KLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run           

+ avast!    avast! service GUI component        d:\program files\alwil software\avast4\ashdisp.exe

+ NvCplDaemon    NVIDIA Display Properties Extension    NVIDIA Corporation    c:\windows\system32\nvcpl.dll

+ Super Rabbit IEPro        Super Rabbit Soft    d:\program files\super rabbit\iepro\sriecli.exe

+ TkBellExe    RealNetworks Scheduler    RealNetworks, Inc.    c:\program files\common files\real\update_ob\realsched.exe

C:\Documents and Settings\Administrator\「开始」菜单\程序\启动           

+ Stardock ObjectDock.lnk    ObjectDock    Stardock    c:\windows\bricopacks\longhorn inspirat\objectdock\objectdock.exe

+ Y'z Toolbar.lnk    ToolBar icon can be changed.    Y'z@Home    c:\windows\bricopacks\longhorn inspirat\yztoolbar\yztoolbar.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run           

+ Super Rabbit IEPro        Super Rabbit Soft    d:\program files\super rabbit\iepro\sriecli.exe

HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components           

+ 0            File not found: About:Home

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ avast    avast! Shell Extension    ALWIL Software    d:\program files\alwil software\avast4\ashshell.dll

+ Desktop Explorer    NVIDIA Desktop Explorer, Version 110.19     NVIDIA Corporation    c:\windows\system32\nvshell.dll

+ Desktop Explorer Menu    NVIDIA Desktop Explorer, Version 110.19     NVIDIA Corporation    c:\windows\system32\nvshell.dll

+ Display Panning CPL Extension            File not found: deskpan.dll

+ NvCpl DesktopContext Class    NVIDIA Display Properties Extension    NVIDIA Corporation    c:\windows\system32\nvcpl.dll

+ nView Desktop Context Menu    NVIDIA Desktop Explorer, Version 110.19     NVIDIA Corporation    c:\windows\system32\nvshell.dll

+ Play on my TV helper    NVIDIA Display Properties Extension    NVIDIA Corporation    c:\windows\system32\nvcpl.dll

+ Shell Extensions for RealOne Player    RealPlayer Shell Extensions    RealNetworks, Inc.    c:\program files\real\realplayer\rpshell.dll

+ WinRAR shell extension            c:\program files\winrar\rarext.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar           

+ kakatool.dll        Beijing Rising Technology Co., Ltd.    c:\windows\system32\kakatool.dll

Task Scheduler           

+ DM_Install_Program.job            c:\documents and settings\administrator\local settings\temp\101366.exe

HKLM\System\CurrentControlSet\Services           

+ aswUpdSv    为 avast! 杀毒软件提供自动更新。        d:\program files\alwil software\avast4\aswupdsv.exe

+ avast! Antivirus    管理并执行本计算机中的 avast! 杀毒服务。包括常驻防护、病毒隔离区和调度器。        d:\program files\alwil software\avast4\ashserv.exe

+ cc    微软公司    TENCENT    c:\windows\cc.exe

+ kavsvc    Kaspersky Anti-Virus Service    Kaspersky Lab    d:\program files\kaspersky lab\kaspersky anti-virus personal\kavsvc.exe

+ NVSvc    Provides system and desktop level support to the NVIDIA display driver    NVIDIA Corporation    c:\windows\system32\nvsvc32.exe

+ Service43055603            c:\windows\lm\services.exe

+ Windows Processdos    Windows Createddos        c:\windows\system32\love.exe

HKLM\System\CurrentControlSet\Services           

+ ADIHdAudAddService    High Definition Audio Function Driver(Release Candidate 1)    Analog Devices, Inc.    c:\windows\system32\drivers\adihdaud.sys

+ AEAudioService    Andrea Audio Noise Cancellation Driver    Andrea Electronics Corporation    c:\windows\system32\drivers\aeaudio.sys

+ EagleNT            File not found: C:\WINDOWS\system32\drivers\EagleNT.sys

+ HdAudAddService    High Definition Audio Function Driver v1.0a    Windows (R) Server 2003 DDK provider    c:\windows\system32\drivers\hdaudio.sys

+ HDAudBus    High Definition Audio Bus Driver v1.0a    Windows (R) Server 2003 DDK provider    c:\windows\system32\drivers\hdaudbus.sys

+ jdy#hook            d:\program files\tiancity\hknm.sys

+ Kl1    Kaspersky Anti-Hacker Only Driver    Kaspersky Lab    c:\windows\system32\drivers\kl1.sys

+ Klif    spuper-ptor    Kaspersky Labs    c:\windows\system32\drivers\klif.sys

+ Klmc    Kaspersky Anti-Virus Mail Checker Proxy    Kaspersky Lab    c:\windows\system32\drivers\klmc.sys

+ MTsensor    ATK0110 ACPI Utility        c:\windows\system32\drivers\asacpi.sys

+ npkcrypt            File not found: D:\Program Files\Tencent\QQ\npkcrypt.sys

+ nv    NVIDIA Compatible Windows 2000 Miniport Driver, Version 82.05     NVIDIA Corporation    c:\windows\system32\drivers\nv4_mini.sys

