请问斑竹 
我昨天在找电影时去了好多网站 然后就不知道中了什么东西 每隔一定时间就自己弹出某个网站来  我在启动选项里找不到他  请问怎么去掉啊  3721也不好使

那网站是 www.kk12.com

还有个  av.9xi.cn
每次这两个弹出来电脑都提示有病毒了。。
怎么办啊

用软件hijackthis发log上来，辅助分析
http://www.skycn.com/soft/15753.html
http://www.spywareinfo.com/~merijn/files/hijackthis.zip

下面这个是用卡巴扫描的 有用吗

-------------------------------------------------------------------------------
KASPERSKY ANTI-VIRUS WEB SCANNER REPORT
Friday, November 04, 2005 09:31:19
Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
Kaspersky Anti-Virus Web Scanner version: 5.0.63.0
Kaspersky Anti-Virus database last update:  4/11/2005
Kaspersky Anti-Virus database records: 158055
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 31760
Number of viruses found: 5
Number of infected objects: 17
Number of suspicious objects: 0
Duration of the scan process: 1328 sec

Infected Object Name - Virus Name
C:\WINDOWS\system.htaInfected: Trojan-Clicker.JS.Agent.b
C:\Documents and Settings\Bluewater\Local Settings\Temporary Internet Files\Content.IE5\CX2BCDYZ\soucn4246567[1].htaInfected: Trojan.VBS.StartPage
C:\Documents and Settings\Bluewater\Local Settings\Temporary Internet Files\Content.IE5\4XQB8P2N\count457847[1].htaInfected: Trojan.VBS.Qhost.e
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP15\A0085753.exe/stream/data1552/data.rar/Install/Setup.exeInfected: not-a-virus:AdWare.Win32.Inot.a
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP15\A0085753.exe/stream/data1552/data.rar/Install/UIInfo.exeInfected: Trojan-Downloader.Win32.Small.asu
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP15\A0085753.exe/stream/data1552/data.rar/Install/UpdaterMgr.exeInfected: Trojan-Downloader.Win32.Small.asu
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP15\A0085753.exe/stream/data1552/data.rarInfected: Trojan-Downloader.Win32.Small.asu
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP15\A0085753.exe/stream/data1552Infected: Trojan-Downloader.Win32.Small.asu
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP15\A0085753.exe/streamInfected: Trojan-Downloader.Win32.Small.asu
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP15\A0085753.exeInfected: Trojan-Downloader.Win32.Small.asu
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP26\A0099723.exe/stream/data1552/data.rar/Install/Setup.exeInfected: not-a-virus:AdWare.Win32.Inot.a
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP26\A0099723.exe/stream/data1552/data.rar/Install/UIInfo.exeInfected: Trojan-Downloader.Win32.Small.asu
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP26\A0099723.exe/stream/data1552/data.rar/Install/UpdaterMgr.exeInfected: Trojan-Downloader.Win32.Small.asu
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP26\A0099723.exe/stream/data1552/data.rarInfected: Trojan-Downloader.Win32.Small.asu
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP26\A0099723.exe/stream/data1552Infected: Trojan-Downloader.Win32.Small.asu
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP26\A0099723.exe/streamInfected: Trojan-Downloader.Win32.Small.asu
D:\System Volume Information\_restore{D7CF3D9E-189B-4FD5-AB28-4C52C51EE0EE}\RP26\A0099723.exeInfected: Trojan-Downloader.Win32.Small.asu

Scan process completed.

兄弟咱俩的情况一样呀，我的也是，下载了N多软件都杀不掉，老是不定期的弹出，哪位知道呀？

http://forum.ikaka.com/topic.asp?board=28&artid=6979213一楼附件中的扫描工具,扫个日志发上来看看.

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      08:57, 日期 2005-11-15
操作系统：  Windows 2000  (WinNT 5.00.2195)
浏览器：    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\msdtc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\llssrv.exe
C:\Program Files\feidian\service\NodeManagerService.exe
C:\WINNT\system32\regsvc.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\internat.exe
C:\Program Files\CNNIC\Cdn\cdnup.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\Program Files\tencent\QQ.exe
C:\Program Files\tencent\TIMPlatform.exe
C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe
C:\Program Files\Maxthon\Maxthon.exe
C:\WINNT\System32\mdm.exe
C:\WINNT\System32\mshta.exe
C:\WINNT\System32\conime.exe
C:\Documents and Settings\Administrator\桌面\2535952005811174944\HijackThis1991zww.exe

R3 - 默认的URLSearchHook丢失。用HijackThis修复
F3 - REG:win.ini: load=
F3 - REG:win.ini: run=
O2 - BHO: DuDu.com - {6BDE1669-B490-48E3-B668-456314F2D6C3} - C:\Program Files\DuDu\DddClient\dddiemon.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [ctfmon.exe] ctfmon.exe
O4 - 启动项HKLM\\Run: [SystemTray] SysTray.Exe
O4 - 启动项HKLM\\Run: [ScanRegistry] scanregw.exe/autorun
O4 - 启动项HKLM\\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - 启动项HKLM\\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - 启动项HKLM\\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O9 - 浏览器额外的按钮: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - 浏览器额外的按钮: 下载管理 - {3DB9F45E-AA74-4373-A466-C18A9F1C500D} - C:\Program Files\DuDu\DddClient\DuDuAcc.exe
O9 - 浏览器额外的“工具”菜单项: 下载管理 - {3DB9F45E-AA74-4373-A466-C18A9F1C500D} - C:\Program Files\DuDu\DddClient\DuDuAcc.exe
O10 - 未知的文件在 Winsock LSP: c:\winnt\system32\cdnns.dll
O11 - Options group: [CDNCLIENT]  中文上网
O23 - NT 服务: Distributed File System Services (Distfsv) - Unknown owner - C:\WINNT\System32\Distfsv.exe
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: NodeManagerService - Unknown owner - C:\Program Files\feidian\service\NodeManagerService.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe

上面是扫锚结果，还有，原先有个进程rundll32.exe,时常进程冲cpu到100％,我用config.exe给屏掉了。不知与这个有没有关系。