症状：hosts里面 大量的内容 造成的后果是 你在浏览器里面输入表中的地址 都会转向百度

一般的系统维护工具 一运行 就会关机 例如：360安全卫士
日志：
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      16:47:21, 日期 2007-2-10
操作系统：  Windows 2003  (WinNT 5.02.3790)
浏览器：    Internet Explorer v6.00 (6.00.3790.0000)

当前运行的进程：         

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll
O1 - Hosts: 218.83.161.65 www.hao123.com
O1 - Hosts: 218.83.161.65 hao123.com
O1 - Hosts: 218.83.161.65 www.7939.com
O1 - Hosts: 218.83.161.65 www.360safe.com
O1 - Hosts: 218.83.161.65 360safe.com
O1 - Hosts: 218.83.161.65 update.360safe.com
O1 - Hosts: 218.83.161.65 dl.360safe.com
O1 - Hosts: 218.83.161.65 bbs.360safe.com
O1 - Hosts: 218.83.161.65 www.btbaicai.com
O1 - Hosts: 218.83.161.65 btbaicai.com
O1 - Hosts: 218.83.161.65 www.pctutu.com
O1 - Hosts: 218.83.161.65 www.7322.com
O1 - Hosts: 218.83.161.65 www.5566.net
O1 - Hosts: 218.83.161.65 www.9991.com
O1 - Hosts: 218.83.161.65 9991.com
O1 - Hosts: 218.83.161.65 forum.ikaka.com
O1 - Hosts: 218.83.161.65 www.ikaka.com
O1 - Hosts: 218.83.161.65 update.ikaka.com
O1 - Hosts: 218.83.161.65 www.piaoxue.com
O1 - Hosts: 218.83.161.65 forum.jiangmin.com
O1 - Hosts: 218.83.161.65 update.jiangmin.com
O1 - Hosts: 218.83.161.65 post.baidu.com
O1 - Hosts: 218.83.161.65 update.rising.com.cn
O1 - Hosts: 218.83.161.65 online.rising.com.cn
O1 - Hosts: 218.83.161.65 dl.pconline.com.cn
O1 - Hosts: 218.83.161.65 space.uwants.com
O1 - Hosts: 218.83.161.65 www.pcav.cn
O1 - Hosts: 218.83.161.65 mopery.hits.io
O1 - Hosts: 218.83.161.65 www.goodmv.cn
O1 - Hosts: 218.83.161.65 www.5566.net
O1 - Hosts: 218.83.161.65 www.piaoxue.com
O1 - Hosts: 218.83.161.65 www.luosoft.com
O1 - Hosts: 218.83.161.65 luosoft.com
O1 - Hosts: 218.83.161.65 www.7255.com
O1 - Hosts: 218.83.161.65 dl.pconline.com.cn
O1 - Hosts: 218.83.161.65 www.spjoy.com
O1 - Hosts: 218.83.161.65 www.adanywhere.cn
O1 - Hosts: 218.83.161.65 ip.adanywhere.cn
O1 - Hosts: 218.83.161.65 ip1.adanywhere.cn
O1 - Hosts: 218.83.161.65 ip2.adanywhere.cn
O1 - Hosts: 218.83.161.65 www.bannerbox.cn
O1 - Hosts: 218.83.161.65 www.caiqiyue.com
O1 - Hosts: 218.83.161.65 www.2t2t.cn
O1 - Hosts: 218.83.161.65 3.a.kal.cn
O1 - Hosts: 218.83.161.65 ip.alexaanywhere.com
O1 - Hosts: 218.83.161.65 go.ipcenter.cn
O1 - Hosts: 218.83.161.65 www.2yin.cn
O1 - Hosts: 218.83.161.65 wwww.systeel.com.cn
O1 - Hosts: 218.83.161.65 go.baibaoxiang.cn
O1 - Hosts: 218.83.161.65 www.gao58.com
O1 - Hosts: 218.83.161.65 www.2tu.cn
O1 - Hosts: 218.83.161.65 www.91tu.cn
O1 - Hosts: 218.83.161.65 www.haotop.com
O1 - Hosts: 218.83.161.65 www.ycdy.com
O1 - Hosts: 218.83.161.65 ycdy.com
O1 - Hosts: 218.83.161.65 www.maipao.com
O1 - Hosts: 218.83.161.65 www.sina-baidu.com
O1 - Hosts: 218.83.161.65 www.maohehe.com
O1 - Hosts: 218.83.161.65 www.1717kan.cn
O1 - Hosts: 218.83.161.65 www.feixue.net
O1 - Hosts: 218.83.161.65 www.xingkongitv.com
O1 - Hosts: 218.83.161.65 about-blank.cc
O1 - Hosts: 218.83.161.65 www.xfkz.com
O1 - Hosts: 218.83.161.65 xfkz.com
O1 - Hosts: 218.83.161.65 www.365tan.com
O1 - Hosts: 218.83.161.65 cg.9e3.com
O1 - Hosts: 218.83.161.65 www.qqplayer.net
O1 - Hosts: 218.83.161.65 www.sosok.com
O1 - Hosts: 218.83.161.65 img.zhangxiu.com
O1 - Hosts: 218.83.161.65 www.okeaa.com
O1 - Hosts: 218.83.161.65 www.winopen.cn
O1 - Hosts: 218.83.161.65 dnl-eu1.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-eu2.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-eu3.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-eu4.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-eu5.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-us1.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-us2.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-us3.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-us4.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-us5.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-ru1.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-ru2.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-ru3.