以下为发假MAC的机子上的日志文件！！！

=========================================

HijackThis_815汉化版扫描日志 V1.99.1
保存于      10:06:58, 日期 2007-4-2
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HintSoft\PubwinClient\PubwinClient.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
C:\Program Files\Richtech\GxpClient\CltSrv.exe
C:\WINDOWS\system32\internat.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\winvnc\winvnc.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
N:\网络聊天\QQ\QQ.exe
C:\WINDOWS\wsttrs.exe
C:\DOCUME~1\LC\LOCALS~1\Temp\yqr.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\wgs3.exe
C:\WINDOWS\SVCH0ST.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
N:\网络聊天\QQ\QQLiveUpdate.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\LC\桌面\[ylmf]HijackThis1991.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: Snav - {635A7AFA-FB22-4A4E-8AB8-C85CFAB14626} - C:\PROGRA~1\HintSoft\PUBWIN~1\Snav.dll
O4 - 启动项HKLM\\Run: [!统一任务] C:\启动\统一任务.bat
O4 - 启动项HKLM\\Run: [Internat] internat.exe
O4 - 启动项HKLM\\Run: [Gsp2k] C:\Program Files\Richtech\GxpClient\AutoStar.EXE
O4 - 启动项HKLM\\Run: [mppdys] C:\WINDOWS\mppdys.exe
O4 - 启动项HKLM\\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe
O4 - 启动项HKLM\\Run: [mhsa] C:\DOCUME~1\LC\LOCALS~1\Temp\mhso.exe
O4 - 启动项HKLM\\Run: [msccrt] C:\WINDOWS\msccrt.exe
O4 - 启动项HKLM\\Run: [upxdnd] C:\DOCUME~1\LC\LOCALS~1\Temp\TIMPLATF0RM.exe
O4 - 启动项HKLM\\Run: [wsttrs] C:\WINDOWS\wsttrs.exe
O4 - 启动项HKLM\\Run: [wgs3] C:\WINDOWS\wgs3.exe
O4 - HKCU\..\Run: [ravshell] C:\WINDOWS\SVCH0ST.EXE
O4 - HKCU\..\Run: [svc] C:\DOCUME~1\LC\LOCALS~1\Temp\yqr.exe
O4 - 启动项HKCU\\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O11 - Options group: [!IESearch] 百度搜索伴侣
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1138295097875
O17 - HKLM\System\CCS\Services\Tcpip\..\{64D63B57-1859-4BBD-A07E-392024C20401}: NameServer = 218.85.157.99,202.101.110.55
O18 - 列举现有的协议: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: DfLogon - C:\WINDOWS\SYSTEM32\LogonDll.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - NT 服务: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - NT 服务: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - NT 服务: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - NT 服务: DF5Serv - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
O23 - NT 服务: 游戏共享精灵XP客户端服务 (GspClient) - Unknown owner - C:\Program Files\Richtech\GxpClient\CltSrv.exe
O23 - NT 服务: VNC Server (winvnc) - Unknown owner - C:\Program Files\winvnc\winvnc.exe" -service (file missing)

顶上去，人呢？帮帮忙。

热心的卡友，帮帮忙。