老收到这个地址http://219.133.33.43:4000的弹出广告，我是ADSL上网方式，貌似没中木马，真不知道他是怎么锁定我的。
Logfile of HijackThis v1.99.1
Scan saved at 17:06:45, on 2005-11-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
h:\KAV2005\KWatch.EXE
C:\WINDOWS\Explorer.EXE
h:\KAV2005\KPfwSvc.EXE
H:\KAV2005\KAVStart.exe
C:\WINDOWS\system32\ctfmon.exe
H:\Maxthon\Maxthon.exe
H:\BitComet\BitComet.exe
H:\hijackthis\HijackThis.exe

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - H:\FLASHGET\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - H:\FLASHGET\fgiebar.dll
O3 - Toolbar: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - h:\BitComet\BitCometBar\BitCometBar0.2.dll
O4 - HKLM\..\Run: [KavStart] "h:\KAV2005\KAVStart.exe" -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 使用网际快车下载 - H:\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - H:\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\FLASHGET\flashget.exe
O14 - IERESET.INF: START_PAGE_URL=about:blank
O17 - HKLM\System\CCS\Services\Tcpip\..\{485B15CF-E294-43E6-92FA-C09F47FFCE30}: NameServer = 202.103.96.68 220.170.0.38
O23 - Service: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - h:\KAV2005\KPfwSvc.EXE
O23 - Service: Kingsoft Antivirus KWatch Service (KWatchSvc) - Kingsoft Corporation - h:\KAV2005\KWatch.EXE
O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe
下面是那个广告，

打开IE浏览器——工具——internet选项——删除cookies、删除文件，把“删除所有脱机内容”选上

请用记事打开hosts这个文件
方法是：
开始--》运行...
win 2000/xp，请输入(你也可以复制/粘贴过去)：notepad %SystemRoot%\system32\drivers\etc\hosts
点[确定]按钮。
保留包含127.0.0.1的行，把其它行全部删除。
保存修改后，重新启动计算机看看。

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97    rhino.acme.com          # source server
#      38.25.63.10    x.acme.com              # x client host

127.0.0.1      localhost

本来就只有这一行啊

我也有，NND,听说是电信弹的广告！！！