咔咔日志扫描

Logfile of Kaka v2. 0. 0. 5 Scan Module v2. 0. 0. 1
Scan saved at 12:22:44, on 2006-01-06
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


Running processes:
[smss.exe]
CommandLine =

[csrss.exe]
CommandLine = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

[winlogon.exe]
CommandLine = winlogon.exe

[SERVICES.EXE]
CommandLine = C:\WINDOWS\system32\services.exe

[LSASS.EXE]
CommandLine = C:\WINDOWS\system32\lsass.exe

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k DcomLaunch

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k rpcss

[CCenter.exe]
CommandLine = "D:\Rising\Rising\Rav\CCenter.exe"

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k netsvcs

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost.exe -k NetworkService

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost.exe -k LocalService

[RavMonD.exe]
CommandLine = "D:\Rising\Rising\Rav\Ravmond.exe"

[rfwsrv.exe]
CommandLine = d:\rising\rising\rfw\rfwsrv.exe

[LEXBCES.EXE]
CommandLine = C:\WINDOWS\system32\LEXBCES.EXE

[LEXPPS.EXE]
CommandLine = LEXPPS.EXE

[spoolsv.exe]
CommandLine = C:\WINDOWS\system32\spoolsv.exe

[RavStub.exe]
CommandLine = D:\Rising\Rising\Rav\RavStub.exe /RAVMOND

[EXPLORER.EXE]
CommandLine = C:\WINDOWS\Explorer.EXE

[RFWMAIN.EXE]
CommandLine =  -StartUp

[SOUNDMAN.EXE]
CommandLine = "C:\WINDOWS\SOUNDMAN.EXE"

[RavTask.exe]
CommandLine = "D:\RISING\RISING\RAV\RAVTASK.EXE" -SYSTEM

[RavMon.exe]
CommandLine = "D:\Rising\Rising\Rav\Ravmon.exe" -SYSTEM

[CTFMON.EXE]
CommandLine = "C:\WINDOWS\system32\ctfmon.exe"

[RsAgent.exe]
CommandLine = "D:\Rising\Rising\Rav\RsAgent.exe"

[AGENTSVR.EXE]
CommandLine = C:\WINDOWS\msagent\AgentSvr.exe -Embedding

[alg.exe]
CommandLine = C:\WINDOWS\System32\alg.exe

[QQ.EXE]
CommandLine = D:\qq2005正式版\qq\QQ.exe

[TIMPlatform.exe]
CommandLine = D:\qq2005正式版\qq\TIMPlatform.exe -Embedding

[QQ.EXE]
CommandLine = D:\qq2005正式版\qq\QQ.exe

[iexplore.exe]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe" http://www.ikaka.com/

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost.exe -k imgsvc

[iexplore.exe]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe"

[KkScan.exe]
CommandLine = "D:\kaka\KkScan.exe"

R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)

O1 - Hosts: 127.0.0.1  localhost
O1 - Hosts: 127.0.0.1      www.139cn.com
O1 - Hosts: 127.0.0.1      www.7liao.com
O1 - Hosts: 127.0.0.1      chat.51liao.net
O1 - Hosts: 127.0.0.1      www.51liao.net
O1 - Hosts: 127.0.0.1      www.7liao.net
O1 - Hosts: 127.0.0.1      www.6see.com
O1 - Hosts: 127.0.0.1      bliao.com
O1 - Hosts: 127.0.0.1      www.bliao.com
O1 - Hosts: 127.0.0.1      www.hao222.net
O1 - Hosts: 127.0.0.1      www.hao222.com
O1 - Hosts: 127.0.0.1      www.v111.com
O1 - Hosts: 127.0.0.1      music.v111.com
O1 - Hosts: 127.0.0.1      www.qq165.com
O1 - Hosts: 127.0.0.1      www.xicu.com
O1 - Hosts: 127.0.0.1      www.haodx.com
O1 - Hosts: 127.0.0.1      www.haohz.com
O1 - Hosts: 127.0.0.1      www.265.com
O1 - Hosts: 127.0.0.1      www.dj99.com
O1 - Hosts: 127.0.0.1      www.dj99.net
O1 - Hosts: 127.0.0.1      265.com
O1 - Hosts: 127.0.0.1      www.yqdj.com
O1 - Hosts: 127.0.0.1      www.qq530.com
O1 - Hosts: 127.0.0.1      www.tt67.com
O1 - Hosts: 127.0.0.1      ad.t2t2.com
O1 - Hosts: 127.0.0.1      www.yexr.com
O1 - Hosts: 127.0.0.1      chat.9see.com
O1 - Hosts: 127.0.0.1      www.ok816.com
O1 - Hosts: 127.0.0.1      www.3399.net
O1 - Hosts: 127.0.0.1      www.ads8.com
O1 - Hosts: 127.0.0.1      www.5566.net
O1 - Hosts: 127.0.0.1      www.t2t2.com
O1 - Hosts: 127.0.0.1      popad.qq.com
O1 - Hosts: 127.0.0.1      v.jsdownload.com
O1 - Hosts: 127.0.0.1      www.linktoad.com
O1 - Hosts: 127.0.0.1      club.homeway.com.cn
O1 - Hosts: 127.0.0.1      sms1.ctn.com.cn
O1 - Hosts: 127.0.0.1      sms2.ctn.com.cn
O1 - Hosts: 127.0.0.1      sms3.ctn.com.cn
O1 - Hosts: 127.0.0.1      www.331122.com
O1 - Hosts: 127.0.0.1      mmpic.uni.cc
O1 - Hosts: 127.0.0.1      www.love34.com
O1 - Hosts: 127.0.0.1      www.free-movie.org
O1 - Hosts: 127.0.0.1      www.skyhits.com
O1 - Hosts: 127.0.0.1      www.rd18.com
O1 - Hosts: 127.0.0.1      tadsweb.tencent.com
O1 - Hosts: 127.0.0.1      www.vlike.com
O1 - Hosts: 127.0.0.1      www.chinasee.net
O1 - Hosts: 127.0.0.1      www.japansky.net
O1 - Hosts: 127.0.0.1      www.3721.com
O1 - Hosts: 127.0.0.1      cnsmin.3721.com
O1 - Hosts: 127.0.0.1      download.3721.com
O1 - Hosts: 127.0.0.1      union.3721.com
O1 - Hosts: 127.0.0.1      3721.net
O1 - Hosts: 127.0.0.1      address.3721.com
O1 - Hosts: 127.0.0.1      assistant.3721.com
O1 - Hosts: 127.0.0.1      www.225.com.cn
O1 - Hosts: 127.0.0.1      ads.china.com
O1 - Hosts: 127.0.0.1      www.yes521.com
O1 - Hosts: 127.0.0.1      www.today6.com
O1 - Hosts: 127.0.0.1      www.h2004.com
O1 - Hosts: 127.0.0.1      www.movie4.com
O1 - Hosts: 127.0.0.1      www.rm88.com
O1 - Hosts: 127.0.0.1      www.qq300.com
O1 - Hosts: 127.0.0.1      www.qq500.com
O1 - Hosts: 127.0.0.1      www.av126.com
O1 - Hosts: 127.0.0.1      www.kissmm.com
O1 - Hosts: 127.0.0.1      www.cn808.net
O1 - Hosts: 127.0.0.1      www.hao168.com
O1 - Hosts: 127.0.0.1      www.mm91.com
O1 - Hosts: 127.0.0.1      www.huole.com
O1 - Hosts: 127.0.0.1      www.kan69.com
O1 - Hosts: 127.0.0.1      ulinkdir.tom.com
O1 - Hosts: 127.0.0.1      cpc.sohu.com
O1 - Hosts: 127.0.0.1      images.sohu.com
O1 - Hosts: 127.0.0.1      adv.pconline.com.cn
O1 - Hosts: 127.0.0.1      goto.sohu.com
O1 - Hosts: 127.0.0.1      images2.sohu.com
O1 - Hosts: 127.0.0.1      www.sexy-books.com
O1 - Hosts: 127.0.0.1      www.xxbooks.com
O1 - Hosts: 127.0.0.1    www.18it.com
O1 - Hosts: 127.0.0.1      www.cnxxx.com
O1 - Hosts: 127.0.0.1      www.18-girl.net
O1 - Hosts: 127.0.0.1      ad.tom.com
