载软件时被黑，时有广告网页弹出，异常气愤！诺顿监控不断发现流氓广告软件，请教各位大虾如何去除？日志如下：
ogfile of Kaka v2. 0. 0. 9 Scan Module v2. 0. 0. 1
Scan saved at 17:35:06, on 2006-10-08
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


Running processes:
[smss.exe]
CommandLine =

[csrss.exe]
CommandLine = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

[winlogon.exe]
CommandLine = winlogon.exe

[services.exe]
CommandLine = C:\WINDOWS\system32\services.exe

[lsass.exe]
CommandLine = C:\WINDOWS\system32\lsass.exe

[ibmpmsvc.exe]
CommandLine = C:\WINDOWS\system32\ibmpmsvc.exe

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost -k DcomLaunch

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost -k rpcss

[svchost.exe]
CommandLine = C:\WINDOWS\System32\svchost.exe -k netsvcs

[EvtEng.exe]
CommandLine = "C:\Program Files\Intel\Wireless\Bin\EvtEng.exe"

[S24EvMon.exe]
CommandLine = "C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe"

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost.exe -k NetworkService

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost.exe -k LocalService

[ccProxy.exe]
CommandLine = "c:\Program Files\Common Files\Symantec Shared\ccProxy.exe"

[ccSetMgr.exe]
CommandLine = "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"

[ISSVC.exe]
CommandLine = "c:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe"

[SNDSrvc.exe]
CommandLine = "c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"

[ccEvtMgr.exe]
CommandLine = "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"

[spoolsv.exe]
CommandLine = C:\WINDOWS\system32\spoolsv.exe

[IPSSVC.EXE]
CommandLine = C:\WINDOWS\system32\IPSSVC.EXE

[AcPrfMgrSvc.exe]
CommandLine = "C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe"

[svchost.exe]
CommandLine = C:\WINDOWS\System32\svchost.exe -k aspwstate

[DefWatch.exe]
CommandLine = "c:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe"

[DkService.exe]
CommandLine = "C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe"

[MDM.EXE]
CommandLine = "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"

[svchost.exe]
CommandLine = C:\WINDOWS\System32\svchost.exe -k NFSWZCSVC

[winlogon.exe]
CommandLine = c:\windows\system32\wbem\winlogon.exe

[RegSrvc.exe]
CommandLine = "C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe"

[Rtvscan.exe]
CommandLine = "c:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe"

[SymSPort.exe]
CommandLine = "c:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe"

[TPHDEXLG.exe]
CommandLine = System32\TPHDEXLG.EXE

[TpKmpSvc.exe]
CommandLine = C:\WINDOWS\system32\TpKmpSVC.exe

[ibmtcsd.exe]
CommandLine = "C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe"

[rrservice.exe]
CommandLine = "C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe"

[tvtsched.exe]
CommandLine = "C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe"

[UCLauncherService.exe]
CommandLine = "C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe"

[wdfmgr.exe]
CommandLine = C:\WINDOWS\system32\wdfmgr.exe

[AcSvc.exe]
CommandLine = "C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe"

[alg.exe]
CommandLine = C:\WINDOWS\System32\alg.exe

[logmon.exe]
CommandLine = "C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe"

[explorer.exe]
CommandLine = C:\WINDOWS\Explorer.EXE

[hkcmd.exe]
CommandLine = "C:\WINDOWS\system32\hkcmd.exe"

[LPMGR.EXE]
CommandLine = "C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe"

[Amsg.exe]
CommandLine = "C:\PROGRA~1\THINKV~1\AMSG\amsg.exe"

[cssauth.exe]
CommandLine = "C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe" silent

[pdservice.exe]
CommandLine = "C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe"

[ccApp.exe]
CommandLine = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

[VPTray.exe]
CommandLine = "C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe"

[ctfmon.exe]
CommandLine = "C:\WINDOWS\system32\ctfmon.exe"

[msmsgs.exe]
CommandLine = "C:\Program Files\Messenger\msmsgs.exe" /background

[pwmgr.exe]
CommandLine = "C:\Program Files\IBM ThinkVantage\Client Security Solution\pwmgr.exe"

[IEXPLORE.EXE]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding

[TIMPlatform.exe]
CommandLine = "C:\Program Files\Tencent\QQ\TIMPlatform.exe" -Embedding

[QQ.exe]
CommandLine = "C:\Program Files\Tencent\QQ\QQ.exe"

[IEXPLORE.EXE]
CommandLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE"

[POWERPNT.EXE]
CommandLine = "C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE" "C:\Documents and Settings\ibm\桌面\新娘网\中国新娘网运营规划（20060918）.ppt"

[IEXPLORE.EXE]
CommandLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE"

[notepad.exe]
CommandLine = "C:\WINDOWS\system32\NOTEPAD.EXE" C:\Documents and Settings\ibm\桌面\病毒网址.txt

[KkScan.exe]
CommandLine = "C:\Program Files\Rising\KakaToolBar\KkScan.exe"

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,default_page_url=http://securityresponse.symantec.com/avcenter/fix_homepage/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page=http://securityresponse.symantec.com/avcenter/fix_homepage/
O1 - Hosts: 127.0.0.1 localhost
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~1\AMSG\amsg.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] c:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - Startup: desktop.ini =
O4 - Global Startup: desktop.ini =
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm

O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\cdnns.dll
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/cn/zh/
O16 - DPF: {43E839C5-E10F-443A-BC1F-F09CFD2ABC77} (updatePanelX Control) - http://www.uusee.com/player/updateC.cab
O18 - Filter : application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll
O18 - Filter : application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll
O18 - Filter : application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll"
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O20 - Winlogon Notify: ACNotify
O20 - Winlogon Notify: igfxcui
O20 - Winlogon Notify: NavLogon
O20 - Winlogon Notify: tpfnf2
O20 - Winlogon Notify: tphotkey
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Intranet Messenger (BUZOR) - - C:\WINDOWS\system32\rundll.exe c:\windows\system32\wbem\smtpconfs.dll,export 1087
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - "c:\Program Files\Common Files\Symantec Shared\ccProxy.exe"
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - "c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - "c:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe"
O23 - Service: Diskeeper (Diskeeper) - Diskeeper Corporation - "C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe"
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Human Interface Device Access (HidServ) - - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: ThinkPad PM Service (IBMPMSVC) - - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
O23 - Service: Indexing Manager (Indtry) - - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: IPS 核心服务 (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\ipssvc.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - "c:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe"
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - - C:\WINDOWS\system32\psasrv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - "c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe"
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - "c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - "c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"
O23 - Service: Symantec AntiVirus (Symantec AntiVirus) - Symantec Corporation - "c:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe"
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - "c:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe"
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\system32\tphdexlg.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - - C:\WINDOWS\system32\tpkmpsvc.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - "C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe"
O23 - Service: TVT Backup Service (TVT Backup Service) - - "C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe"
O23 - Service: TVT Scheduler (TVT Scheduler) - - "C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe"
O23 - Service: ThinkVantage System Update (UCLauncherService) - - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe