我的操作系统是winXP SP2
在系统的c:\windows\system32\目录下有一个可疑文件iehelper.exe
不知道是个什么东西，是不是木马啊，用瑞星也查不出来
请问大家这是一个什么文件，可以删除吗？

还是有日志好说点

需要补充的是，为了安全起见，我在防火墙里把他设置为禁止访问网络
下面就是我的日志了：
Logfile of Kaka v2. 0. 0. 7 Scan Module v2. 0. 0. 1
Scan saved at 20:25:55, on 2006-02-06
Platform: Microsoft Windows XP Personal Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


Running processes:
[SMSS.EXE]
CommandLine =

[CSRSS.EXE]
CommandLine = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

[WINLOGON.EXE]
CommandLine = winlogon.exe

[SERVICES.EXE]
CommandLine = C:\WINDOWS\system32\services.exe

[LSASS.EXE]
CommandLine = C:\WINDOWS\system32\lsass.exe

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k DcomLaunch

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k rpcss

[CCenter.exe]
CommandLine = "C:\Program Files\Rising\Rav\CCenter.exe"

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k netsvcs

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost.exe -k NetworkService

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost.exe -k LocalService

[RavMonD.exe]
CommandLine = "C:\Program Files\Rising\Rav\Ravmond.exe"

[rfwProxy.exe]
CommandLine = "c:\program files\rising\rfw\rfwproxy.exe"

[RFWSRV.EXE]
CommandLine = "c:\program files\rising\rfw\rfwsrv.exe"

[SPOOLSV.EXE]
CommandLine = C:\WINDOWS\system32\spoolsv.exe

[RavStub.exe]
CommandLine = "C:\Program Files\Rising\Rav\RavStub.exe" /RAVMOND

[snmp.exe]
CommandLine = C:\WINDOWS\System32\snmp.exe

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost.exe -k imgsvc

[wdfmgr.exe]
CommandLine = C:\WINDOWS\system32\wdfmgr.exe

[alg.exe]
CommandLine = C:\WINDOWS\System32\alg.exe

[EXPLORER.EXE]
CommandLine = C:\WINDOWS\Explorer.EXE

[VTTimer.exe]
CommandLine = "C:\WINDOWS\system32\VTTimer.exe"

[LHotkey.exe]
CommandLine = "C:\WINDOWS\LHotkey.exe"

[realsched.exe]
CommandLine = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot

[SOUNDMAN.EXE]
CommandLine = "C:\WINDOWS\SOUNDMAN.EXE"

[RavTask.exe]
CommandLine = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM

[iehelper.exe]
CommandLine = "C:\WINDOWS\system32\iehelper.exe"

[RfwMain.exe]
CommandLine =  -StartUp

[RavMon.exe]
CommandLine = "C:\Program Files\Rising\Rav\Ravmon.exe" -SYSTEM

[ctfmon.exe]
CommandLine = "C:\WINDOWS\system32\ctfmon.exe"

[KkScan.exe]
CommandLine = "C:\Program Files\Rising\KakaToolBar\KkScan.exe"

