我的ie6有时会莫名奇妙的弹出窗口去访问几个固定网站，用了很多方法还是解决不了，只好来请求专家帮忙了，以下是扫描结果：
2006-12-13,10:15:49

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <RegBar><regsvr32.exe /u C:\progra~1\blogmark\bocaitoolbar.dll /s /i /n>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <AboutSys><regsvr32.exe msaddon.dll /s>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <ATIModeChange><Ati2mdxx.exe>  [(Verified)ATI Technologies, Inc.]
    <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <TPHOTKEY><C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe>  [N/A]
    <RavTask><"D:\Program Files\rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <QuickTime Task><"D:\Program Files\QuickTime\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <CertificateRegistration><SafeSignCertReg.exe>  [A.E.T. Europe B.V.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <AGRSMMSG><; AGRSMMSG.exe>  [(Verified)Agere Systems]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <EZEJMNAP><; C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe>  [N/A]
    <ibmmessages><; C:\Program Files\IBM\Messages By IBM\ibmmessages.exe>  [IBM]
    <IdnMail><; C:\WINDOWS\system32\IdnMail.exe>  [N/A]
    <IMEKRMIG6.1><; C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [(Verified)Microsoft Corporation]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <MiniMsgr><; C:\PROGRA~1\Yahoo!\MiniMsgr\YMiniSvr.exe>  [N/A]
    <MSPY2002><; C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)N/A]
    <PHIME2002A><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <QCWLICON><; C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE>  [N/A]
    <S3TRAY2><; S3Tray2.exe>  [(Verified)S3 Graphics, Inc.]
    <SSLcnt><; "d:\Program Files\汉唐2003\sslcnt\SSLCnt.exe">  [N/A]
    <SynTPEnh><; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Synaptics, Inc.]
    <SynTPLpr><; C:\Program Files\Synaptics\SynTP\SynTPLpr.exe>  [(Verified)Synaptics, Inc.]
    <tgcmd><; >  [N/A]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <TP4EX><; tp4ex.exe>  [IBM Corporation]
    <TPKMAPMN><; C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe>  [N/A]

==================================
启动文件夹
[服务管理器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务管理器.lnk --> C:\PROGRA~1\MICROS~4\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\System32\Ati2evxx.exe><N/A>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[IBM PM Service / IBMPMSVC]
  <C:\WINDOWS\System32\ibmpmsvc.exe><N/A>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[MSSQLSERVER / MSSQLSERVER]
  <C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[OracleMTSRecoveryService / OracleMTSRecoveryService]
  <D:\oracle\ora92\bin\omtsreco.exe "OracleMTSRecoveryService"><Oracle Corporation>
[OracleOraHome92ClientCache / OracleOraHome92ClientCache]
  <D:\oracle\ora92\BIN\ONRSD.EXE><N/A>
[PLSRemote Service / PLSRemoteSvc]
  <C:\WINDOWS\SYSTEM32\PLSRemote.exe><N/A>
[QCONSVC / QCONSVC]
  <System32\QCONSVC.EXE><N/A>
[Rising Process Communication Center / RsCCenter]
  <"D:\Program Files\rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
  <"D:\Program Files\rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SQLSERVERAGENT / SQLSERVERAGENT]
  <C:\Program Files\Microsoft SQL Server\MSSQL\binn\sqlagent.exe -i MSSQLSERVER><Microsoft Corporation>

==================================
驱动程序
[abp480n5 / abp480n5]
  <\SystemRoot\System32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m]
  <\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[aeaudio / aeaudio]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Agere Systems Soft Modem / AgereSoftModem]
  <System32\DRIVERS\AGRSM.sys><Agere Systems>
[Aha154x / Aha154x]
  <\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2]
  <\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx]
  <\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[AliIde / AliIde]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp]
  <\SystemRoot\System32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[asc / asc]
  <\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p]
  <\SystemRoot\System32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[asc3550 / asc3550]
  <\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[Aspi32 / Aspi32]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Aspi32.SYS><Adaptec>
[ati2mtag / ati2mtag]
  <System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Xircom CardBus Ethernet 10/100 Adapter family Driver / CBEN5]
  <system32\DRIVERS\cben5.sys><Xircom, Inc.>
[cd20xrnt / cd20xrnt]
  <\SystemRoot\System32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CmdIde / CmdIde]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k]
  <\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o]
  <\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[Intel(R) PRO Adapter Driver / E100B]
  <System32\DRIVERS\e100b325.sys><Intel Corporation>
[ExpScaner / ExpScaner]
  <\??\D:\Program Files\rising\Rav\ExpScan.sys><>
[usb Card Device / ft2kEnum]
  <system32\DRIVERS\ic2kenum.sys><OEM Corporation>
[USB Chip Holder Service / GDBaseSmc]
  <system32\DRIVERS\Chip_smc.sys><OEM>
[USB Chip Service / GD_USB]
  <system32\DRIVERS\Chip_usb.sys><N/A>
[HOOKAPI / HOOKAPI]
  <\??\D:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS><瑞星软件有限公司>
[HookCont / HookCont]
  <\??\D:\Program Files\rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\D:\Program Files\rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\D:\Program Files\rising\Rav\HookSys.sys><Rising>
[IBMPMDRV / IBMPMDRV]
  <System32\DRIVERS\ibmpmdrv.sys><IBM Corp.>
[IBMTPCHK / IBMTPCHK]
  <System32\drivers\IBMBLDID.SYS><N/A>
[ini910u / ini910u]
  <\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[Lucent Technologies Soft Modem / LucentSoftModem]
  <System32\DRIVERS\LTSM.sys><Lucent Technologies>
[MEMSCAN / MEMSCAN]
  <\??\D:\Program Files\rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mraid35x / mraid35x]
  <\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[NSC Infrared Device Driver / NSCIRDA]
  <System32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[Padus ASPI Shell / pfc]
  <system32\drivers\pfc.sys><Padus, Inc.>
[PQNTDrv / PQNTDrv]
  <C:\WINDOWS\SYSTEM32\DRIVERS\PQNTDrv.SYS><PowerQuest Corporation>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
  <\SystemRoot\System32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[ql1080 / ql1080]
  <\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt]
  <\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160]
  <\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280]
  <\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[SmartCard Reader Device  / Reader_Device]
  <system32\DRIVERS\usbic2k.sys><OEM>
[RsAntiSpyware / RsAntiSpyware]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RSPPSYS / RSPPSYS]
  <\??\D:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[S3SSavage / S3SSavage]
  <System32\DRIVERS\s3ssavm.sys><S3 Graphics, Inc.>
[Secdrv / Secdrv]
  <System32\DRIVERS\secdrv.sys><Macrovision Europe Ltd>
[SIS AGP Bus Filter / sisagp]
  <\SystemRoot\System32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[SKNFW / SKNFW]
  <\??\C:\WINDOWS\system32\Drivers\SKNFW.sys><N/A>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sparrow / Sparrow]
  <\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[st3wolf / st3wolf]
  <System32\DRIVERS\st3wolf.sys><>
[stwlfbus / stwlfbus]
  <\SystemRoot\System32\DRIVERS\stwlfbus.sys><>
[symc810 / symc810]
  <\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx]
  <\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[SymEvent / SymEvent]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><N/A>
[sym_hi / sym_hi]
  <\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3]
  <\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP]
  <System32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TosIde / TosIde]
  <\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation>
[TPHKDRV / TPHKDRV]
  <C:\WINDOWS\SYSTEM32\DRIVERS\TPHKDRV.SYS><IBM Corporation>
[IBM PS/2 TrackPoint Filter Driver / TwoTrack]
  <System32\DRIVERS\TwoTrack.sys><IBM Corporation>
[ultra / ultra]
  <\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[VCD VNC Virtual Network Adapter / vcddev]
  <system32\DRIVERS\vcdvnic.sys><VNN B.J.>

==================================
浏览器加载项
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[InfosecCertInstall Class]
  {0EB487C8-E9AC-43A6-8C4C-083999B0622F} <C:\WINDOWS\Downloaded Program Files\certInStall.dll, >
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft? Corporation>
[CMBSafeHelper Class]
  {26BCA338-BB94-4E8F-A082-3E5735875B79} <C:\WINDOWS\system32\CMBGUARD.dll, >
[InfoSecNetSign Class]
  {62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\DOWNLO~1\NetSign.dll, Infosec Technologies Co., Ltd.>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[upload.myCtl]
  {8E38F877-8A71-4CD5-AD73-20DECC12E845} <C:\WINDOWS\Downloaded Program Files\upload.ocx, GEONG Business Networks>
[fileEditPrj.FileEditCtrl]
  {973E0E58-FA79-4BA6-B9AB-3252D05B0EF6} <C:\WINDOWS\Downloaded Program Files\FileCtrlPrj.ocx, huizhi>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[AxUSBKey Class]
  {DA215190-98B2-47DE-AE24-DA95481DFFBA} <C:\WINDOWS\DOWNLO~1\USBKey.dll, >
[PBActiveX40 Control]
  {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} <C:\WINDOWS\system32\CMBPB40.ocx, China Merchants Bank>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\System32\msjava.dll, Microsoft Corporation>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[InfosecCertInstall Class]
  {0EB487C8-E9AC-43A6-8C4C-083999B0622F} <C:\WINDOWS\Downloaded Program Files\certInStall.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[CMBSafeHelper Class]
  {26BCA338-BB94-4E8F-A082-3E5735875B79} <C:\WINDOWS\system32\CMBGUARD.dll, >
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[QuickTime Object]
  {4063BE15-3B08-470D-A0D5-B37161CFFD69} <D:\Program Files\QuickTime\QTPlugin.ocx, Apple Computer, Inc.>
[AdsHlpObj Class]
  {49A94665-B1F5-4F05-B9C7-FB6E336E49BD} <C:\WINDOWS\system32\AdsObj.dll, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\HHCTRL.OCX, Microsoft Corporation>
[InfoSecNetSign Class]
  {62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\DOWNLO~1\NetSign.dll, Infosec Technologies Co., Ltd.>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <C:\PROGRA~1\淘宝网\淘宝旺旺\WangWangX3.dll, 淘宝（中国）软件有限公司>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[AdsObj2 Class]
  {7DDEA238-3E32-43FD-8223-A5E15D9666FF} <C:\WINDOWS\system32\AdsHlp2.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[upload.myCtl]
  {8E38F877-8A71-4CD5-AD73-20DECC12E845} <C:\WINDOWS\Downloaded Program Files\upload.ocx, GEONG Business Networks>
[fileEditPrj.FileEditCtrl]
  {973E0E58-FA79-4BA6-B9AB-3252D05B0EF6} <C:\WINDOWS\Downloaded Program Files\FileCtrlPrj.ocx, huizhi>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <D:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[CSetLET Class]
  {C35D7AE1-0865-4A30-BF07-29FA29324155} <C:\WINDOWS\DOWNLO~1\GDSetLET.dll, >
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[AxUSBKey Class]
  {DA215190-98B2-47DE-AE24-DA95481DFFBA} <C:\WINDOWS\DOWNLO~1\USBKey.dll, >
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[PBActiveX40 Control]
  {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} <C:\WINDOWS\system32\CMBPB40.ocx, China Merchants Bank>
[使用网际快车下载]
  <D:\Program Files\FlashGet\jc_link.htm, N/A>

==================================
正在运行的进程
[PID: 740][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 804][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 828][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 872][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 884][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1044][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1108][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1280][D:\Program Files\rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1296][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\oracle\ora92\bin\oci.dll]  [Oracle Corporation, 9.2.0.1.0]
[PID: 1336][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1428][D:\Program Files\rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 47]
    [D:\Program Files\rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\Program Files\rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [D:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Program Files\rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\Program Files\rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 18, 1, 0, 12]
    [D:\Program Files\rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 33]
    [D:\Program Files\rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\Program Files\rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\Program Files\rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\Program Files\rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [D:\Program Files\rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [D:\Program Files\rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Program Files\rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [D:\Program Files\rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\Program Files\rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [D:\Program Files\rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 35]
    [D:\Program Files\rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
[PID: 1504][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1544][C:\WINDOWS\System32\SCardSvr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1644][D:\Program Files\rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [D:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1808][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1940][D:\oracle\ora92\bin\omtsreco.exe]  [Oracle Corporation, 9.2.0.1.0]
    [D:\oracle\ora92\bin\OCI.dll]  [Oracle Corporation, 9.2.0.1.0]
    [D:\oracle\ora92\bin\OraClient9.Dll]  [Oracle Corporation, 9.2.0.1.0 Production ]
    [D:\oracle\ora92\bin\oracore9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\oranls9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\oraunls9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\oravsn9.dll]  [Oracle Corporation, 9.2.0.1.0 Production ]
    [D:\oracle\ora92\bin\oracommon9.dll]  [Oracle Corporation, 9.2.0.1.0 Production ]
    [D:\oracle\ora92\bin\orageneric9.dll]  [Oracle Corporation, 9.2.0.1.0 Production ]
    [D:\oracle\ora92\bin\oraxml9.dll]  [Oracle Corporation, ]
    [D:\oracle\ora92\bin\oraxsd9.dll]  [Oracle Corporation, ]
    [D:\oracle\ora92\bin\orannzsbb9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\oran9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\oranl9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\oranldap9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\oraldapclnt9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\orancrypt9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\ORATRACE9.dll]  [N/A, N/A]
    [D:\oracle\ora92\bin\oranro9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\oranhost9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\oranoname9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\orancds9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\orantns9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\oranms.dll]  [Oracle Corporation, 9.2.0.0.0]
    [D:\oracle\ora92\bin\oranmsp.dll]  [Oracle Corporation, 9.2.0.0.0]
    [D:\oracle\ora92\bin\orapls9.dll]  [Oracle Corporation, 9.2.0.1.0 Production ]
    [D:\oracle\ora92\bin\oraslax9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\orasnls9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\orawtc9.dll]  [Oracle Corporation, 9.2.0.1.0 Production ]
    [D:\oracle\ora92\bin\orasql9.dll]  [Oracle Corporation, 9.2.0.1.0 Production]
    [D:\oracle\ora92\bin\omtsrecomsgZHS.dll]  [Oracle Corporation, 9.0.0.0.0]
    [D:\oracle\ora92\bin\omtsrecomsgus.dll]  [Oracle Corporation, 9.2.0.0.1]
[PID: 500][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [D:\PROGRA~1\FlashGet\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
    [C:\WINDOWS\system32\AdsObj.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\AdsHlp2.dll]  [N/A, N/A]
    [D:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 704][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 252][C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\Oemdspif.dll]  [ATI Technologies, Inc., 4.12.0007]
[PID: 268][D:\Program Files\rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [D:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 292][C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe]  [N/A, N/A]
[PID: 376][C:\WINDOWS\system32\SafeSignCertReg.exe]  [A.E.T. Europe B.V., 2.0.0.2]
[PID: 396][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 532][D:\Program Files\rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 39]
    [D:\Program Files\rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [D:\Program Files\rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 1256][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2212][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 4036][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\adscr.dll]  [N/A, N/A]
[PID: 2948][C:\Program Files\Mozilla Firefox\firefox.exe]  [Mozilla Corporation, 1.8.1: 2006101023]
    [C:\Program Files\Mozilla Firefox\js3250.dll]  [Netscape Communications Corporation, 4.0]
    [C:\Program Files\Mozilla Firefox\nspr4.dll]  [Netscape Communications Corporation, 4.6.3]
    [C:\Program Files\Mozilla Firefox\xpcom_core.dll]  [Mozilla Foundation, 1.8.1: 2006101023]
    [C:\Program Files\Mozilla Firefox\plc4.dll]  [Netscape Communications Corporation, 4.6.3]
    [C:\Program Files\Mozilla Firefox\plds4.dll]  [Netscape Communications Corporation, 4.6.3]
    [C:\Program Files\Mozilla Firefox\smime3.dll]  [Mozilla Foundation, 3.11.3 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nss3.dll]  [Mozilla Foundation, 3.11.3 Basic ECC]
    [C:\Program Files\Mozilla Firefox\softokn3.dll]  [Mozilla Foundation, 3.11.3 Basic ECC]
    [C:\Program Files\Mozilla Firefox\ssl3.dll]  [Mozilla Foundation, 3.11.3 Basic ECC]
    [C:\Program Files\Mozilla Firefox\xpcom_compat.dll]  [Mozilla Foundation, 1.8.1: 2006101023]
    [C:\Program Files\Mozilla Firefox\components\myspell.dll]  [Mozilla Foundation, 1.8.1: 2006101023]
    [C:\Program Files\Mozilla Firefox\components\jar50.dll]  [Mozilla Foundation, 1.8.1: 2006101023]
    [C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll]  [Mozilla Foundation, 1.8.1: 2006101023]
    [C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL]  [Full Circle Software, Inc., 2.2.unofficial]
    [C:\Program Files\Mozilla Firefox\freebl3.dll]  [Mozilla Foundation, 3.11.3 Basic ECC]
    [C:\Program Files\Mozilla Firefox\components\spellchk.dll]  [Mozilla Foundation, 1.8.1: 2006101023]
    [C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[PID: 2572][C:\Documents and Settings\wuxq\桌面\Temp\sreng2\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
WinSock Proxy [tcp]
    D:\Program Files\Microsoft Firewall Client\wspwsp.dll(Microsoft Corporation, Microsoft WinSockProxy WS2.0 provider)
WinSock Proxy [udp]
    D:\Program Files\Microsoft Firewall Client\wspwsp.dll(Microsoft Corporation, Microsoft WinSockProxy WS2.0 provider)
WinSock Proxy for RSVP [tcp]
    D:\Program Files\Microsoft Firewall Client\wspwsp.dll(Microsoft Corporation, Microsoft WinSockProxy WS2.0 provider)
WinSock Proxy for RSVP [udp]
    D:\Program Files\Microsoft Firewall Client\wspwsp.dll(Microsoft Corporation, Microsoft WinSockProxy WS2.0 provider)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================

怎么没人回答呀，郁闷中...期待中...

【回复“我是菜鸟999”的帖子】
下载安装超级兔子
清理系统