看了您以前的回贴,我的情况有些不同,系统为:WINDOWS2000+IE5
用瑞星查毒提示"iehelper_5037.dll"。
用hijackthis扫描结果如下:
Logfile of HijackThis v1.99.1
Scan saved at 14:17:27, on 2006-10-17
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP4 (5.00.2920.0000)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.exe
C:\WINNT\system32\MicrosoftLive.exe
C:\WINNT\system32\Rundll32.exe
G:\HijackThis.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINNT\system32\MicrosoftLive.exe
F3 - REG:win.ini: load=C:\WINNT\rundl132.exe
O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5037.dll
O2 - BHO: (no name) - {29A8B48F-9AB3-43D3-8B87-7D1888197563} - C:\WINNT\system32\ATIDEMGRED.dll
O2 - BHO: SafeMe Internet Explorer Helper - {3AE06CEE-58A6-4F5F-AF89-6C5350842F16} - C:\WINNT\system32\SafeHelper12.dll
O2 - BHO: ra
Object Class - {46F194EB-B7DB-4B7A-BD42-5FF39FD17664} - C:\PROGRA~1\pcast\hbcast.dll
O2 - BHO: (no name) - {D83D38CF-77AE-4611-9EDE-72D910610236} - (no file)
O2 - BHO: Subconscious Intruder - {EBBC6E6D-7B65-46be-B509-86CED2D17876} - C:\WINNT\system32\Inte.dll (file missing)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [Tray] C:\WINNT\command\rundll32.exe
O4 - HKLM\..\Run: [realtpsk] C:\WINNT\system\realsched.exe
O4 - HKLM\..\Run: [RichMedia] C:\WINNT\system32\Rundll32.exe "C:\PROGRA~1\pcast\hbcast.dll",WaitWindows
O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\update2\Update.exe
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [msnnt] C:\WINNT\winampf.exe
O4 - HKCU\..\Run: [SaveMail] C:\WINNT\system32\MSSOFT\\winampe.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - d:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
谢谢!