R3 - URLSearchHook: (no name) - {EED92A43-CFCE-4548-BD73-B0A405470ED5} - (no file)
R3 - URLSearchHook: (no name) - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - (no file)
O1 - Hosts: 127.0.0.1      www.top183.com
O1 - Hosts: 127.0.0.1      www.crsky.com
O1 - Hosts: 127.0.0.1      hackvip.net
O1 - Hosts: 127.0.0.1      www.nowdl.com
O1 - Hosts: 127.0.0.1      www.riyou.com
O1 - Hosts: 127.0.0.1      www.cblog.cn
O1 - Hosts: 127.0.0.1      www.yykj.mecee.com
O1 - Hosts: 127.0.0.1      hackvip.cn
O1 - Hosts: 127.0.0.1      hackvip.com
O1 - Hosts: 127.0.0.1      www.zytx.com.cn
O1 - Hosts: 127.0.0.1      www.linkball.com
O1 - Hosts: 127.0.0.1      jimmy.hcools.net
O1 - Hosts: 127.0.0.1      www.sm365.net
O1 - Hosts: 127.0.0.1      www.01bbs.com
O1 - Hosts: 127.0.0.1      www.fzqk.com
O1 - Hosts: 127.0.0.1      www.shywm.com
O1 - Hosts: 127.0.0.1      www.3lsoft.com
O1 - Hosts: 127.0.0.1      www.860591.net
O1 - Hosts: 127.0.0.1      bbs.tiansha.info
O1 - Hosts: 127.0.0.1      www.ysxh.net
O1 - Hosts: 127.0.0.1      bbs.ctips.com.cn
O1 - Hosts: 127.0.0.1      www.mobile86.com
O1 - Hosts: 127.0.0.1      animespot.com.cn
O1 - Hosts: 127.0.0.1      www.xdkkl.com
O1 - Hosts: 127.0.0.1      www.cszw.com
O1 - Hosts: 127.0.0.1      www.d4d.cn
O1 - Hosts: 127.0.0.1      bbs.3lsoft.com
O1 - Hosts: 127.0.0.1      www.nidns.com
O1 - Hosts: 127.0.0.1      www.5ud.net
O1 - Hosts: 127.0.0.1      www.ytleo.com
O1 - Hosts: 127.0.0.1      www.phehoo.com
O1 - Hosts: 127.0.0.1      www.51first.cn
O1 - Hosts: 127.0.0.1      www.4oa.com
O1 - Hosts: 127.0.0.1      www.njnu.info
O1 - Hosts: 127.0.0.1 www.cctv8.net
O1 - Hosts: 127.0.0.1 www.kuliao.com
O1 - Hosts: 127.0.0.1 www.yyqy.com
O1 - Hosts: 127.0.0.1 winzheng.126.com
O1 - Hosts: 127.0.0.1 www.sunvod.com
O1 - Hosts: 127.0.0.1 www.t168.com
O1 - Hosts: 127.0.0.1 www.boliwo.com
O1 - Hosts: 127.0.0.1 www.coolcdrom.com
O1 - Hosts: 127.0.0.1 www.zhengdian.com
O1 - Hosts: 127.0.0.1 girlchinese.com
O1 - Hosts: 127.0.0.1 www.yibinren.com
O1 - Hosts: 127.0.0.1 www.mtv51.com
O1 - Hosts: 127.0.0.1 www.163[1].com
O1 - Hosts: 127.0.0.1 www.37021.com
O1 - Hosts: 127.0.0.1 www.cnqb.net
O1 - Hosts: 127.0.0.1 www.qq3344.com
O1 - Hosts: 127.0.0.1 www.qq3344.net
O1 - Hosts: 127.0.0.1 youlove.3322.net
O1 - Hosts: 127.0.0.1 www.58589.com
O1 - Hosts: 127.0.0.1 www.ftlink.net
O1 - Hosts: 127.0.0.1 home.kimo.com.tw/avnvyou520/
O1 - Hosts: 127.0.0.1 www.pixpox.com
O1 - Hosts: 127.0.0.1 www.k163.com
O1 - Hosts: 127.0.0.1 www.pk.com
O1 - Hosts: 127.0.0.1 www.xxx.com
O1 - Hosts: 127.0.0.1 204.177.92.68/rotate/r3.jhtml
O1 - Hosts: 127.0.0.1 www.fassia.net/wmed/index1.html
O1 - Hosts: 127.0.0.1 www.ehomeday.com
O1 - Hosts: 127.0.0.1 www.jinpin.net
O1 - Hosts: 127.0.0.1 www.cnqb.net
O1 - Hosts: 127.0.0.1 www.myxq.net
O1 - Hosts: 127.0.0.1 www.5dsoft.com
O1 - Hosts: 127.0.0.1 www.wokoo.net

你的日志不全

还没发完，太大了
接着来
O1 - Hosts: 127.0.0.1 www.coolcdrom.com
O1 - Hosts: 127.0.0.1 www.zhengdian.com
O1 - Hosts: 127.0.0.1 girlchinese.com
O1 - Hosts: 127.0.0.1 www.girl008.com
O1 - Hosts: 127.0.0.1 xajh.15888.ne
O1 - Hosts: 127.0.0.1 www.51bug.com
O1 - Hosts: 127.0.0.1 www.wplune.com
O1 - Hosts: 127.0.0.1 www.777888.net
O1 - Hosts: 127.0.0.1 pollen.my001.net
O1 - Hosts: 127.0.0.1 www.yule21.com
O1 - Hosts: 127.0.0.1 www.fish3000.com
O1 - Hosts: 127.0.0.1 www.kuliao.com
O1 - Hosts: 127.0.0.1 www.666e.com
O1 - Hosts: 127.0.0.1 qm.8ok.com
O1 - Hosts: 127.0.0.1 www.guosir.ccoo.com
O1 - Hosts: 127.0.0.1 www.163mm.com
O1 - Hosts: 127.0.0.1 www.cnooo.com
O1 - Hosts: 127.0.0.1 www.es158.com
O1 - Hosts: 127.0.0.1 www.aisa-girl.net
O1 - Hosts: 127.0.0.1 www.boliwu.com
O1 - Hosts: 127.0.0.1 www.cctv1.net
O1 - Hosts: 127.0.0.1 www.play.cn.gs
O1 - Hosts: 127.0.0.1 newyouth.3322.net
O1 - Hosts: 127.0.0.1 newyouth.3322.net
O1 - Hosts: 127.0.0.1 chinabdkx.363.net
O1 - Hosts: 127.0.0.1 www.zknew.com/
O1 - Hosts: 127.0.0.1 www.dhchao.com/
O1 - Hosts: 127.0.0.1 www.top666.net
O1 - Hosts: 127.0.0.1 www.amoisonic.com/
O1 - Hosts: 127.0.0.1 www.markguide.com
O1 - Hosts: 127.0.0.1 www.xyxc.ccoo.com
O1 - Hosts: 127.0.0.1 www.flyingwalk.com
O1 - Hosts: 127.0.0.1 www.yezine.net
O1 - Hosts: 127.0.0.1 www.mmgirls.com
O1 - Hosts: 127.0.0.1 www.net5w.com
O1 - Hosts: 127.0.0.1 www.fbstu.com
O1 - Hosts: 127.0.0.1 www.qlwl.com
O1 - Hosts: 127.0.0.1 www.yibinren.com
O1 - Hosts: 127.0.0.1 www.yinshang.com
O1 - Hosts: 127.0.0.1 www.ncunet.com
O1 - Hosts: 127.0.0.1 www.555666.net
O1 - Hosts: 127.0.0.1 www.fm1058.cc/
O1 - Hosts: 127.0.0.1 meim.y365.com
O1 - Hosts: 127.0.0.1 meim.y365.cn
O1 - Hosts: 127.0.0.1 www.qq520.net
O1 - Hosts: 127.0.0.1 jjkafei.longcity.net
O1 - Hosts: 127.0.0.1 jjkafei.longcity.net
O1 - Hosts: 127.0.0.1 chow.yesky.net
O1 - Hosts: 127.0.0.1 oicq.hk.st
O1 - Hosts: 127.0.0.1 www.my288.com
O1 - Hosts: 127.0.0.1 www.youmiss.com
O1 - Hosts: 127.0.0.1 www.laws-online.net
O1 - Hosts: 127.0.0.1 www.hj168.net
O1 - Hosts: 127.0.0.1 16888.6to23.com
O1 - Hosts: 127.0.0.1 www.love520.net
O1 - Hosts: 127.0.0.1 www.qq520.com
O1 - Hosts: 127.0.0.1 www.ezhgc.com
O1 - Hosts: 127.0.0.1 www.eastedu.com.cn
O1 - Hosts: 127.0.0.1 www.435000.com
O1 - Hosts: 127.0.0.1 sdik.8ok.net
O1 - Hosts: 127.0.0.1 feiying.coolwww.net
O1 - Hosts: 127.0.0.1 feiying.coolwww.net
O1 - Hosts: 127.0.0.1 zhongxuesheng.myrice.com
O1 - Hosts: 127.0.0.1 yes9999.com
O1 - Hosts: 127.0.0.1 yes9999.com.cn
O1 - Hosts: 127.0.0.1 www.nnptt.com/tv/
O1 - Hosts: 127.0.0.1 www.nnptt.com
O1 - Hosts: 127.0.0.1 vod.hengshui.com/
O1 - Hosts: 127.0.0.1 vod.hengshui.cn/
O1 - Hosts: 127.0.0.1 tv.megajoy.com/video/movies/
O1 - Hosts: 127.0.0.1 tv.megajoy.com/video/movies/
O1 - Hosts: 127.0.0.1 tv.megajoy.com/video
O1 - Hosts: 127.0.0.1 tv.megajoy.com/
O1 - Hosts: 127.0.0.1 h444.net/
O1 - Hosts: 127.0.0.1 update.myxq.com/ads.htm
O1 - Hosts: 127.0.0.1 update.myxq.com
O1 - Hosts: 127.0.0.1 www.happy666.net
O1 - Hosts: 127.0.0.1 www.myxq.com
O1 - Hosts: 127.0.0.1 bbs.ccjz.com
O1 - Hosts: 127.0.0.1 91mm.net/join.php
O1 - Hosts: 127.0.0.1 91mm.net
O1 - Hosts: 127.0.0.1 www.film888.com/film.asp
O1 - Hosts: 127.0.0.1 www.film888.com
O1 - Hosts: 127.0.0.1 vod.52en.com/index.asp
O1 - Hosts: 127.0.0.1 vod.52en.com
O1 - Hosts: 127.0.0.1 www.6mb.net/movie/
O1 - Hosts: 127.0.0.1 www.6mb.net
O1 - Hosts: 127.0.0.1 www.nic2000.com/?huyantao
O1 - Hosts: 127.0.0.1 www.nic2000.com
O1 - Hosts: 127.0.0.1 www.getfreedomain.biz/index.php
O1 - Hosts: 127.0.0.1 www.getfreedomain.biz
O1 - Hosts: 127.0.0.1 chinaour.com
O1 - Hosts: 127.0.0.1 chinaour.com/
O1 - Hosts: 127.0.0.1 www.ttjj.com/index.php
O1 - Hosts: 127.0.0.1 hao123.com
O1 - Hosts: 127.0.0.1 www.tom.com
O1 - Hosts: 127.0.0.1 www.okww.net
O1 - Hosts: 127.0.0.1 www.ttlook.com
O1 - Hosts: 127.0.0.1 www.ent8.com
O1 - Hosts: 127.0.0.1 my518@jining.info
O1 - Hosts: 127.0.0.1 cnlove.bl.am
O1 - Hosts: 127.0.0.1 lingaonbvm.myrice.com/cnlove.htm
O1 - Hosts: 127.0.0.1 lingaonbvm.myrice.com/logo.jpg
O1 - Hosts: 127.0.0.1 lingaonbvm.myrice.com
O1 - Hosts: 127.0.0.1 xyz8848@jining.info
O1 - Hosts: 127.0.0.1 QQ6ss.126.com
O1 - Hosts: 127.0.0.1 epzj.1m.cn/
O1 - Hosts: 127.0.0.1 www.hahabus.com
O1 - Hosts: 127.0.0.1 www.eliao.com
O1 - Hosts: 127.0.0.1 wacky.nease.net
O1 - Hosts: 127.0.0.1 www.QQ588.com
O1 - Hosts: 127.0.0.1 www.qq988.com
O1 - Hosts: 127.0.0.1 www.ktv530.com
O1 - Hosts: 127.0.0.1 user.netomia.com
O1 - Hosts: 127.0.0.1 www.eliao.net
O1 - Hosts: 127.0.0.1 182838.com
O1 - Hosts: 127.0.0.1 www.365ww.com
O1 - Hosts: 127.0.0.1 music.94xp.com
O1 - Hosts: 127.0.0.1 www.ok530.com
O1 - Hosts: 127.0.0.1 nicex.126.com
O1 - Hosts: 127.0.0.1 www.dj33344.com
O1 - Hosts: 127.0.0.1 www.film3344.com
O1 - Hosts: 127.0.0.1 www.mmqm.com
O1 - Hosts: 127.0.0.1 www.hao3344.com
O1 - Hosts: 127.0.0.1 www.mtv365.com
O1 - Hosts: 127.0.0.1 www.mtvxp.com
O1 - Hosts: 127.0.0.1 www.88music.com
O1 - Hosts: 127.0.0.1 ye99.com/2/
O1 - Hosts: 127.0.0.1 ye99.com
O1 - Hosts: 127.0.0.1 www.xgmm.com
O1 - Hosts: 127.0.0.1 www.xxx.xom
O1 - Hosts: 127.0.0.1 www.163z.com
O1 - Hosts: 127.0.0.1 www.qq886.com
O1 - Hosts: 127.0.0.1 www.haohz.com
O1 - Hosts: 127.0.0.1 www.qq250.com
O1 - Hosts: 127.0.0.1 www.youxika.net/bbs/topic
O1 - Hosts: 127.0.0.1 www.youxika.net/
O1 - Hosts: 127.0.0.1 asqin123.51.net/down/dhwg.rar
O1 - Hosts: 127.0.0.1 asqin123.51.net/
O1 - Hosts: 127.0.0.1 xywaigua.126.com
O1 - Hosts: 127.0.0.1 dxy.9126.com
O1 - Hosts: 127.0.0.1 63581.yeah.net/
O1 - Hosts: 127.0.0.1 maomao363.126.com
O1 - Hosts: 127.0.0.1 www.mucopy.com/dh/
O1 - Hosts: 127.0.0.1 www.mucopy.com/
O1 - Hosts: 127.0.0.1 www.sa25.y365.com/index.htm
O1 - Hosts: 127.0.0.1 www.sa25.y365.com/
O1 - Hosts: 127.0.0.1 dahau2.7u7.net
O1 - Hosts: 127.0.0.1 www.websamba.com/dujianpeng
O1 - Hosts: 127.0.0.1 www.websamba.com/
O1 - Hosts: 127.0.0.1 126gzs.yeah.net
O1 - Hosts: 127.0.0.1 www.mmm123.com
O1 - Hosts: 127.0.0.1 young-erotic.com
O1 - Hosts: 127.0.0.1 aifind.info
O1 - Hosts: 127.0.0.1 80pictures.com
O1 - Hosts: 127.0.0.1 www.88dvd.com
O1 - Hosts: 127.0.0.1 www.sex591.com
O1 - Hosts: 127.0.0.1 www.coolsearch.biz/
O1 - Hosts: 127.0.0.1 www.wo365.com/
O1 - Hosts: 127.0.0.1 www.mp3.funcn.net
O1 - Hosts: 127.0.0.1 muiscmov.xx.to
O1 - Hosts: 127.0.0.1 www.freepicturepage.com
O1 - Hosts: 127.0.0.1 www.ie136.com
O1 - Hosts: 127.0.0.1 www.18rc.com
O1 - Hosts: 127.0.0.1 www.feyes.com/index.asp
O1 - Hosts: 127.0.0.1 mp3.funcn.net
O1 - Hosts: 127.0.0.1 mov.hy256.com
O1 - Hosts: 127.0.0.1 www.qyw520.net
O1 - Hosts: 127.0.0.1 www.6m6.net
O1 - Hosts: 127.0.0.1 www.tiansha.net
O1 - Hosts: 127.0.0.1 www.jsing.net
O1 - Hosts: 127.0.0.1 www.mydj2005.com
O1 - Hosts: 127.0.0.1 www.52down.com
O1 - Hosts: 127.0.0.1 www.94qq.com
O1 - Hosts: 127.0.0.1 www.3wei.com
O1 - Hosts: 127.0.0.1 www.qq158.com
O1 - Hosts: 127.0.0.1 www.99123.com
O1 - Hosts: 127.0.0.1 www.game186.com
O1 - Hosts: 127.0.0.1 zz.ent8.com
O1 - Hosts: 127.0.0.1 www.six8.net
O1 - Hosts: 127.0.0.1 www.bymx.com
O1 - Hosts: 127.0.0.1 www.7yyy.com
O1 - Hosts: 127.0.0.1 www.cnww.net
O1 - Hosts: 127.0.0.1 www.53900.com

