以下是我用hijackthis扫描的日志.高手帮我看看哈~~谢了~~同时希望高手能教我该如何看hijackthis日志~~~

Logfile of HijackThis v1.99.1
Scan saved at 10:57:12, on 2005-8-20
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\KV2005\KVMonXP_2.kxp
E:\PROGRA~1\KV2005\KVSrvXP.exe
E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\WINDOWS\system32\ZONELABS\vsmon.exe
E:\WINDOWS\System32\ctfmon.exe
F:\Program Files\qq\QQ.exe
F:\Program Files\qq\TIMPlatform.exe
E:\Program Files\TTPlayer\TTPlayer.exe
E:\Program Files\Maxthon\Maxthon.exe
F:\Downloads\杀毒\反病毒实用工具\HijackThis\HijackThis.exe
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - E:\Program Files\KV2005\KvShell.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - E:\PROGRA~1\Kingsoft\FASTAI~1\IEBand.dll
O3 - Toolbar: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O3 - Toolbar: &IE修复专家工具栏 - {123249EB-F891-44C4-946F-450064F9080E} - F:\PROGRA~1\IER\IERBar.dll
O3 - Toolbar: 江民杀毒工具栏 - {B5A34A93-D538-43A7-8371-864CB6148D12} - E:\Program Files\KV2005\KvShell.dll
O3 - Toolbar: (no name) - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - (no file)
O4 - HKLM\..\Run: [KvMonXP] E:\Program Files\KV2005\KVMonXP_2.kxp /auto
O4 - HKLM\..\Run: [Zone Labs Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\System32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - F:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - F:\Program Files\Thunder Network\Thunder\getAllurl.htm
O8 - Extra context menu item: 使用Kugoo下载 - E:\PROGRA~1\KUGOO2\KugooDownX.htm
O8 - Extra context menu item: 使用网际快车下载 - F:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - F:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\浩方对战平台\GameClient.exe
O10 - Unknown file in Winsock LSP: e:\windows\system32\kvwspxp.dll
O10 - Unknown file in Winsock LSP: e:\windows\system32\kvwspxp.dll
O10 - Unknown file in Winsock LSP: e:\windows\system32\kvwspxp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{43B56449-6540-4148-A771-E3BFB915F69D}: NameServer = 211.98.4.1,211.98.2.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5CA85DD-76C4-4CEE-863E-87F542CBA6BA}: NameServer = 211.98.4.1,211.98.2.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{43B56449-6540-4148-A771-E3BFB915F69D}: NameServer = 211.98.4.1,211.98.2.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{43B56449-6540-4148-A771-E3BFB915F69D}: NameServer = 211.98.4.1,211.98.2.4
O23 - Service: kavsvc - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: KVSrvXP - JiangMin New Tech Ltd. - E:\PROGRA~1\KV2005\KVSrvXP.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - E:\WINDOWS\system32\ZONELABS\vsmon.exe

E盘是系统盘啊。。
看上去比我扫描的舒服多了。。
555求助高手中

顶上去

这个东西红桃能看懂

啊眼睛花了!还是等红老大来再看吧!我经验不足!太慢了!
http://www.54master.com/bbs/cgi- ... c=16898&show=50有相关的教程

E:\PROGRA~1\KV2005\KVSrvXP.exe
E:\Program Files\Zone Labs\ZoneAlarm\zlclient.
?二防火墙会不会冲突,启动项中都有,?
O3 - Toolbar: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)完美网译通,以前安装过?
O3 - Toolbar: (no name) - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - (no file
想这样的 (no name)和 (no file)的直接修复,一共有二项.
O3 - Toolbar: &IE修复专家工具栏 - {123249EB-F891-44C4-946F-450064F9080E} - F:\PROGRA~1\IER\IERBar.dll
要这干啥?耗油,还占系统资源,建议卸载,
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
建议到realplay里面设置一下,在软件界面里面关闭更新,上线通知等,直接修复没作用,删除注册表里面的启动项也无效.
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
直接修复.
O23 - Service: kavsvc - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
以前安装过卡巴,好像没作用了,修复吧.
可能的问题:二杀毒软件的冲突,
看hijackthis方法:网上有教程,平时多积累

帮我也看有木马或者病毒没！！不是很懂！！！
谢谢！！
Logfile of HijackThis v1.97.2
Scan saved at :20:14, on 2005-8-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system\rundll32.exe
G:\Program Files\Iparmor\Iparmor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
g:\PROGRA~1\WinRAR\WinRAR.exe
C:\DOCUME~1\BEARFO~1\LOCALS~1\Temp\Rar$EX00.313\HijackThis.exe
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - G:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - G:\PROGRA~1\FLASHGET\FGIEBAR.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iparmor] G:\Program Files\Iparmor\Iparmor.exe mini
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKLM\..\RunOnce: [WBUnins.exe] cmd /c del C:\WINDOWS\WBUnins.exe >NULL
O4 - Startup: NTUSER.DAT
O4 - Startup: NTUSER.DAT.LOG
O4 - Global Startup: ntuser.dat
O4 - Global Startup: ntuser.dat.LOG
O8 - Extra context menu item: 使用网际快车下载 - G:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - G:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://G:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - G:\Program Files\Tencent\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - G:\Program Files\Tencent\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - G:\Program Files\Tencent\SendMMS.htm
O8 - Extra context menu item: 解霸实时播放 - G:\Program Files\Hero3000\MPURLGET.HTM
O9 - Extra button: FlashGet (HKLM)
O9 - Extra ';Tools'; menuitem: &FlashGet (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra ';Tools'; menuitem: Windows Messenger (HKLM)
O14 - IERESET.INF: START_PAGE_URL=about:blank
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://active.macromedia.com/flash2/cabs/swflash.cab

O4 - HKLM\..\RunOnce: [WBUnins.exe] cmd /c del C:\WINDOWS\WBUnins.exe >NULL
?这是楼主安装的五笔的输入法?
好像才安装不久的系统,其他没啥问题

真是厉害，什么都得懂，对了红桃哥，我机子里面的诺顿与金山毒霸2005互相冲突，那个诺顿以前让我卸载了，为何还会有啊。怎么办啊

小行已经解答了,
实际最快的方法,(在没有重要数据需要 保护的情况下.)
用xp安装盘格式化系统,重新安装,
或以前有ghost备份文件,勾一下.