Logfile of HijackThis v1.99.0
Scan saved at 02:01:51 上午, on 2006-7-27
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\SkyNet\FireWall\PFW.exe
D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\RUNDLL32.EXE
D:\Program Files\ewido anti-spyware 4.0\ewido.exe
d:\Program Files\ewido anti-spyware 4.0\guard.exe
D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
F:\程序\病毒\HijackThis.exe

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [vptray] D:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SKYNET Personal FireWall] D:\Program Files\SkyNet\FireWall\PFW.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!ewido] "D:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O15 - Trusted Zone: http://www.icbc.com.cn
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{044A288A-60FE-4C02-A97F-9C6B5375F2B7}: NameServer = 218.30.19.40,61.134.1.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{044A288A-60FE-4C02-A97F-9C6B5375F2B7}: NameServer = 218.30.19.40,61.134.1.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{044A288A-60FE-4C02-A97F-9C6B5375F2B7}: NameServer = 218.30.19.40,61.134.1.4
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: DefWatch - Symantec Corporation - D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - d:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Symantec AntiVirus Client - Symantec Corporation - D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StyleXPService - Unknown - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

Logfile of HijackThis v1.99.0
Scan saved at 03:13:23 上午, on 2006-7-27
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
D:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\SkyNet\FireWall\PFW.exe
d:\Program Files\ewido anti-spyware 4.0\guard.exe
D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\RUNDLL32.EXE
D:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\System32\nvsvc32.exe
F:\程序\病毒\HijackThis.exe

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [vptray] D:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SKYNET Personal FireWall] D:\Program Files\SkyNet\FireWall\PFW.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!ewido] "D:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O15 - Trusted Zone: http://www.icbc.com.cn
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{044A288A-60FE-4C02-A97F-9C6B5375F2B7}: NameServer = 218.30.19.40,61.134.1.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{044A288A-60FE-4C02-A97F-9C6B5375F2B7}: NameServer = 218.30.19.40,61.134.1.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{044A288A-60FE-4C02-A97F-9C6B5375F2B7}: NameServer = 218.30.19.40,61.134.1.4
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: DefWatch - Symantec Corporation - D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - d:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Symantec AntiVirus Client - Symantec Corporation - D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StyleXPService - Unknown - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

又扫描了一次.........
瑞星在线查毒说是有个木马...但是诺顿和EWIDO都检查过没有.....-_-.........怎么会事呢?

证明瑞星在查杀木马方面的确技高一筹```

还没有高人帮看看日志吗?

谢谢啊~~~

O4 - HKLM\..\Run: [vptray] D:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
这个是什么程序,确认一下

引用:

【闪电风暴的贴子】O4 - HKLM\..\Run: [vptray] D:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe 这个是什么程序,确认一下 ...........................

这个是诺顿的

VPTray.exe是Norton AntiVirus反病毒 软件的系统托盘程序