O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v11.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\AdPlus\IEHelp1.dll
O2 - BHO:  (file missing)
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO:  (file missing)
O2 - BHO:  (file missing)
O2 - BHO:  - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - D:\PROGRA~1\KuGoo2\KUGOO3~1.OCX
O2 - BHO:  (file missing)
O2 - BHO:  (file missing)
O3 - Toolbar:  (file missing)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [LHotkey] LHotkey.exe
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Iehelper] C:\WINDOWS\system32\iehelper.exe
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [AddrPlus3] C:\PROGRA~1\TENCENT\AdPlus\Runner.exe C:\PROGRA~1\TENCENT\AdPlus\QAHook1.dll Rundll32
O8 - Extra context menu item: &使用迅雷下载 - D:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra Button: (no name) - {35980F6E-A137-4E50-953D-813BB8556899}? -
O9 - Extra Button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191}? -  (file missing)
O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191}? -  (file missing)
O9 - Extra Button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra Button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O11 - Options group: [TBH]  QQ地址栏搜索插件
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: {045ADB92-9635-45CE-B25B-F19F825B0E39} (MSTPlayerInstaller Control) - http://www.chinaedu.com/MSTView/CHS/MSTPlayerInstaller.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {40CFEA79-ED5B-4B2B-8B8D-B567E40AF812} (sslclient Control) - http://lenovo.tol24.com/download/ocx/sslclientnew.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/aliedit.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126171116343
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131846202875
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {74447F9C-5691-4A9A-8BE4-564092E40B03} (VnetAnprIns Class) - http://plugin.chinavnet.com/VnetPluginIns.CAB
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {DA215190-98B2-47DE-AE24-DA95481DFFBA} (AxUSBKey Class) - https://mybank.icbc.com.cn/icbc/perbank/AxUSBKey.CAB
O16 - DPF: {E1207373-6721-4AAD-888B-C8C5A0209E17} (VnetAnpr Class) - http://service.chinavnet.com/zx/VNetInterface/VNetForSP/VnetPlugin.CAB
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://tenpay.qq.com/download/qqedit.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://pcaststatic.mop.com/dn/files/pCastCtl_1.0.0.67_20050915.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9B6C8487-BB13-4D5D-A1B4-05C3D2ACAEF9}: NameServer = 202.101.224.69 202.101.226.68
O18 - Filter : application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll
O18 - Filter : application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll
O18 - Filter : application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\system32\mbprot.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll"
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O23 - Service: Application Management (AppMgmt) -  - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Human Interface Device Access (HidServ) -  - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - "C:\Program Files\Rising\Rav\CCenter.exe"
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - "C:\Program Files\Rising\Rav\Ravmond.exe"
就这些，发完了，是什么原因啊

还有一个是用卡卡导出的这个进程的相关信息
[iehelper.exe]
PID = 0xdd8
CommandLine = "C:\WINDOWS\system32\iehelper.exe"
iehelper.exe
0x400000
C:\WINDOWS\system32\iehelper.exe
不知道这个对你有帮助吗？

修复：
O4 - HKLM\..\Run: [Iehelper] C:\WINDOWS\system32\iehelper.exe

删除：
C:\WINDOWS\system32\iehelper.exe

http://zhidao.baidu.com/q?word=iehelper.exe&ct=17&pn=0&tn=ikaslist&rn=10