上网的时候 经常会莫名奇妙的弹出诸如以下URL的网页
：
http://registration.memolink.com/index.cfm/campaign/237/affiliate/2/key/3A56161F522FB5E176F6750A0150ABF3/subaffiliate/CD235


http://www.dirtyhippo.com/splash/?mk=dhe_azl&source=handset

http://memberpromotions.com/?cid=GiVJ5fzrwtU&u=9aeeb11e0e6271fb3e531444d7bfaf12&

http://www213.paypopup.com/adsDirected.php?uip=60.178.95.106&clater=0&unsold=0&data=rSe_2%2F%FE%2A-.1%21-%2C%25%24%5D%5Dlkc%5Cf7..%F3kcicS%5C77sX%5CfZUKj_%FEq_ZcY%3B%7B%2B1-0%F3Y%5EhgN5%2B%260%7C%2F1%256%7E%28+ifSk%3BYq%5EqjZ%3B%FD%7DlZd%27&url=http%3A%2F%2Fwww.buycheapadvertising.com%2Fadvert.html%3Furl%3Dhttp%3A%2F%2Fwww.mlsabroad.com

http://certified-safe-downloads.com/AdServer/MemTurbo/Common/landingframe10t.asp?tzaff

http://trafficadmin.net/out/send_out_n_ook.php?ref=81&adl=0&hshr=4f79890&cidtor=70074


还有很多

而且在上网的时候，突然在浏览某个网页的时候会死机，只能通过CTRL+ALT+DEL来结束进程

用HijackThis扫描了一下，得到如下结果：


HijackThis_zww汉化版扫描日志 V1.99.1
保存于      21:30:39, 日期 2005-8-13
操作系统：  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器：    Internet Explorer v6.00 (6.00.2600.0000)

当前运行的进程：         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\KAV2005\KWatch.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\KAV2005\KPfwSvc.EXE
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\KAV2005\KAVPFW.EXE
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis1991汉化版\HijackThis1991zww.exe

O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [KavPFW] "C:\KAV2005\KAVPFW.EXE"
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O17 - HKLM\System\CCS\Services\Tcpip\..\{E44630BE-AEE5-4460-9D4E-CECB44D81782}: NameServer = 202.96.104.17 202.96.104.27
O20 - Winlogon Notify: H323TSP - C:\WINNT\system32\ktjql7151.dll
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - C:\KAV2005\KPfwSvc.EXE
O23 - NT 服务: Kingsoft Antivirus KWatch Service (KWatchSvc) - Kingsoft Corporation - C:\KAV2005\KWatch.EXE
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe

很是麻烦，我是菜鸟，请教各位了，谢谢

谢谢斑竹！

但是很奇怪，删除了
修复O20 - Winlogon Notify: H323TSP - C:\WINNT\system32\ktjql7151.dll
删除:
C:\WINNT\system32\ktjql7151.dll

后再一次用HijackThis

O20 - Winlogon Notify: H323TSP - C:\WINNT\system32\184qpih5184.dll
再修复再删

再用HijackThis扫描一下变成了O20 - Winlogon Notify: H323TSP - C:\WINNT\system32\enj6l11s1.dll
再修复再删


再用HijackThis扫描，又会出现新的
而且一些被劫的症状也没有改变，真是烦恼透顶了？

哪位知道怎么解决的话，告诉一下，谢谢了

问题终于解决了，用 Shredder扫描了一下，原来是look2me这个王八在作祟，fix一下，问题终于解决了！

谢谢sanadayukimura ，以及飞跃迷离 ，花落花又开二个斑竹的帮助

问题解决了，特来告知一下！