朋友用我电脑上网，发现卡巴不用了，还有时间改成2003年的了....日志在下！高手帮我看看！谢谢！
Logfile of HijackThis v1.99.1
Scan saved at 23:09:23, on 2007-8-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
D:\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
G:\工具\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R3 - Default URLSearchHook is missing
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [kav] "D:\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LiveUpatePower] C:\Program Files\完美卸载V2007 完整版\MyUpdate.exe -PowerOn
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 使用迅雷下载 - D:\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - D:\Thunder Network\Thunder\Program\GetAllUrl.htm
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Web反病毒保护 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: 清理 - {FC5F1910-F130-11DB-BB90-00C04F79FFC0} - D:\完美卸载V2006 完整版\TrackClean.exe (file missing)
O9 - Extra 'Tools' menuitem: 完美卸载嵌入IE清理 - {FC5F1910-F130-11DB-BB90-00C04F79FFC0} - D:\完美卸载V2006 完整版\TrackClean.exe (file missing)
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: 卡巴斯基反病毒6.0 (AVP) - Unknown owner - D:\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)

O8 - 未知 - Extra context menu item: 使用迅雷下载 - D:\Thunder Network\Thunder\Program\GetUrl.htm
O8 - 未知 - Extra context menu item: 使用迅雷下载全部链接 - D:\Thunder Network\Thunder\Program\GetAllUrl.htm
O9 - 未知 - Extra button: 启动迅雷5(HKLM) - D:\Thunder Network\Thunder\Thunder.exe
O16 - 未知 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O23 - 未知 - Service: 624F484B [AD30D7FC] -  - (not running)
O23 - 未知 - Service: AVP [保护计算机远离病毒和间谍软件的威胁。] - "D:\Kaspersky Anti-Virus 6.0\avp.exe" -r - (running)
O23 - 未知 - Service: InterBaseGuardian [Provides automatic startup service for InterBase Server] -  - (not running)
O23 - 未知 - Service: InterBaseServer [Borland InterBase SQL Complaint RDBMS Server] -  - (not running)


O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID：Shell extensions for file compression -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID：加密上下文菜单 -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll -  -  -  - 121344 - db85440d8d5cfede55eab0f44edfb16f
O31 - 未知 - SEApproved: {A70C977A-BF00-412C-90B7-034C51DA2439} - C:\WINDOWS\system32\nvcpl.dll - NVIDIA Corporation - NVIDIA Display Properties Extension - 6.14.10.8412 - 7557120 -
O31 - 未知 - SEApproved: {1CDB2949-8F65-4355-8456-263E7C208A5D} - C:\WINDOWS\system32\nvshell.dll -  -  - 6.14.10.11024 - 466944 - 346defdf50000df8c21b2d7388b77133
O31 - 未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - C:\WINDOWS\system32\nvshell.dll -  -  - 6.14.10.11024 - 466944 - 346defdf50000df8c21b2d7388b77133
O31 - 未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - C:\WINDOWS\system32\nvshell.dll -  -  - 6.14.10.11024 - 466944 - 346defdf50000df8c21b2d7388b77133
O31 - 未知 - SEApproved: 无效的CLSID：Windows木马清道夫 -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - D:\Kaspersky Anti-Virus 6.0\scieplugin.dll - Kaspersky Lab - Script Monitor Internet Explorer plugin - 6.0.0.299 - 184430 - 3f6db09f466b9e4f252549e62a21d6a5
O31 - 未知 - SEApproved: {e82a2d71-5b2f-43a0-97b8-81be15854de8} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
O31 - 未知 - SEApproved: {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
O31 - 未知 - SEApproved: {FFB699E0-306A-11d3-8BD1-00104B6F7516} - C:\WINDOWS\system32\nvcpl.dll - NVIDIA Corporation - NVIDIA Display Properties Extension - 6.14.10.8412 - 7557120 -
O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll -  -  -  - 121344 - db85440d8d5cfede55eab0f44edfb16f
O31 - 未知 - BootExecute: KNative.exe -  -  -  - 0 -
O31 - 未知 - LSA: Security Packages - sv1_0.dll -  -  -  - 0 -
O31 - 未知 - LSA: Security Packages - channel.dll -  -  -  - 0 -

=======================================

O40 - winlogon.exe - Kaspersky Lab - C:\WINDOWS\system32\klogon.dll - Logon Visualizer - 7072750eb5c0f0cd54b48f972855ca61
O40 - Explorer.EXE -  - C:\WINDOWS\system32\uao35txejb.dll -  -
O40 - Explorer.EXE - Kaspersky Lab - D:\Kaspersky Anti-Virus 6.0\shellex.dll - Windows Shell Extension - 62281a8da78c81f4f4695c3de52ba680

=======================================

O41 - CdaC15BA - Macrovision SECURITY Driver - C:\WINDOWS\system32\drivers\CDAC15BA.SYS - (running) - Macrovision SECURITY Driver - Macrovision Europe Ltd - f76cb7259aa575cc53f3996bc6b68c18
O41 - dtscsi - dtscsi - C:\WINDOWS\system32\drivers\dtscsi.sys - (running) -  -  -
O41 - kl1 - Kaspersky Unified Driver - C:\WINDOWS\system32\drivers\kl1.sys - (running) - Kaspersky Unified Driver - Kaspersky Lab - 5445b03cd42dedf5f85b9daf712fdd09
O41 - klif - spuper-ptor - C:\WINDOWS\system32\drivers\klif.sys - (running) - spuper-ptor - Kaspersky Lab - 2985985b39e13643f941b6396fb915dd
O41 - npkcrypt - nProtect KeyCrypt Driver - D:\Tencent\QQ\npkcrypt.sys - (running) - nProtect KeyCrypt Driver - INCA Internet Co., Ltd. - 8bcb281a2540e7aff0cd00f9878fe21f
O41 - PnpWmkDrv - PnpWmkDrv - C:\WINDOWS\system32\drivers\PnpWmkDrv.sys - (running) -  -  - ce5a9ec8892d5dfb09d031f5ad501cac
O41 - PxHelp20 - Px Engine Device Driver for Windows 2000/XP - C:\WINDOWS\system32\drivers\pxhelp20.sys - (running) - Px Engine Device Driver for Windows 2000/XP - Sonic Solutions - b572ed0c3e6165643fa116af20425a54
O41 - rpaov - rpaov - C:\WINDOWS\system32\drivers\rpaov.sys - (running) -  -  -
O41 - RsAntiSpyware - Anti-RootKit Driver - C:\WINDOWS\system32\drivers\RsBoot.sys - (running) - Anti-RootKit Driver - Beijing Rising Technology Co., Ltd. - f9edc97f228c046832a24b5a76017912
O41 - sfdrv01 - StarForce Protection Environment Driver - C:\WINDOWS\system32\drivers\sfdrv01.sys - (running) - StarForce Protection Environment Driver - Protection Technology - 4c0d673281178cb496011a2e28571fc8
O41 - sfhlp02 - StarForce Protection Helper Driver - C:\WINDOWS\system32\drivers\sfhlp02.sys - (running) - StarForce Protection Helper Driver - Protection Technology - 15be2b5e4dc5b8623cf167720682abc9
O41 - sfsync02 - StarForce Protection Synchronization Driver - C:\WINDOWS\system32\drivers\sfsync02.sys - (running) - StarForce Protection Synchronization Driver - Protection Technology - efebbc1d13fdb77a6af4eddfc7232edf
O41 - sfvfs02 - StarForce Protection VFS Driver - C:\WINDOWS\system32\drivers\sfvfs02.sys - (running) - StarForce Protection VFS Driver - Protection Technology - 9ef50060cc7e6953bab83f2a42ccc421
O41 - sptd - sptd - C:\WINDOWS\system32\drivers\sptd.sys - (running) -  -  -
O41 - wz562k6h2n - wz562k6h2n - C:\WINDOWS\system32\drivers\wz562k6h2n.sys - (running) -  -  - 88eb2dcef16e16ed6af7d35a0c64859b
O41 - gwiopm - gwiopm - C:\Program Files\绿色软件\Windows优化大师 V6.3 1009 荒村听雨特别\GWIOPM.SYS - (running) -  -  - ee271c6c56955c42297cd4d524e6fda5
O41 - cdspacex - cdspacex - C:\WINDOWS\system32\DRIVERS\CDSPACEX.sys - (not running) -  -  -
O41 - npkycryp - npkycryp - D:\Tencent\QQ\npkycryp.sys - (not running) -  -  -
O41 - TSP - spuper-ptor - C:\WINDOWS\system32\drivers\klif.sys - (not running) - spuper-ptor - Kaspersky Lab - 2985985b39e13643f941b6396fb915dd
O41 - TwoRabts - TwoRabts - C:\WINDOWS\system32\DRIVERS\TwoRabts.sys - (not running) -  -  -

624F484B 这到底是什么？？删不掉

不会把  老大们 没人帮我哈??