O1 - Hosts: 127.0.0.1      ad4.sina.com.cn
O1 - Hosts: 127.0.0.1      sina.allyes.com
O1 - Hosts: 127.0.0.1      adtaobao.allyes.com
O1 - Hosts: 127.0.0.1      smarttrade.allyes.com
O1 - Hosts: 127.0.0.1      tom.allyes.com
O1 - Hosts: 127.0.0.1      szwindow.allyes.com
O1 - Hosts: 127.0.0.1      eachnetmember.allyes.com
O1 - Hosts: 127.0.0.1      iplus.allyes.com
O1 - Hosts: 127.0.0.1      sinatest.allyes.com
O1 - Hosts: 127.0.0.1      casting9.allyes.com
O1 - Hosts: 127.0.0.1      yinsha.allyes.com
O1 - Hosts: 127.0.0.1      stockstar.allyes.com
O1 - Hosts: 127.0.0.1      www.001x.com
O1 - Hosts: 127.0.0.1      www.hksexweb.com
O1 - Hosts: 127.0.0.1      www.99adultx.com
O1 - Hosts: 127.0.0.1      www2.xfreehosting.com
O1 - Hosts: 127.0.0.1    www1.xfreehosting.com
O1 - Hosts: 127.0.0.1      www.w555.net
O1 - Hosts: 127.0.0.1      www.excitecity.com
O1 - Hosts: 127.0.0.1      www.0xing.com
O1 - Hosts: 127.0.0.1      sba.3322.net
O1 - Hosts: 127.0.0.1      www.zgxl.net
O1 - Hosts: 127.0.0.1      www.qqpic.com
O1 - Hosts: 127.0.0.1      webspacecn.com
O1 - Hosts: 127.0.0.1      www.yeapple.com
O1 - Hosts: 127.0.0.1      manage.link8.com
O1 - Hosts: 127.0.0.1      www.web888.org
O1 - Hosts: 127.0.0.1      www.432.cn
O1 - Hosts: 127.0.0.1      www.kan123.com
O1 - Hosts: 127.0.0.1      www.3tom.com
O1 - Hosts: 127.0.0.1      www.sotop.com
O1 - Hosts: 127.0.0.1      www3.7789.com
O1 - Hosts: 127.0.0.1      www.66036.com
O1 - Hosts: 127.0.0.1      www1.66036.com
O1 - Hosts: 127.0.0.1      www2.66036.com
O1 - Hosts: 127.0.0.1      www3.66036.com
O1 - Hosts: 127.0.0.1      www4.66036.com
O1 - Hosts: 127.0.0.1      www5.66036.com
O1 - Hosts: 127.0.0.1      www6.66036.com
O1 - Hosts: 127.0.0.1      www7.66036.com
O1 - Hosts: 127.0.0.1      www8.66036.com
O1 - Hosts: 127.0.0.1      www9.66036.com
O1 - Hosts: 127.0.0.1      www10.66036.com
O1 - Hosts: 127.0.0.1      tj4.7789.com
O1 - Hosts: 127.0.0.1      tj5.7789.com
O1 - Hosts: 127.0.0.1      tj6.7789.com
O1 - Hosts: 127.0.0.1      tj7.7789.com
O1 - Hosts: 127.0.0.1      www.7789.com
O1 - Hosts: 127.0.0.1      count.zhao123.com
O1 - Hosts: 127.0.0.1      count1.zhao123.com
O1 - Hosts: 127.0.0.1      count2.zhao123.com
O1 - Hosts: 127.0.0.1      count3.zhao123.com
O1 - Hosts: 127.0.0.1      count4.zhaocount.com
O1 - Hosts: 127.0.0.1      count5.zhaocount.com
O1 - Hosts: 127.0.0.1      count6.zhaocount.com
O1 - Hosts: 127.0.0.1      count7.zhaocount.com
O1 - Hosts: 127.0.0.1      count8.zhaocount.com
O1 - Hosts: 127.0.0.1      count9.zhaocount.com
O1 - Hosts: 127.0.0.1      count10.zhaocount.com
O1 - Hosts: 127.0.0.1      count11.zhaocount.com
O1 - Hosts: 127.0.0.1      tj1.mytongji.com
O1 - Hosts: 127.0.0.1      count1.99count.com
O1 - Hosts: 127.0.0.1      www.99count.com
O1 - Hosts: 127.0.0.1      bar.baidu.com
O1 - Hosts: 127.0.0.1      www2.7789.com
O1 - Hosts: 127.0.0.1      www.guang.org
O1 - Hosts: 127.0.0.1      www.dlmovie.com
O1 - Hosts: 127.0.0.1      www.91look.com
O1 - Hosts: 127.0.0.1      www.kan51.com
O1 - Hosts: 127.0.0.1      www.mewo.com
O1 - Hosts: 127.0.0.1      coolsite21.com
O1 - Hosts: 127.0.0.1      www.t3j4.com
O1 - Hosts: 127.0.0.1      www.yun8.com
O1 - Hosts: 127.0.0.1      film.yun8.com
O1 - Hosts: 127.0.0.1      www.wo123.com
O1 - Hosts: 127.0.0.1      www.da123.com
O1 - Hosts: 127.0.0.1      www.huole.com
O1 - Hosts: 127.0.0.1      www.1ya.cn
O1 - Hosts: 127.0.0.1      www.sleazydream.com
O1 - Hosts: 127.0.0.1      www.easypic2.com

