dngz.net/viewthread.php?tid=123833&page=1#pid1379817

xiexie谢谢。。。

[PID: 3240][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\371918.exe] <北京江民新科技术有限公司><2, 0, 0, 2>(江民不会有这exe吧) 这个再查查O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll

标签: