我的IE默认地址是about:blank
    但是打开后是个英文网站,怎么改也改不了!!!!
    还一会又弹出个英文的网页!!!
    我 用瑞星杀毒发现有,Trojan.Startpage.ea 这个毒!但是杀了没用,杀了又有!!!
这是我的表,请版主帮我看看啊!!怎么办!!!!谢谢了!!!!
HijackThis_815汉化版扫描日志 V1.99.1
保存于      20:24:56, 日期 2006-2-8
操作系统：  Windows XP  (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP1 (6.00.2600.0000)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\瑞星\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\瑞星\Ravmond.exe
C:\WINDOWS\system32\spoolsv.exe
D:\瑞星\RavStub.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\Rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\瑞星\RavTask.exe
D:\瑞星\Ravmon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\4842302005817230232\HijackThis1991zww.exe

O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: (no name) - {BC19EE51-FB98-4780-922C-119B0A651FCD} - C:\WINDOWS\System32\olhg.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLO~1\CnsHook.dll
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] rem C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] rem C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] rem C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [RavTask] "D:\瑞星\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FLASHGET\jc_all.htm
O9 - 浏览器额外的按钮: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm?pid=U_eaini_5398 (file missing)
O9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\Program Files\浩方对战平台\GameClient.exe
O9 - 浏览器额外的按钮: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - 浏览器额外的按钮: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing)
O9 - 浏览器额外的按钮: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O9 - 浏览器额外的按钮: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\qq\QQIEHelper.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\qq\QQIEHelper.dll (file missing)
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O11 - Options group: [!CNS]  网络实名
O17 - HKLM\System\CCS\Services\Tcpip\..\{742D736F-4F7F-4198-B63E-D85D52CCC964}: NameServer = 202.98.96.68,61.139.2.69
O17 - HKLM\System\CS1\Services\Tcpip\..\{742D736F-4F7F-4198-B63E-D85D52CCC964}: NameServer = 202.98.96.68,61.139.2.69
O17 - HKLM\System\CS2\Services\Tcpip\..\{742D736F-4F7F-4198-B63E-D85D52CCC964}: NameServer = 202.98.96.68,61.139.2.69
O17 - HKLM\System\CS3\Services\Tcpip\..\{742D736F-4F7F-4198-B63E-D85D52CCC964}: NameServer = 202.98.96.68,61.139.2.69
O18 - Filter: text/html - {3A86B47C-5D71-4F28-AFF8-C51BEAAE8909} - C:\WINDOWS\System32\olhg.dll
O18 - Filter: text/plain - {3A86B47C-5D71-4F28-AFF8-C51BEAAE8909} - C:\WINDOWS\System32\olhg.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: ZGNotify - C:\WINDOWS\MyNotification.dll
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\瑞星\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\瑞星\Ravmond.exe

谢谢了~!!!!

晕,高手都到哪去了,帮我看看好吗!!

【回复“qry000”的帖子】



请楼主使用下面的两个多引擎扫描器扫描下列文件：
C:\WINDOWS\System32\olhg.dll
C:\WINDOWS\MyNotification.dll
多引擎扫描之Virustotal：

http://www.virustotal.com/
多引擎扫描之Jotti：

http://virusscan.jotti.org/


请务必将报告贴全。

【回复“天使之剑”的帖子】
谢谢大大啊!!!!!!!请帮我看看!
对于C:\WINDOWS\System32\olhg.dll
两网站扫描入下:

http://virusscan.jotti.org/

File:  olhg.dll 
Status:  INFECTED/MALWARE 
MD5  26a8e971d9f9dd13eb138c52bf564061 
Packers detected:  -
Scanner results 
AntiVir  Found Trojan/StartPage.abg 
ArcaVir  Found nothing
Avast  Found Win32:Startpage-135 
AVG Antivirus  Found nothing
BitDefender  Found nothing
ClamAV  Found nothing
Dr.Web  Found Trojan.StartPage.957 
F-Prot Antivirus  Found nothing
Fortinet  Found W32/StartPage-tr 
Kaspersky Anti-Virus  Found nothing
NOD32  Found nothing
Norman Virus Control  Found nothing
UNA  Found nothing
VBA32  Found Malware.Agent.16 (probable variant) 

http://www.virustotal.com/
This is a report processed by VirusTotal on 02/09/2006 at 05:15:08

(CET) after scanning the file "olhg.dll" file.
Antivirus Version Update Result
AntiVir 6.33.0.81 02.08.2006 TR/StartPage.abg
Avast 4.6.695.0 02.07.2006 Win32:Startpage-135
AVG 718 02.08.2006 no virus found
Avira 6.33.0.81 02.08.2006 TR/StartPage.abg
BitDefender 7.2 02.08.2006 no virus found
CAT-QuickHeal 8.00 02.08.2006 StartPage.gen-m
ClamAV devel-20060126 02.07.2006 no virus found
DrWeb 4.33 02.08.2006 Trojan.StartPage.957
eTrust-InoculateIT 23.71.72 02.09.2006 no virus found
eTrust-Vet 12.4.2071 02.08.2006 Win32/Startpage.FZ
Ewido 3.5 02.07.2006 no virus found
Fortinet 2.54.0.0 02.09.2006 W32/StartPage-tr
F-Prot 3.16c 02.07.2006 no virus found
Ikarus 0.2.59.0 02.08.2006 no virus found
Kaspersky 4.0.2.24 02.09.2006 no virus found
McAfee 4692 02.08.2006 StartPage-DU.dll.dr
NOD32v2 1.1400 02.08.2006 no virus found
Norman 5.70.10 02.08.2006 no virus found
Panda 9.0.0.4 02.08.2006 Suspicious file
Sophos 4.02.0 02.08.2006 Troj/Ablank-Fam
Symantec 8.0 02.09.2006 no virus found
TheHacker 5.9.4.093 02.08.2006 no virus found
UNA 1.83 02.08.2006 no virus found
VBA32 3.10.5 02.08.2006 suspected of Malware.Agent.16

对于C:\WINDOWS\MyNotification.dll扫描如下:

http://virusscan.jotti.org/


File:  MyNotification.dll 
Status:  OK 
MD5  aaf61f05e84d6eb7891bf4f01899fbb1 
Packers detected:  -
Scanner results 
AntiVir  Found nothing
ArcaVir  Found nothing
Avast  Found nothing
AVG Antivirus  Found nothing
BitDefender  Found nothing
ClamAV  Found nothing
Dr.Web  Found nothing
F-Prot Antivirus  Found nothing
Fortinet  Found nothing
Kaspersky Anti-Virus  Found nothing
NOD32  Found nothing
Norman Virus Control  Found nothing
UNA  Found nothing
VBA32  Found nothing

http://www.virustotal.com/

This is a report processed by VirusTotal on 02/09/2006 at 05:21:56

(CET) after scanning the file "MyNotification.dll" file.
Antivirus Version Update Result
AntiVir 6.33.0.81 02.08.2006 no virus found
Avast 4.6.695.0 02.07.2006 no virus found
AVG 718 02.08.2006 no virus found
Avira 6.33.0.81 02.08.2006 no virus found
BitDefender 7.2 02.08.2006 no virus found
CAT-QuickHeal 8.00 02.08.2006 no virus found
ClamAV devel-20060126 02.07.2006 no virus found
DrWeb 4.33 02.08.2006 no virus found
eTrust-InoculateIT 23.71.72 02.09.2006 no virus found
eTrust-Vet 12.4.2071 02.08.2006 no virus found
Ewido 3.5 02.07.2006 no virus found
Fortinet 2.54.0.0 02.09.2006 no virus found
F-Prot 3.16c 02.07.2006 no virus found
Ikarus 0.2.59.0 02.08.2006 no virus found
Kaspersky 4.0.2.24 02.09.2006 no virus found
McAfee 4692 02.08.2006 no virus found
NOD32v2 1.1400 02.08.2006 no virus found
Norman 5.70.10 02.08.2006 no virus found
Panda 9.0.0.4 02.08.2006 no virus found
Sophos 4.02.0 02.08.2006 no virus found
Symantec 8.0 02.09.2006 no virus found
TheHacker 5.9.4.093 02.08.2006 no virus found
UNA 1.83 02.08.2006 no virus found
VBA32 3.10.5 02.08.2006 no virus found

关闭ie窗口

修复
O2 - BHO: (no name) - {BC19EE51-FB98-4780-922C-119B0A651FCD} - C:\WINDOWS\System32\olhg.dll

删除
C:\WINDOWS\System32\olhg.dll