前几天机器给朋友用了几天，就出了问题。
1 瑞星在开机的时候不会自动运行，（后来被我在瑞星注册表修改那里弄回来了）
2 XP的系统还原不能用了，（菜鸟最怕的地方啊）
3 时不时会跳出几个窗口，有http://www.263163.com/sex.htm等...
  向各位老大求助，谢谢

HijackThis_815汉化版扫描日志 V1.99.1
保存于      16:43:56, 日期 2005-9-6
操作系统：  Windows XP SP1 (WinNT 5.01.2600)
浏览器：    Unable to get Internet Explorer version!

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\rising\rfw\Rfw.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\googlebar.exe
C:\Program Files\rising\rav\RavMon.exe
C:\Program Files\qq\QQ.exe
C:\Program Files\qq\TIMPlatform.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\IE防胁持\HijackThis1991zww.exe

R3 - URLSearchHook: (no name) - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - (no file)
O1 - Hosts: 218.85.132.177 zs.3721.com
O1 - Hosts: 218.85.132.177 seek.3721.com
O1 - Hosts: 218.85.132.177 auto.search.msn.com
O1 - Hosts: 218.85.132.177 dir.sina.com.cn
O1 - Hosts: 218.85.132.177 pic.sina.com.cn
O1 - Hosts: 218.85.132.177 search.sina.com.cn
O1 - Hosts: 218.85.132.177 dir.sohu.com
O1 - Hosts: 218.85.132.177 dir.sogou.com
O1 - Hosts: 218.85.132.177 dir.yahoo.com
O1 - Hosts: 218.85.132.177 popme.163.com
O1 - Hosts: 218.85.132.177 site.baidu.com
O1 - Hosts: 218.85.132.177 www.432.cn
O1 - Hosts: 218.85.132.177 x.baidu.com
O1 - Hosts: 218.85.132.177 assistant.3721.com
O1 - Hosts: 218.85.132.177 sms.3721.com
O1 - Hosts: 218.85.132.177 cnsmin.3721.com
O1 - Hosts: 218.85.132.177 hot.3721.com
O1 - Hosts: 218.85.132.177 3721.com
O1 - Hosts: 218.85.132.177 www.3721.com
O1 - Hosts: 218.85.132.177 dl.3721.com
O1 - Hosts: 218.85.132.177 www.skycn.com
O1 - Hosts: 218.85.132.177 skycn.com
O1 - Hosts: 218.85.132.177 nmsearch.3721.com
O1 - Hosts: 218.85.132.177 cmail.3721.com
O1 - Hosts: 218.85.132.177 corp.3721.com
O1 - Hosts: 218.85.132.177 download.3721.com
O1 - Hosts: 218.85.132.177 www.hao123.com
O1 - Hosts: 218.85.132.177 www.hao123.net
O1 - Hosts: 218.85.132.177 hao123.com
O1 - Hosts: 218.85.132.177 hao123.net
O1 - Hosts: 218.85.132.177 www.265.com
O1 - Hosts: 218.85.132.177 265.com
O1 - Hosts: 218.85.132.177 www.3tom.com
O1 - Hosts: 218.85.132.177 www.da123.com
O1 - Hosts: 218.85.132.177 www.ttjj.com
O1 - Hosts: 218.85.132.177 www.gjj.cc
O1 - Hosts: 218.85.132.177 www.516.com
O1 - Hosts: 218.85.132.177 union.265.com
O1 - Hosts: 218.85.132.177 wn.265.com
O1 - Hosts: 218.85.132.177 music.265.com
O1 - Hosts: 218.85.132.177 516.com
O1 - Hosts: 218.85.132.177 mp3.516.com
O1 - Hosts: 218.85.132.177 www.sowang.com
O1 - Hosts: 218.85.132.177 www.asiacool.com
O1 - Hosts: 218.85.132.177 www.haodx.com
O1 - Hosts: 218.85.132.177 www.365key.com
O1 - Hosts: 218.85.132.177 www.365key.com
O1 - Hosts: 218.85.132.177 www.5566.net
O1 - Hosts: 218.85.132.177 5566.net
O1 - Hosts: 218.85.132.177 www.v111.com
O1 - Hosts: 218.85.132.177 v111.com
O1 - Hosts: 218.85.132.177 www.tthao.com
O1 - Hosts: 218.85.132.177 www.51115.com
O1 - Hosts: 218.85.132.177 www.K369.com
O1 - Hosts: 218.85.132.177 www.37021.com
O1 - Hosts: 218.85.132.177 www.qqwz.com
O1 - Hosts: 218.85.132.177 www.haokan123.com
O1 - Hosts: 218.85.132.177 www.zhao99.com
O1 - Hosts: 218.85.132.177 www.vv11.com
O1 - Hosts: 218.85.132.177 www.114.com.cn
O1 - Hosts: 218.85.132.177 url.114.com.cn
O1 - Hosts: 218.85.132.177 www.34se.com
O1 - Hosts: 218.85.132.177 www.chinadmoz.net
O1 - Hosts: 218.85.132.177 webspacecn.com
O1 - Hosts: 218.85.132.177 www.seed.cn
O1 - Hosts: 218.85.132.177 www.56ds.com
O1 - Hosts: 218.85.132.177 dianying2009.com
O1 - Hosts: 218.85.132.177 vod.epac.to
O1 - Hosts: 218.85.132.177 www.zhaoshang.net.cn
O1 - Hosts: 218.85.132.177 www.282.com.cn
O1 - Hosts: 218.85.132.177 51.163.com
O1 - Hosts: 218.85.132.177 www.op99.com
O1 - Hosts: 218.85.132.177 op99.com
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\qq\QQIEHelper.dll
O2 - BHO: (no name) - {73B89AFD-69DA-7E37-6E79-9139DE76DED9} - C:\WINDOWS\System32\webfix.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\BaiduBar.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\BaiduBar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [BIE] Rundll32.exe C:\WINDOWS\DOWNLO~1\CONFLICT.1\BDSrHook.dll,Rundll32
O4 - 启动项HKLM\\Run: [rfw] C:\Program Files\rising\rfw\Rfw.exe
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [IEupdate] C:\WINDOWS\system32\googlebar.exe
O4 - 启动项HKLM\\Run: [RavTimer] C:\Program Files\rising\Rav\RavTimer.exe
O4 - 启动项HKLM\\RunOnce: [RavStub] "C:\PROGRAM FILES\RISING\RAV\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\qq\QQ.exe
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\qq\SendMMS.htm
O9 - 浏览器额外的按钮: 搜索助手 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - http://search.hzs.cn/setzdwz.asp (file missing)
O9 - 浏览器额外的按钮: 百度搜索伴侣 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\qq\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\qq\QQ.EXE
O9 - 浏览器额外的按钮: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\qq\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\qq\QQIEHelper.dll
O11 - Options group: [!IESearch] !IESearch
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101954605562
O16 - DPF: {73B89AFD-69DA-7E37-6E79-9139DE76DED9} - http://www.hzs.cn/webfix.exe
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab
O16 - DPF: {8819C261-5B61-4628-908C-9BE795EABEC3} (IE Class) - http://www.95599.cn/download/ABC.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - http://bar.baidu.com/update/IESearch.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BA56B08-2171-4F94-A240-0605E115AF4D}: NameServer = 202.101.172.51,202.101.172.37
O17 - HKLM\System\CCS\Services\Tcpip\..\{B24903C2-A0BB-452B-B41B-05A946F66327}: NameServer = 60.191.244.4 60.191.244.2
O18 - 列举现有的协议: mp3 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - (no file)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe

R3 - URLSearchHook: (no name) - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - (no file)
O2 - BHO: (no name) - {73B89AFD-69DA-7E37-6E79-9139DE76DED9} - C:\WINDOWS\System32\webfix.dll
O4 - 启动项HKLM\\Run: [BIE] Rundll32.exe C:\WINDOWS\DOWNLO~1\CONFLICT.1\BDSrHook.dll,Rundll32
01项是自己设的吗

HijackThis_815下载后就扫描 这里就是扫描后的记事本上的内容啊

先修复这几项吧，对了，系统还原怎么个不能用？你是用管理员帐户登陆的吗？

重新启动到安全模式（进入安全模式的方法:重新启动电脑, 开机自动检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式(Safe Mode)进入Windows。）

先终止下面的进程（关闭所有窗口，同时按下CTRL+ALT+DELETE，在打开的窗口中选中要终止的进程，然后按下“结束任务”或者“结束进程”，最后关闭该窗口。
C:\WINDOWS\system32\googlebar.exe

请关闭所有IE界面，重新使用HijackThis扫描一次，选中下面建议修复的项目，让HijackThis修复，修复前请允许HijackThis保留备份。（如果楼主知道是安全的可以不必勾选）
R3 - URLSearchHook: (no name) - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - (no file)
所有01项
O2 - BHO: (no name) - {73B89AFD-69DA-7E37-6E79-9139DE76DED9} - C:\WINDOWS\System32\webfix.dll
O4 - 启动项HKLM\\Run: [IEupdate] C:\WINDOWS\system32\googlebar.exe
O18 - 列举现有的协议: mp3 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - (no file)

然后打开我的电脑→再点工具→打开文件夹选项→查看→把隐藏受保护的系统文件（推荐）和隐藏已知文件类型的扩展名的勾去掉→再显示所有文件→找到以下文件并删除：
C:\WINDOWS\System32\webfix.dll
C:\WINDOWS\system32\googlebar.exe

谢谢各位大大 我先试试 
谢谢！！

谢谢各位高手 我按照上面的操作了 网站是没跳出来了但瑞形监控不会开机就自动运行，还有系统还是不能还原啊
HijackThis_815汉化版扫描日志 V1.99.1
保存于      18:52:40, 日期 2005-9-6
操作系统：  Windows XP SP1 (WinNT 5.01.2600)
浏览器：    Unable to get Internet Explorer version!

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\rising\rfw\Rfw.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\rising\Rav\RavTimer.exe
C:\Program Files\qq\QQ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\qq\TIMPlatform.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\IE防胁持\HijackThis1991zww.exe

R3 - URLSearchHook: (no name) - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - (no file)
O1 - Hosts: 218.85.132.177 zs.3721.com
O1 - Hosts: 218.85.132.177 seek.3721.com
O1 - Hosts: 218.85.132.177 auto.search.msn.com
O1 - Hosts: 218.85.132.177 dir.sina.com.cn
O1 - Hosts: 218.85.132.177 pic.sina.com.cn
O1 - Hosts: 218.85.132.177 search.sina.com.cn
O1 - Hosts: 218.85.132.177 dir.sohu.com
O1 - Hosts: 218.85.132.177 dir.sogou.com
O1 - Hosts: 218.85.132.177 dir.yahoo.com
O1 - Hosts: 218.85.132.177 popme.163.com
O1 - Hosts: 218.85.132.177 site.baidu.com
O1 - Hosts: 218.85.132.177 www.432.cn
O1 - Hosts: 218.85.132.177 x.baidu.com
O1 - Hosts: 218.85.132.177 assistant.3721.com
O1 - Hosts: 218.85.132.177 sms.3721.com
O1 - Hosts: 218.85.132.177 cnsmin.3721.com
O1 - Hosts: 218.85.132.177 hot.3721.com
O1 - Hosts: 218.85.132.177 3721.com
O1 - Hosts: 218.85.132.177 www.3721.com
O1 - Hosts: 218.85.132.177 dl.3721.com
O1 - Hosts: 218.85.132.177 www.skycn.com
O1 - Hosts: 218.85.132.177 skycn.com
O1 - Hosts: 218.85.132.177 nmsearch.3721.com
O1 - Hosts: 218.85.132.177 cmail.3721.com
O1 - Hosts: 218.85.132.177 corp.3721.com
O1 - Hosts: 218.85.132.177 download.3721.com
O1 - Hosts: 218.85.132.177 www.hao123.com
O1 - Hosts: 218.85.132.177 www.hao123.net
O1 - Hosts: 218.85.132.177 hao123.com
O1 - Hosts: 218.85.132.177 hao123.net
O1 - Hosts: 218.85.132.177 www.265.com
O1 - Hosts: 218.85.132.177 265.com
O1 - Hosts: 218.85.132.177 www.3tom.com
O1 - Hosts: 218.85.132.177 www.da123.com
O1 - Hosts: 218.85.132.177 www.ttjj.com
O1 - Hosts: 218.85.132.177 www.gjj.cc
O1 - Hosts: 218.85.132.177 www.516.com
O1 - Hosts: 218.85.132.177 union.265.com
O1 - Hosts: 218.85.132.177 wn.265.com
O1 - Hosts: 218.85.132.177 music.265.com
O1 - Hosts: 218.85.132.177 516.com
O1 - Hosts: 218.85.132.177 mp3.516.com
O1 - Hosts: 218.85.132.177 www.sowang.com
O1 - Hosts: 218.85.132.177 www.asiacool.com
O1 - Hosts: 218.85.132.177 www.haodx.com
O1 - Hosts: 218.85.132.177 www.365key.com
O1 - Hosts: 218.85.132.177 www.365key.com
O1 - Hosts: 218.85.132.177 www.5566.net
O1 - Hosts: 218.85.132.177 5566.net
O1 - Hosts: 218.85.132.177 www.v111.com
O1 - Hosts: 218.85.132.177 v111.com
O1 - Hosts: 218.85.132.177 www.tthao.com
O1 - Hosts: 218.85.132.177 www.51115.com
O1 - Hosts: 218.85.132.177 www.K369.com
O1 - Hosts: 218.85.132.177 www.37021.com
O1 - Hosts: 218.85.132.177 www.qqwz.com
O1 - Hosts: 218.85.132.177 www.haokan123.com
O1 - Hosts: 218.85.132.177 www.zhao99.com
O1 - Hosts: 218.85.132.177 www.vv11.com
O1 - Hosts: 218.85.132.177 www.114.com.cn
O1 - Hosts: 218.85.132.177 url.114.com.cn
O1 - Hosts: 218.85.132.177 www.34se.com
O1 - Hosts: 218.85.132.177 www.chinadmoz.net
O1 - Hosts: 218.85.132.177 webspacecn.com
O1 - Hosts: 218.85.132.177 www.seed.cn
O1 - Hosts: 218.85.132.177 www.56ds.com
O1 - Hosts: 218.85.132.177 dianying2009.com
O1 - Hosts: 218.85.132.177 vod.epac.to
O1 - Hosts: 218.85.132.177 www.zhaoshang.net.cn
O1 - Hosts: 218.85.132.177 www.282.com.cn
O1 - Hosts: 218.85.132.177 51.163.com
O1 - Hosts: 218.85.132.177 www.op99.com
O1 - Hosts: 218.85.132.177 op99.com
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\qq\QQIEHelper.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\BaiduBar.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\BaiduBar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [BIE] Rundll32.exe C:\WINDOWS\DOWNLO~1\CONFLICT.1\BDSrHook.dll,Rundll32
O4 - 启动项HKLM\\Run: [rfw] C:\Program Files\rising\rfw\Rfw.exe
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [RavTimer] C:\Program Files\rising\Rav\RavTimer.exe
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\qq\QQ.exe
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\qq\SendMMS.htm
O9 - 浏览器额外的按钮: 搜索助手 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - http://search.hzs.cn/setzdwz.asp (file missing)
O9 - 浏览器额外的按钮: 百度搜索伴侣 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\System32\shdocvw.dll
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\qq\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\qq\QQ.EXE
O9 - 浏览器额外的按钮: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\qq\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\qq\QQIEHelper.dll
O11 - Options group: [!IESearch] !IESearch
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101954605562
O16 - DPF: {73B89AFD-69DA-7E37-6E79-9139DE76DED9} - http://www.hzs.cn/webfix.exe
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab
O16 - DPF: {8819C261-5B61-4628-908C-9BE795EABEC3} (IE Class) - http://www.95599.cn/download/ABC.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - http://bar.baidu.com/update/IESearch.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BA56B08-2171-4F94-A240-0605E115AF4D}: NameServer = 202.101.172.51,202.101.172.37
O17 - HKLM\System\CCS\Services\Tcpip\..\{B24903C2-A0BB-452B-B41B-05A946F66327}: NameServer = 60.191.244.4 60.191.244.2
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe

修复：
R3 - URLSearchHook: (no name) - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - (no file)
所有01项

谢谢前辈 谢谢斑竹

我才发现哦,在这里发个贴子还能看到IP呢,隐私怎么办呀:)