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-ru4.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-ru5.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-jp1.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-jp2.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-jp3.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-jp4.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-jp5.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-kr1.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-kr2.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-kr3.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-kr4.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 dnl-kr5.kaspersky-labs.com
O1 - Hosts: 218.83.161.65 ishare.sina.com.cn
O1 - Hosts: 218.83.161.65 www.my123.com
O1 - Hosts: 218.83.161.65 www.58.com
O1 - Hosts: 218.83.161.65 www.zhaomeimei.cn
O1 - Hosts: 218.83.161.65 banzou6.wo99.com
O2 - BHO: QQCycloneHelper - {00000000-12C9-4305-82F9-43058F20E8D2} - C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll
O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\Program Files\Yahoo!\Assistant\Assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\Program Files\Yahoo!\Assistant\Assist\yAngling.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: AssistHelper - {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} - C:\Program Files\Yahoo!\Assistant\Assist\yassist.dll
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4A40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\RunOnce: [YahooC:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll138828] regsvr32 /s C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 飞鸽传书.lnk = ?
O4 - Global Startup: 通达应用服务监视器.lnk = ?
O8 - IE右键菜单中的新增项目: &使用超级旋风下载 - C:\Program Files\Tencent\QQDownload\geturl.htm
O8 - IE右键菜单中的新增项目: &使用超级旋风下载全部链接 - C:\Program Files\Tencent\QQDownload\getAllurl.htm
O8 - IE右键菜单中的新增项目: 使用Web迅雷下载 - C:\Program Files\Thunder Network\WebThunder\GetUrl.htm
O8 - IE右键菜单中的新增项目: 使用Web迅雷下载全部链接 - C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: 添加到雅虎订阅(&Y) - res://C:\Program Files\Yahoo!\Assistant\Assist\yrss.dll/YRSSMENUEXT
O8 - IE右键菜单中的新增项目: 用WebCHM下载网页 - res://E:\石\WCIETools.dll/HTML/DOC
O8 - IE右键菜单中的新增项目: 雅虎搜索 - res://C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll/203
O9 - 浏览器额外的按钮: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/start.htm?source=yzs_icon&btn=yassistnew (file missing)
O9 - 浏览器额外的按钮: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - 浏览器额外的“工具”菜单项: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E78DA2A3-26AD-4393-801B-53C981A80715}: NameServer = 192.168.1.1
O18 - 列举现有的协议: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - 列举现有的协议: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - 列举现有的协议: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - 列举现有的协议: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - 列举现有的协议: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - 列举现有的协议: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
O18 - 列举现有的协议: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - 列举现有的协议: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - 列举现有的协议: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - 列举现有的协议: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll
O18 - 列举现有的协议: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - 列举现有的协议: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - 列举现有的协议: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (file missing)
O18 - 列举现有的协议: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - NT 服务: IMA_Server - Unknown owner - d:\MYOA\IMA\IMAServer.exe
O23 - NT 服务: MeChat - Unknown owner - d:\MYOA\MeChat\MeChat.exe
O23 - NT 服务: MySQL_OA - Unknown owner - D:\MYOA\mysql\bin\mysqld-nt.exe
O23 - NT 服务: Office_Anywhere - Unknown owner - d:\MYOA\bin\apache.exe" -k runservice (file missing)
O23 - NT 服务: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe