我打开我的网站（我自己的一台垃圾服务器），第一次打那那个网站瑞星都会提示有病毒，病毒名称是Trojan.DL.Win32.Mnless.bqe，我在瑞星官网查了一下，说是WINDOS下的PE病毒，到底是什么病毒呀？
另外就是这个病毒不是我本机上的，是服务器上的，但是我在服务器上用瑞星杀了很多次都没有把病毒找到，而且网页的页面上也没有被嵌入带木马的页面呀，而且我发现只是我的一个PHP网站着了，就是DZ的论坛，其它ASP的网站都没事情，到底是咋回事情，请各位高手给我指点一下呀！

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; QQDownload 1.7; TencentTraveler 4.0)

你访问报毒的网址是什么啊

我访问报病毒的网址是http://bbs.bzren.net/index.php

大家帮忙看看哈！！！

用windows清理助手清理一下系统。(未知的那些不要选择删除)
windows清理助手下载页面：http://www.arswp.com/download.html
———————————————————————————————————————
然后使用System Repair Engineer扫描日志，将日志作为附件上传上来。
下载页面：http://www.kztechs.com/sreng/download.html
操作方法：
1、下载后解压缩，运行SREngLdr.EXE；
2、如果无法打开尝试把SREngLdr.EXE改名为123.com，并复制到c:\windows目录下运行；
3、依次点击【智能扫描】-【扫描】，耐心等待，扫描结束后点击【保存报告】；
4、选择保存路径，文件名保持默认，直接点击【保存】；
5、打开保存的日志文件SREngLOG.log，完整复制全部内容，新建一个文本文档，将日志中的全部内容粘贴到“新建文本文档.txt”中；
6、将“新建文本文档.txt”作为附件上传，同时务必详细描述问题现象，如果有查杀不净的病毒务必提供病毒名和路径。
注意：扫描前请尽量关闭QQ、游戏、下载工具、媒体播放器等应用程序。

谢谢各位，我先试试吧！

注册项

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-02-28 23:28 M:2008-07-25 20:11]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-02-28 23:26 M:2008-07-29 13:14]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs]
    <wow64><wow64.dll>  []
    <wow64cpu><wow64cpu.dll>  []
    <wow64win><wow64win.dll>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-02-29 00:16 M:2008-07-29 13:14]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710), C:2008-02-28 22:41 M:2007-02-17 06:56|(Verified)Microsoft Corporation, 7.00.6000.16735 (vista_gdr.080820-1506), C:2008-08-26 02:06 M:2008-08-26 02:06|(Verified)N/A, C:2003-03-27 20:00 M:2005-04-04 13:38]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710), C:2008-02-28 22:41 M:2007-02-17 06:56|(Verified)Microsoft Corporation, 7.00.6000.16735 (vista_gdr.080820-1506), C:2008-08-26 02:06 M:2008-08-26 02:06|(Verified)N/A, C:2003-03-27 20:00 M:2007-02-17 06:45]

组件


ShellExecuteHook
[ShlExecHack Class]
    {32CD708B-60A7-4C00-9377-D73EAA495F0F}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-02-29 00:16 M:2008-07-29 13:14]

Shell Extension
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <hticons.dll>  []
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2008-02-28 21:34 M:2005-10-11 10:23]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-02-29 00:16 M:2008-07-29 13:14]
[EncryptFile]
    {D55189EB-2826-4834-8E59-582B05CA99CA}  <C:\PROGRA~1\Wopti\WOPTIE~1.DLL>  [(Verified)共软网络, 1.0.8.103, C:2008-02-29 09:43 M:2008-01-03 13:51]

ActiveX Extension
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx>  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]

Context Menu
[EncryptFile]
    {D55189EB-2826-4834-8E59-582B05CA99CA}  <C:\PROGRA~1\Wopti\WOPTIE~1.DLL>  [(Verified)共软网络, 1.0.8.103, C:2008-02-29 09:43 M:2008-01-03 13:51]
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-02-29 00:16 M:2008-07-29 13:14]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2008-02-28 21:34 M:2005-10-11 10:23]

服务

[MySQL / MySQL][Running/Auto Start]
    <"D:\server\mysql\bin\mysqld-nt" --defaults-file="D:\server\mysql\my.ini" MySQL>  [N/A, C:2007-04-26 23:34 M:2007-04-26 23:34]
[WinHTTP Web Proxy Auto-Discovery Service / WinHttpAutoProxySvc][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "winhttp.dll">  [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710), C:2008-02-28 22:55 M:2007-02-17 06:44]

附件: SREngLOG.txt (2008-12-1 11:15:24, 45.33 K)
该附件被下载次数 162