O1 - Hosts: 127.0.0.1      serv.sexushost.com
O1 - Hosts: 127.0.0.1      www.xfreehosting.com
O1 - Hosts: 127.0.0.1      www.888txt.com
O1 - Hosts: 127.0.0.1      asiafriendfinder.com
O1 - Hosts: 127.0.0.1      www3.cool168.com
O1 - Hosts: 127.0.0.1      www2.cool168.com
O1 - Hosts: 127.0.0.1      www1.cool168.com
O1 - Hosts: 127.0.0.1      www.happy8.cn
O1 - Hosts: 127.0.0.1      www.topsex2k.com
O1 - Hosts: 127.0.0.1      topxxx.sexushost.com
O1 - Hosts: 127.0.0.1      www.cool168.com
O1 - Hosts: 127.0.0.1      www.s6.cn
O1 - Hosts: 127.0.0.1      popme.163.com
O1 - Hosts: 127.0.0.1      adclient.163.com
O1 - Hosts: 127.0.0.1      fadama.com
O1 - Hosts: 127.0.0.1      www.66vv.com
O1 - Hosts: 127.0.0.1      www.qqee.com
O1 - Hosts: 127.0.0.1      www.sohu123.com
O1 - Hosts: 127.0.0.1      www.xgmm.com
O1 - Hosts: 127.0.0.1      www.7t7t.com
O1 - Hosts: 127.0.0.1      www.cnimg.com
O1 - Hosts: 127.0.0.1      www.love34.com
O1 - Hosts: 127.0.0.1      cdn2.cnnic.cn
O1 - Hosts: 127.0.0.1      cool.vv66.com
O1 - Hosts: 127.0.0.1      www.vv66.com
O1 - Hosts: 127.0.0.1      www.freepicturepage.com
O1 - Hosts: 127.0.0.1      www.snasty.com
O1 - Hosts: 127.0.0.1      www.yourcage.com
O1 - Hosts: 127.0.0.1      www.shagadelic.com
O1 - Hosts: 127.0.0.1      hualiao.net
O1 - Hosts: 127.0.0.1      www.qq163.com
O1 - Hosts: 127.0.0.1      www.qq163.net
O1 - Hosts: 127.0.0.1      www.superdown.com
O1 - Hosts: 127.0.0.1      web.114.com.cn
O1 - Hosts: 127.0.0.1      www.114.com.cn
O1 - Hosts: 127.0.0.1      9see.com
O1 - Hosts: 127.0.0.1      www.91f.cn
O1 - Hosts: 127.0.0.1      wwww.tthao.com
O1 - Hosts: 127.0.0.1      www.91f.org
O1 - Hosts: 127.0.0.1      www.v23.com
O1 - Hosts: 127.0.0.1      cn.yimg.com
O1 - Hosts: 127.0.0.1      auto.search.msn.com
O1 - Hosts: 127.0.0.1      x2.51link.com
O1 - Hosts: 127.0.0.1      x1.51link.com
O1 - Hosts: 127.0.0.1      www.textlink.cn
O1 - Hosts: 127.0.0.1      stat.textclick.com
O1 - Hosts: 127.0.0.1      www.easyhere.com
O1 - Hosts: 127.0.0.1      www.xxx168.com
O1 - Hosts: 127.0.0.1      ally.263.net
O1 - Hosts: 127.0.0.1      www.hualiao.net
O1 - Hosts: 127.0.0.1      www.xchina.com
O1 - Hosts: 127.0.0.1      www.sex.com
O1 - Hosts: 127.0.0.1      www.3xcn.com
O1 - Hosts: 127.0.0.1      www.20girl.com
O1 - Hosts: 127.0.0.1      www.x365x.com
O1 - Hosts: 127.0.0.1      chat.263.net
O1 - Hosts: 127.0.0.1      chat.yinsha.com
O1 - Hosts: 127.0.0.1      chat.tom.com
O1 - Hosts: 127.0.0.1      chat.xilu.com
O1 - Hosts: 127.0.0.1      www.aliao.com
O1 - Hosts: 127.0.0.1      chat.163.com
O1 - Hosts: 127.0.0.1      www.haoliao.com
O1 - Hosts: 127.0.0.1      www.liaoliao.com
O1 - Hosts: 127.0.0.1      www.haoliao.net
O1 - Hosts: 127.0.0.1      www.haoliao.cn
O1 - Hosts: 127.0.0.1      www.qqliao.com
O1 - Hosts: 127.0.0.1      www.qliao.com
O1 - Hosts: 127.0.0.1      www.loveliao.com
O1 - Hosts: 127.0.0.1      www.mmliao.com
O1 - Hosts: 127.0.0.1      mmliao.com
O1 - Hosts: 127.0.0.1      aliao.com
O1 - Hosts: 127.0.0.1      liaoliao.com
O1 - Hosts: 127.0.0.1      chat.qq.com
O1 - Hosts: 127.0.0.1      vchat.xaonline.com
O1 - Hosts: 127.0.0.1      www.loveliao.net
O1 - Hosts: 127.0.0.1      loveliao.net
O1 - Hosts: 127.0.0.1      www.chinamp3.com
O1 - Hosts: 127.0.0.1      www.9sky.com
O1 - Hosts: 127.0.0.1      www.sogua.com
O1 - Hosts: 127.0.0.1      sogua.com
O1 - Hosts: 127.0.0.1      www.99music.net
O1 - Hosts: 127.0.0.1      www.yzskdj.com
O1 - Hosts: 127.0.0.1      loveliao.com
O1 - Hosts: 127.0.0.1      haoliao.com
O1 - Hosts: 127.0.0.1      music.feifa.com
O1 - Hosts: 127.0.0.1      www.aisex.com
O1 - Hosts: 127.0.0.1      www.movie-down.com
O1 - Hosts: 127.0.0.1      www2.movie-down.com
O1 - Hosts: 127.0.0.1      movie-down.com
O1 - Hosts: 127.0.0.1      www.tt90.com
O1 - Hosts: 127.0.0.1      www.tt78.com
O1 - Hosts: 127.0.0.1      www.tiankong.net
O1 - Hosts: 127.0.0.1      tiankong.net
O1 - Hosts: 127.0.0.1      www.qqchat.cn
O1 - Hosts: 127.0.0.1      www.yymp3.com
O1 - Hosts: 127.0.0.1      www.9see.com
O1 - Hosts: 127.0.0.1      www.woliao.net
O1 - Hosts: 127.0.0.1      www.woliao.com
O1 - Hosts: 127.0.0.1      www.kuro.com.cn
O1 - Hosts: 127.0.0.1      www.qq163.com
O1 - Hosts: 127.0.0.1      www.wangzhiku.com
O1 - Hosts: 127.0.0.1 　　 localhost
O1 - Hosts: 127.0.0.1 　  www.qq3344.com      # 包含qq病毒
O1 - Hosts: 127.0.0.1 　  www.dj3344.com 　　　# qq病毒
O1 - Hosts: 127.0.0.1 　  www.qq3344.com 　　　# qq病毒
O1 - Hosts: 127.0.0.1 　  www.yysky.net 　　　 # qq病毒
O1 - Hosts: 127.0.0.1 　  www.cnqb.net 　　　　# 禁止你的注册表，改首页，改右键
O1 - Hosts: 127.0.0.1 　  hothack.home.chinaren.com
O1 - Hosts: 127.0.0.1 　  www.777888.com
O1 - Hosts: 127.0.0.1 　  www.5dsoft.com
O1 - Hosts: 127.0.0.1 　  www.wokoo.net
O1 - Hosts: 127.0.0.1 　　 movie.sx.zj.cn
O1 - Hosts: 127.0.0.1 　　 xyxy68.8u8.net
O1 - Hosts: 127.0.0.1 　  www.youmiss.com
O1 - Hosts: 127.0.0.1 　　 www.cctv8.net
O1 - Hosts: 127.0.0.1 　　 www.kuliao.com
O1 - Hosts: 127.0.0.1 　　 www.yyqy.com
O1 - Hosts: 127.0.0.1 　　 www.sunvod.com
O1 - Hosts: 127.0.0.1 　　 www.t168.com
O1 - Hosts: 127.0.0.1 　　 www.wokoo.net
O1 - Hosts: 127.0.0.1 　　 www.coolcdrom.com  # 要特别小心这个网站，它会在你启动组里做手脚

O1 - Hosts: 127.0.0.1 　　 www.zhengdian.com
O1 - Hosts: 127.0.0.1 　　 girlchinese.com 　　# 修改ie主页
O1 - Hosts: 127.0.0.1 　　 www.girl008.com
O1 - Hosts: 127.0.0.1 　　 xajh.15888.net
O1 - Hosts: 127.0.0.1 　　 www.51bug.com
O1 - Hosts: 127.0.0.1 　　 www.wplune.com
O1 - Hosts: 127.0.0.1 　　 www.777888.net
O1 - Hosts: 127.0.0.1 　　 pollen.my001.net
O1 - Hosts: 127.0.0.1 　　 www.yule21.com
O1 - Hosts: 127.0.0.1 　　 www.fish3000.com
O1 - Hosts: 127.0.0.1 　　 www.kuliao.com
O1 - Hosts: 127.0.0.1 　　 www.666e.com
O1 - Hosts: 127.0.0.1 　　 qm.8ok.com
O1 - Hosts: 127.0.0.1 　　 www.guosir.ccoo.com
O1 - Hosts: 127.0.0.1 　　 www.163mm.com
O1 - Hosts: 127.0.0.1 　　 www.cnooo.com
O1 - Hosts: 127.0.0.1 　　 www.es158.com
O1 - Hosts: 127.0.0.1 　　 www.aisa-girl.net
O1 - Hosts: 127.0.0.1 　　 www.boliwu.com
O1 - Hosts: 127.0.0.1 　　 www.cctv8.net
O1 - Hosts: 127.0.0.1 　　 www.89005.com
O1 - Hosts: 127.0.0.1 　　 www.cctv1.net
O1 - Hosts: 127.0.0.1 　　 www.play.cn.gs 　# 要特别小心这个网站。
O1 - Hosts: 127.0.0.1 　　 newyouth.3322.net
O1 - Hosts: 127.0.0.1 　　 chinabdkx.363.net
O1 - Hosts: 127.0.0.1 　　 www.zknew.com
O1 - Hosts: 127.0.0.1 　　 www.dhchao.com
O1 - Hosts: 127.0.0.1 　　 www.top666.net
O1 - Hosts: 127.0.0.1 　　 www.amoisonic.com
O1 - Hosts: 127.0.0.1 　　 www.markguide.com
O1 - Hosts: 127.0.0.1　　  www.xyxc.ccoo.com
O1 - Hosts: 127.0.0.1 　　 www.flyingwalk.com
O1 - Hosts: 127.0.0.1 　　 www.yezine.net
O1 - Hosts: 127.0.0.1 　　 www.mmgirls.com
O1 - Hosts: 127.0.0.1 　　 www.wa***.net
O1 - Hosts: 127.0.0.1 　　 www.net5w.com
O1 - Hosts: 127.0.0.1 　　 www.fbstu.com
O1 - Hosts: 127.0.0.1 　　 www.qlwl.com
O1 - Hosts: 127.0.0.1 　　 www.yibinren.com  # 更可怕，把ie的默认页都改成他的了
O1 - Hosts: 127.0.0.1 　　 www.yinshang.com
O1 - Hosts: 127.0.0.1 　　 www.ncunet.com
O1 - Hosts: 127.0.0.1 　　 www.555666.net
O1 - Hosts: 127.0.0.1 　　 www.fm1058.cc
O1 - Hosts: 127.0.0.1 　　 meim.y365.com
O1 - Hosts: 127.0.0.1 　　 www.qq520.net
O1 - Hosts: 127.0.0.1 　　 jjkafei.longcity.net
O1 - Hosts: 127.0.0.1 　　 chow.yesky.net
O1 - Hosts: 127.0.0.1 　　 oicq.hk.st
O1 - Hosts: 127.0.0.1 　　 www.my288.com
O1 - Hosts: 127.0.0.1 　　 www.youmiss.com
O1 - Hosts: 127.0.0.1 　　 www.laws-online.net
O1 - Hosts: 127.0.0.1 　　 www.hj168.net
O1 - Hosts: 127.0.0.1 　　 16888.6to23.com
O1 - Hosts: 127.0.0.1 　　 www.love520.net
O1 - Hosts: 127.0.0.1 　　 www.qq520.com
O1 - Hosts: 127.0.0.1 　　 www.mmgirls.com
O1 - Hosts: 127.0.0.1 　　 www.555666.net
O1 - Hosts: 127.0.0.1 　　 www.ezhgc.com
O1 - Hosts: 127.0.0.1 　　 www.ezhgc.com
O1 - Hosts: 127.0.0.1 　　 www.eastedu.com.cn
O1 - Hosts: 127.0.0.1 　　 www.435000.com
O1 - Hosts: 127.0.0.1 　　 sdik.8ok.net
O1 - Hosts: 127.0.0.1 　　 feiying.coolwww.net
O1 - Hosts: 127.0.0.1 　　 zhongxuesheng.myrice.com
O1 - Hosts: 127.0.0.1　　  www.laws-online.net
O1 - Hosts: 127.0.0.1 　　 www.youmiss.com
O1 - Hosts: 127.0.0.1　　  www.my288.com
O1 - Hosts: 127.0.0.1 　　 www.yes9999.com 　　
O1 - Hosts: 127.0.0.1      www.nnptt.com
O1 - Hosts: 127.0.0.1 　　 vod.hengshui.com
O1 - Hosts: 127.0.0.1 　　 tv.megajoy.com
O1 - Hosts: 127.0.0.1 　　 www.h444.net 　　# 包含trojan.qqwebaut.a及其变种trojan.qqwebaut
O1 - Hosts: 127.0.0.1 　　 update.myxq.com
O1 - Hosts: 127.0.0.1 　　 www.qq168.net 　
O1 - Hosts: 127.0.0.1 　　 www.777888.com 　
O1 - Hosts: 127.0.0.1　　  www.5dsoft.com 　
O1 - Hosts: 127.0.0.1 　　 www.wokoo.net
O1 - Hosts: 127.0.0.1　　  movie.sx.zj.cn 　　
O1 - Hosts: 127.0.0.1 　　 www.yeapple.com 　 # 黄色网站。都是垃圾，恶意代码不少
O1 - Hosts: 127.0.0.1 　　 xyxy68.8u8.net
O1 - Hosts: 127.0.0.1 　　 www.youmiss.com
O1 - Hosts: 127.0.0.1 　　 www.cctv8.net
O1 - Hosts: 127.0.0.1 　　 www.kuliao.com
O1 - Hosts: 127.0.0.1 　　 www.yyqy.com
O1 - Hosts: 127.0.0.1 　　 winzheng.126.com
O1 - Hosts: 127.0.0.1 　　 www.sunvod.com
O1 - Hosts: 127.0.0.1 　　 www.t168.com
O1 - Hosts: 127.0.0.1 　　 www.boliwo.com
O1 - Hosts: 127.0.0.1 　　 www.coolcdrom.com
O1 - Hosts: 127.0.0.1 　　 www.zhengdian.comoe  # 标题栏也没放过
O1 - Hosts: 127.0.0.1 　　 girlchinese.comie 　 # 的主页也被改了
O1 - Hosts: 127.0.0.1 　　 www.yibinren.com 　
O1 - Hosts: 127.0.0.1 　　 www.mtv51.com 　
O1 - Hosts: 127.0.0.1 　　 www.163[1].com 　　  # 也是一个什么音乐网。恶意代码狂，还有病毒
O1 - Hosts: 127.0.0.1 　　 www.37021.com 　　  # 看清楚!不是3721， 这个最讨厌!!
O1 - Hosts: 127.0.0.1 　　 www.cnqb.net 　　 　 # 禁止你的注册表，...
O1 - Hosts: 127.0.0.1 　　 www.qq3344.com 　　
O1 - Hosts: 127.0.0.1 　　 www.qq3344.net
O1 - Hosts: 127.0.0.1 　　 youlove.3322.net 　# 有恶意代码的特性外还夹带病毒：trojan.pwdbox.d
O1 - Hosts: 127.0.0.1 　　 www.58589.com 　　 # 有恶意代码的特性
O1 - Hosts: 127.0.0.1 　　 tty.yyun.net 　　　# 与上述的危害差不多
O1 - Hosts: 127.0.0.1 　　 www.ftlink.net 　　# 一般性恶意代码
O1 - Hosts: 127.0.0.1 　　 home.kimo.com.tw 　# 一般性恶意代码
O1 - Hosts: 127.0.0.1 　　 www.pixpox.com 　  # 恶性网站并且自动驻留计算机内大量垃圾
O1 - Hosts: 127.0.0.1 　　 www.k163.com 　    # 狩猎者变种 和dj344 qq3344 与qq168是一伙的

O1 - Hosts: 127.0.0.1 　　 www.pk.com
O1 - Hosts: 127.0.0.1      www.taobao.com
O1 - Hosts: 127.0.0.1      page.taobao.com
O1 - Hosts: 127.0.0.1      search.taobao.com
O1 - Hosts: 127.0.0.1      taobao.com
O1 - Hosts: 127.0.0.1      www.unionsky.cn
O1 - Hosts: 127.0.0.1      www.allyes.com
O1 - Hosts: 127.0.0.1 　　 www.xxx.com
O1 - Hosts: 127.0.0.1 　　 204.177.92.68
O1 - Hosts: 127.0.0.1 　　 www.fassia.net 　　　　　 　
O1 - Hosts: 127.0.0.1 　　 www.ehomeday.com 　　　
O1 - Hosts: 127.0.0.1 　　 www.jinpin.net 　　　　　 　
O1 - Hosts: 127.0.0.1 　　 www.happy666.net
O1 - Hosts: 127.0.0.1 　　 update.myxq.com
O1 - Hosts: 127.0.0.1 　　 www.myxq.com
O1 - Hosts: 127.0.0.1      www.taobao.com
O1 - Hosts: 127.0.0.1      dvd.qq92.com
O1 - Hosts: 127.0.0.1      www.16yi.com
O1 - Hosts: 127.0.0.1      www.ye77.com
O1 - Hosts: 127.0.0.1      www.7sese.com
O1 - Hosts: 127.0.0.1      www.1yin.net
O1 - Hosts: 127.0.0.1      www.77ttt.com
O1 - Hosts: 127.0.0.1      www.7mao.com
O1 - Hosts: 127.0.0.1      www.mydj2005.com
O1 - Hosts: 127.0.0.1      www.vv78.com
O1 - Hosts: 127.0.0.1      www.v119.com/indexv119.htm
O1 - Hosts: 127.0.0.1      100.332233.com/index.htm
O1 - Hosts: 127.0.0.1      www.cashbackbuddy.com/login.php
O1 - Hosts: 127.0.0.1      www.joyiex.com
O1 - Hosts: 127.0.0.1      mm.227.cn
O1 - Hosts: 127.0.0.1      qq92.com
O1 - Hosts: 127.0.0.1      www.1432.net
O1 - Hosts: 127.0.0.1      qichun.6to23.com
O1 - Hosts: 127.0.0.1      www.53best.com
O1 - Hosts: 127.0.0.1      www.hao213.net
O1 - Hosts: 127.0.0.1      52007.com
O1 - Hosts: 127.0.0.1      www.QQ.5qt.net
O1 - Hosts: 127.0.0.1      4OO.net
O1 - Hosts: 127.0.0.1      dvd.sg51.com
O1 - Hosts: 127.0.0.1      www.qq46.com
O1 - Hosts: 127.0.0.1      www.zhaowo8.com
O1 - Hosts: 127.0.0.1      www.91tg.net
O1 - Hosts: 127.0.0.1      www.h301.com
O1 - Hosts: 127.0.0.1      www.52kuku.com
O1 - Hosts: 127.0.0.1      www.ttjj.com
O1 - Hosts: 127.0.0.1      www.55885.com
O1 - Hosts: 127.0.0.1      www.zb444.com
O1 - Hosts: 127.0.0.1      www.12822.com
O1 - Hosts: 127.0.0.1      www.00855.com
O1 - Hosts: 127.0.0.1      www.363618.com
O1 - Hosts: 127.0.0.1      www.te99.com
O1 - Hosts: 127.0.0.1      www.bb58.com
O1 - Hosts: 127.0.0.1      www.5359.com
O1 - Hosts: 127.0.0.1      www.5359.net
O1 - Hosts: 127.0.0.1      ww.k8k8.com
O1 - Hosts: 127.0.0.1      www.52935.com
O1 - Hosts: 127.0.0.1      www.ourbt.com
O1 - Hosts: 127.0.0.1      www.djjcp.com
O1 - Hosts: 127.0.0.1      www.51115.com
O1 - Hosts: 127.0.0.1      www.wa110.com
O1 - Hosts: 127.0.0.1      www.mtv123.com
O1 - Hosts: 127.0.0.1      www.99love.com
O1 - Hosts: 127.0.0.1      www.53900.com
O1 - Hosts: 127.0.0.1      www.83900.com
O1 - Hosts: 127.0.0.1      991b.511go.com/playmu_wad1.htm
O1 - Hosts: 127.0.0.1      www.mdoing.com/video/
O1 - Hosts: 127.0.0.1      www.daoyi.com.cn
O1 - Hosts: 127.0.0.1      68086.com/
O1 - Hosts: 127.0.0.1      vod.et138.com
O1 - Hosts: 127.0.0.1      vod.soucn.net
O1 - Hosts: 127.0.0.1      www.wu111.com
O1 - Hosts: 127.0.0.1      www.5xt.net
O1 - Hosts: 127.0.0.1      www.17777.com
O1 - Hosts: 127.0.0.1      www.XiuMM.Com
O1 - Hosts: 127.0.0.1      www.opQQ.com/
O1 - Hosts: 127.0.0.1      www.wz116.com
O1 - Hosts: 127.0.0.1      www.benbang.net
O1 - Hosts: 127.0.0.1      www.qq.qqqqqq.cn
O1 - Hosts: 127.0.0.1      www.zzhao.com
O1 - Hosts: 127.0.0.1      hk582.com
O1 - Hosts: 127.0.0.1      www.ttjj.com
O1 - Hosts: 127.0.0.1      www.joyiex.com127.0.0.1      localhost
O1 - Hosts: 127.0.0.1      dvd.qq92.com
O1 - Hosts: 127.0.0.1      www.16yi.com
O1 - Hosts: 127.0.0.1      www.ye77.com
O1 - Hosts: 127.0.0.1      www.7sese.com
O1 - Hosts: 127.0.0.1      www.1yin.net
O1 - Hosts: 127.0.0.1      www.77ttt.com
O1 - Hosts: 127.0.0.1      www.7mao.com
O1 - Hosts: 127.0.0.1      www.mydj2005.com
O1 - Hosts: 127.0.0.1      100.332233.com/index.htm
O1 - Hosts: 127.0.0.1      www.vv78.com/
O1 - Hosts: 127.0.0.1      www.v119.com/indexv119.htm
O1 - Hosts: 127.0.0.1      www.cashbackbuddy.com/login.php
O1 - Hosts: 127.0.0.1      www.joyiex.com
O1 - Hosts: 127.0.0.1      mm.227.cn
O1 - Hosts: 127.0.0.1      qq92.com
O1 - Hosts: 127.0.0.1      www.1432.net
O1 - Hosts: 127.0.0.1      qichun.6to23.com
O1 - Hosts: 127.0.0.1      www.53best.com
O1 - Hosts: 127.0.0.1      www.hao213.net
O1 - Hosts: 127.0.0.1      52007.com
O1 - Hosts: 127.0.0.1      www.QQ.5qt.net
O1 - Hosts: 127.0.0.1      4OO.net
O1 - Hosts: 127.0.0.1      dvd.sg51.com
O1 - Hosts: 127.0.0.1      www.qq46.com
O1 - Hosts: 127.0.0.1      www.zhaowo8.com
O1 - Hosts: 127.0.0.1      3721.com #3721网络实名
O1 - Hosts: 127.0.0.1      3721.net #3721网络实名
O1 - Hosts: 127.0.0.1      cnsmin.3721.com #3721网络实名
O1 - Hosts: 127.0.0.1      cnsmin.3721.net #3721网络实名
O1 - Hosts: 127.0.0.1      download.3721.com #3721网络实名
O1 - Hosts: 127.0.0.1      download.3721.net #3721网络实名
O1 - Hosts: 127.0.0.1      www.3721.com #3721网络实名
O1 - Hosts: 127.0.0.1      www.3721.net #3721网络实名
O1 - Hosts: 127.0.0.1      ad4.sina.com.cn #新浪网广告
O1 - Hosts: 127.0.0.1      ad.cn.doubleclick.net #新浪网广告
O1 - Hosts: 127.0.0.1      bar.baidu.com #百度搜索器
O1 - Hosts: 127.0.0.1      52kuku.com
O1 - Hosts: 127.0.0.1      ttjj.com
O1 - Hosts: 127.0.0.1      55885.com
O1 - Hosts: 127.0.0.1      zb444.com
O1 - Hosts: 127.0.0.1      12822.com
O1 - Hosts: 127.0.0.1      00855.com
O1 - Hosts: 127.0.0.1      363618.com
O1 - Hosts: 127.0.0.1      te99.com
O1 - Hosts: 127.0.0.1      bb58.com
O1 - Hosts: 127.0.0.1      5359.com
O1 - Hosts: 127.0.0.1      5359.net
O1 - Hosts: 127.0.0.1      52935.com
O1 - Hosts: 127.0.0.1      ourbt.com
O1 - Hosts: 127.0.0.1      djjcp.com

O2 - BHO:  (file missing)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] ; "E:\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RavTask] "D:\Rising\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Super Rabbit SRRestore] E:\TuZi\MagicSet\srrest.exe /autosave
O4 - Startup: desktop.ini =
O4 - Global Startup: desktop.ini =
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26}? - http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=?allyesPara=816 (file missing)
O9 - Extra 'Tools' menuitem: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26}? - http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=?allyesPara=816 (file missing)
O9 - Extra Button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338}? - http://cn.zs.yahoo.com/?source=Cns (file missing)
O9 - Extra 'Tools' menuitem: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338}? - http://cn.zs.yahoo.com/?source=Cns (file missing)
O9 - Extra Button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b}? - D:\qq2005正式版\qq\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b}? - D:\qq2005正式版\qq\QQ.EXE
O9 - Extra Button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}? - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - Extra 'Tools' menuitem: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}? - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - Extra Button: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71}? - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71}? - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - Extra Button: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5}? - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5}? - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121857635312
O17 - HKLM\System\CCS\Services\Tcpip\..\{1747E8E2-2485-4CED-828C-AABBCD77052D}: NameServer = 218.30.19.40 61.134.1.4
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\Mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O23 - Service: Human Interface Device Access (HidServ) -  - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\lexbces.exe
O23 - Service: Macromedia Licensing Service (Macromedia Licensing Service) -  - "C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\rising\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - "D:\Rising\Rising\Rav\CCenter.exe"
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - "D:\Rising\Rising\Rav\Ravmond.exe"

