瑞星卡卡安全论坛

现在我每次用IE浏览器打开网页时，瑞星监空提示注册表被修改，另外每次打开电脑用瑞星杀毒时都发现有[Backdoor.Gpigeon.ywt]这病毒，都说成功册除的，下面有HijackThis@Qoo的扫描日志 ，我是个新手搞不明白是什么会事，希望各位指点一下，万分感激！！
这个是我瑞星注册表监空日志
进程名称    路径    数值名称    数值数据    操作日期    操作方式    操作结果

C:\Program Files\Internet Explorer\iexplore.exe    HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELL    default        2006-05-08 00:49    删除    拒绝修改
C:\Program Files\Internet Explorer\iexplore.exe    HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS    default        2006-05-08 00:49    删除    拒绝修改
C:\Program Files\Internet Explorer\iexplore.exe    HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELL    default        2006-05-08 00:49    删除    拒绝修改
C:\Program Files\Internet Explorer\iexplore.exe    HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS    default        2006-05-08 00:49    删除    拒绝修改
C:\Program Files\Internet Explorer\iexplore.exe    HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELL    default        2006-05-08 01:04    删除    拒绝修改
C:\Program Files\Internet Explorer\iexplore.exe    HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS    default        2006-05-08 01:04    删除    拒绝修改
C:\Program Files\Internet Explorer\iexplore.exe    HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELL    default        2006-05-08 01:05    删除    拒绝修改
C:\Program Files\Internet Explorer\iexplore.exe    HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS    default        2006-05-08 01:05    删除    拒绝修改
C:\Program Files\Internet Explorer\iexplore.exe    HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELL    default        2006-05-08 01:12    删除    拒绝修改
C:\Program Files\Internet Explorer\iexplore.exe    HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS    default        2006-05-08 01:12    删除    拒绝修改
C:\Program Files\Internet Explorer\iexplore.exe    HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELL    default        2006-05-08 01:18    删除    拒绝修改
C:\Program Files\Internet Explorer\iexplore.exe    HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS    default        2006-05-08 01:18    删除    拒绝修改
HijackThis@Qoo的扫描日志  V1.97.7
Scan saved at 2:02:14, on 2006-5-8
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\VM_STI.EXE
C:\WINPENJR\Win32\pphidpad.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\Program Files\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Tencent\TT\TTraveler.exe
E:\电影\hijackthis1.97_qoo\HijackThis.exe

O2 - BHO: (no name) - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: ????? - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Program Files\BitComet\BitCometBar\BitCometBar0.4.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [PPHIDPAD] C:\WINPENJR\Win32\pphidpad.exe
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: NTUSER.DAT
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O4 - Global Startup: NTUSER.DAT
O4 - Global Startup: NTUSER.DAT.LOG
O4 - Global Startup: ntuser.pol
O8 - Extra context menu item:  ←设置内容 - E:\
O8 - Extra context menu item:  ←设置标题 - E:\
O8 - Extra context menu item:  →提取图片 - E:\
O8 - Extra context menu item:  →提取链接 - E:\
O8 - Extra context menu item:  →获取内容 - E:\
O8 - Extra context menu item:  →获取标题 - E:\
O8 - Extra context menu item:  ∈提取全部图片 - E:\
O8 - Extra context menu item:  ∈获取Flash列表 - E:\
O8 - Extra context menu item:  ⊙快速回复 - E:\
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 豪杰超级解霸V8实时播放 - C:\Herosoft\HeroV8\MPURLGET.HTM
O9 - Extra button: QQ (HKLM)
O9 - Extra button: FlashGet (HKLM)
O9 - Extra 'Tools' menuitem: &FlashGet (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B58C07EE-14AF-431C-8860-FB640054622B}: NameServer = 202.96.128.86 202.96.128.166