请大家帮忙看看我这系统日志.

显示全部楼层 · 发表于 2007-3-29 10:18:30

Logfile of HijackThis v1.99.1
Scan saved at 10:15:50, on 2007-3-29
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\EXPLORER.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wsctf.exe
C:\program files\saming\三茗一键恢复\smmonitor.exe
C:\program files\saming\三茗一键恢复\samingtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\saming\三茗一键恢复\SamingUpdate.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SVOHOST.exe
C:\WINDOWS\system32\conime.exe
F:\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: KAVAntiFishing - {55302805-482E-470E-8A57-6795A1487F90} - C:\KAV2007\KAVAFish.DLL (file missing)
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [KavStart] "C:\KAV2007\KAVStart.exe" -startup
O4 - HKLM\..\Run: [smmonitor] c:\program files\saming\三茗一键恢复\smmonitor.exe
O4 - HKLM\..\Run: [samingtray] c:\program files\saming\三茗一键恢复\samingtray.exe
O4 - HKLM\..\Run: [SoundMam] C:\WINDOWS\system32\SVOHOST.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [wsctf.exe] wsctf.exe
O4 - HKCU\..\Run: [EXPLORER.EXE] EXPLORER.EXE
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\QQ2005\QQ.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用快车(FlashGet)下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &使用快车(FlashGet)下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\QQ2005\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\QQ2005\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\QQ2005\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\QQ2005\SendMMS.htm
O8 - Extra context menu item: 金山毒霸反钓鱼... - C:\KAV2007\KAF\ShowSet.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\QQ2005\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\QQ2005\QQ.EXE
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F293C5FE-E4DE-458B-9B6B-C0D749D25F52}: NameServer = 202.96.134.133,202.96.128.68
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - C:\KAV2007\KPfwSvc.EXE
O23 - Service: Kingsoft Antivirus KWatch Service (KWatchSvc) - Kingsoft Corporation - C:\KAV2007\KWatch.EXE
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

电脑系统还原用不了.还有一些网站也登陆不了.
谢谢大家了

显示全部楼层 · 发表于 2007-3-29 10:38:43

[SoundMam] C:\WINDOWS\system32\SVOHOST.exe
[wsctf.exe] wsctf.exe
[EXPLORER.EXE] EXPLORER.EXE
删除这几个启动项

C:\WINDOWS\system32\SVOHOST.exe
C:\WINDOWS\system32\EXPLORER.EXE
C:\WINDOWS\system32\wsctf.exe
按路径删除这些文件

最后用这个清理

显示全部楼层 · 发表于 2007-3-29 10:40:08

给你个删除工具

显示全部楼层 · 发表于 2007-3-29 18:08:34

谢谢!!

显示全部楼层 · 发表于 2007-3-29 21:43:19

我也收藏了哦！！！

嘻嘻

版主就是好也很厉害

显示全部楼层 · 发表于 2007-3-29 21:53:15

问一下楼主用什么扫的日志

请大家帮忙看看我这系统日志.

本帖子中包含更多资源

本帖子中包含更多资源