HijackThis@Qoo的扫描日志 V1.97.7
Scan saved at 12:18:44, on 2006-1-6
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\Rising\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
D:\Rising\Rising\Rav\Ravmond.exe
d:\rising\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Rising\Rising\Rav\RavStub.exe
C:\WINDOWS\Explorer.EXE
d:\rising\rising\rfw\RfwMain.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Rising\Rising\Rav\RavTask.exe
D:\Rising\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Rising\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\WINDOWS\system32\wuauclt.exe
D:\qq2005正式版\qq\QQ.exe
D:\qq2005正式版\qq\TIMPlatform.exe
D:\qq2005正式版\qq\QQ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
D:\saomiaorizhi\HijackThis.exe

R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO:
O3 - Toolbar: ????? - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] ; "E:\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RavTask] "D:\Rising\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Super Rabbit SRRestore] E:\TuZi\MagicSet\srrest.exe /autosave
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: NTUSER.DAT
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O4 - Global Startup: ntuser.dat
O4 - Global Startup: ntuser.dat.LOG
O4 - Global Startup: ntuser.pol
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: QQ (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121857635312
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1747E8E2-2485-4CED-828C-AABBCD77052D}: NameServer = 218.30.19.40 61.134.1.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{1747E8E2-2485-4CED-828C-AABBCD77052D}: NameServer = 218.30.19.40 61.134.1.4

请用最新版本的hijackthis扫描.
hijackthis下载：
http://forum.ikaka.com/download.asp?id=5188960

请问HOSTS文件是你故意改的吗?
IE的一些选项也是你故意禁用的吗?

引用:

【玉面修罗的贴子】请用最新版本的hijackthis扫描. hijackthis下载： http://forum.ikaka.com/download.asp?id=5188960 请问HOSTS文件是你故意改的吗? IE的一些选项也是你故意禁用的吗? ...........................

我是看别的帖子里就这样改的，说能屏蔽广告，不知道对不对？
我哪里盖ie了，你能告诉我吗？

就是这个网址说的，就是咔咔论坛，你看看
http://forum.ikaka.com/topic.asp?board=67&artid=5678780