+ nvata    NVIDIA? nForce(TM) IDE Performance Driver    NVIDIA Corporation    c:\windows\system32\drivers\nvata.sys

+ NVENETFD    NVIDIA Networking Function Driver.    NVIDIA Corporation    c:\windows\system32\drivers\nvenetfd.sys

+ nvnetbus    NVIDIA Networking Bus Driver.    NVIDIA Corporation    c:\windows\system32\drivers\nvnetbus.sys

+ oreans32            c:\windows\system32\drivers\oreans32.sys

+ Ptilink    Direct Parallel Link Driver    Parallel Technologies, Inc.    c:\windows\system32\drivers\ptilink.sys

+ Secdrv    SafeDisc driver        c:\windows\system32\drivers\secdrv.sys

+ SenFiltService    Sensaura WDM 3D Audio Driver    Sensaura    c:\windows\system32\drivers\senfilt.sys

+ SVKP    SVKP driver for NT    AntiCracking    c:\windows\system32\svkp.sys

+ zntport            File not found: C:\WINDOWS\system32\zntport.sys

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors           

+ BJ Language Monitor            File not found: cnbjmon.dll

+ PJL Language Monitor            File not found: pjlmon.dll

我用你那个软件的日志。。帮我看看，老是有2个网站跳出来

ijackThis_zww汉化版扫描日志 V1.99.1
保存于      14:55:55, 日期 2006-8-28
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Super Rabbit\IEPro\SRIECLI.EXE
C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\BricoPacks\Longhorn Inspirat\YzToolBar\YzToolBar.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\lm\services.exe
C:\program files\internet explorer\IEXPLORE.EXE
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\101366.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Skymmstp038.exe
D:\TDdownload\hijackthis_cn_1.99.1.exe
D:\Program Files\外挂\HijackThis1991汉化版\HijackThis1991zww.exe

R3 - 默认的URLSearchHook丢失。用HijackThis修复
F2 - REG:system.ini: UserInit=userinit.exe,
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [Super Rabbit IEPro] D:\Program Files\Super Rabbit\IEPro\SRIECLI.EXE /load
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] D:\Program Files\Super Rabbit\IEPro\SRIECLI.EXE /load
O4 - Startup: desktop.ini
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Longhorn Inspirat\YzToolBar\YzToolBar.exe
O4 - Global Startup: desktop.ini
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB4F4C80-62D9-47BE-BBF3-3AD3A6F08BA8}: NameServer = 202.101.172.46 202.101.172.47
O23 - NT 服务: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - NT 服务: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - NT 服务: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - NT 服务: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - NT 服务: cc - TENCENT - C:\WINDOWS\cc.exe
O23 - NT 服务: kavsvc - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Network Connection43055603 (Service43055603) - Unknown owner - C:\WINDOWS\lm\services.exe
O23 - NT 服务: Windows Createddos (Windows Processdos) - Unknown owner - C:\WINDOWS\system32\love.exe

O23 - NT 服务: cc - TENCENT - C:\WINDOWS\cc.exe

O23 - NT 服务: Windows Createddos (Windows Processdos) - Unknown owner - C:\WINDOWS\system32\love.exe


厉害！！两只鸽子！！

O23 - NT 服务: Network Connection43055603 (Service43055603) - Unknown owner - C:\WINDOWS\lm\services.exe

这项不确定，请将此文件按
http://forum.ikaka.com/topic.asp?board=36&artid=8144360打包发给我。



http://forum.ikaka.com/topic.asp?board=28&artid=5666824
鸽子按这个帖子的方法去处理

c:\documents and settings\administrator\local settings\temp\101366.exe
这个文件，按http://forum.ikaka.com/topic.asp?board=36&artid=8144360，打包发给我

修复所有not found项

就是删除就好？

有问题AUTORUNS项___删除
鸽子你杀掉了吗?
我让你看的帖子看了吗?
http://forum.ikaka.com/topic.asp?board=28&artid=5666824

O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [Super Rabbit IEPro] D:\Program Files\Super Rabbit\IEPro\SRIECLI.EXE /load
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgswitch] C:\WINDOWS\system32\bgswitch.exe
O4 - Startup: desktop.ini
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Longhorn Inspirat\YzToolBar\YzToolBar.exe
O4 - Global Startup: desktop.ini
O4 - Global Startup: IE-Bar.lnk = C:\Program Files\Common Files\IE-Bar\iebar.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - IE右键菜单中的新增项目: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB4F4C80-62D9-47BE-BBF3-3AD3A6F08BA8}: NameServer = 202.101.172.46 202.101.172.47
O21 - SSODL: DelayRun - {5A6F2F95-3191-433B-8533-EB0B596A7BAC} - C:\WINDOWS\455d8100.dll
O23 - NT 服务: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - NT 服务: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - NT 服务: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - NT 服务: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - NT 服务: kavsvc - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Network Connection43055603 (Service43055603) - Unknown owner - C:\WINDOWS\lm\services.exe (file missing)
O23 - NT 服务: Windows Createddos (Windows Processdos) - Unknown owner - C:\WINDOWS\system32\love.exe (file missing)