Logfile of Kaka v2. 0. 0. 8 Scan Module v2. 0. 0. 1
Scan saved at 17:56:26, on 2006-05-26
Platform: Microsoft Windows XP Professional Service Pack 1 (Build 2600)
MSIE: Internet Explorer v6.00 SP1; (6.00.2800.1106 (xpsp1.020828-1920))


Running processes:
[RavTask.exe]
CommandLine = "E:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM

[ctfmon.exe]
CommandLine = "D:\WINDOWS\System32\ctfmon.exe"

[RavMon.exe]
CommandLine = "E:\Program Files\Rising\Rav\Ravmon.exe" -SYSTEM

[QQ.exe]
CommandLine = "E:\Program Files\Tencent1\qq\QQ.exe"

[iexplore.exe]
CommandLine = "D:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome

[flashget.exe]
CommandLine = "E:\Program Files\FlashGet\flashget.exe"

[foobar2000.exe]
CommandLine = "E:\Program Files\foobar2000\foobar2000.exe"

[explorer.exe]
CommandLine = D:\WINDOWS\explorer.exe

[KkScan.exe]
CommandLine = "E:\Program Files\Rising\KakaToolBar\KkScan.exe"

R3 - Default URLSearchHook is missing
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1  www.page-not-found.net
O1 - Hosts: 127.0.0.1  page-not-found.net
O1 - Hosts: 127.0.0.1  www.exactsearch.net
O1 - Hosts: 127.0.0.1  www.contextplus.net
O1 - Hosts: 127.0.0.1  www.contextplus.net
O2 - BHO:  - {6001CDF7-6F45-471b-A203-0225615E35A7} - D:\WINDOWS\DH.dll (file missing)
O2 - BHO: XBTP01713 Class - {87A2A7C5-EFEF-4200-9575-A4AE9325F9DE} - D:\PROGRA~1\AFFILI~1\untitled.dll
O2 - BHO:  (file missing)
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - D:\WINDOWS\System32\IEHelper.dll
O2 - BHO: CnsHook Class - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - D:\WINDOWS\DOWNLO~1\CnsHook.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - D:\WINDOWS\System32\WinNB57.dll
O3 - Toolbar: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - D:\Program Files\Freeprod Toolbar\freeprod.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: 珊瑚虫 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - Toolbar: Affiliate Beta - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - D:\Program Files\Affiliate Beta\untitled.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - D:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll
O3 - Toolbar: 实用搜索 - {15ADF205-4C54-4cfe-AC88-1EA0BA6D06A0} - D:\Program Files\ScanToolbar\ScanBar.dll
O3 - Toolbar: 捜狗直通车 - {DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C} - D:\PROGRA~1\P4P\Toolbar.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - D:\WINDOWS\System32\kakatool.dll
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe D:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [RavTask] "E:\Program Files\Rising\Rav\RavTask.exe" -system
O8 - Extra context menu item: &RSDN Search - res://D:\Program Files\ScanToolbar\ScanBar.dll/GoRSDN.dll.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\Tencent1\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\Tencent1\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\Tencent1\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\Tencent1\qq\SendMMS.htm
O9 - Extra Button: 江民在线杀毒 - {06926B30-424E-4f1c-8EE3-543CD96573DC} - http://club.jiangmin.com/kvscan/KvOnline.asp (file missing)
O9 - Extra Button: 金山卓越 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - D:\WINDOWS\system32\KAV_IE~1.DLL
O9 - Extra Button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra Button: Affiliate Beta - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - D:\Program Files\Affiliate Beta\untitled.dll
O9 - Extra 'Tools' menuitem: Affiliate Beta - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - D:\Program Files\Affiliate Beta\untitled.dll
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra Button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)

O10 - Unknown file in Winsock LSP: D:\WINDOWS\System32\cdnns.dll
O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL
O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL
O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL
O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL
O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL
O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL
O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL
O11 - Options group: [!CNS]  网络实名
O11 - Options group: [CDNCLIENT]  中文上网
O11 - Options group: [TBH]  搜搜地址栏搜索
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://vod.lanyin.net/plugin/PowerPlr.ocx
O16 - DPF: {A984ED9F-E8DA-44E5-BC18-C14B9ABEF79D} (photo_uploader Control) - http://upload.photo.163.com/photoup.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O16 - DPF: {EF6205C1-3F17-4829-BCB5-1336ED89E356} - http://club.jiangmin.com/kvscan/KvDown.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{81AA13C6-80B6-4EEF-97B7-5BBF78C96E8F}: NameServer = 60.191.244.5 60.191.244.2
O18 - Filter : application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll
O18 - Filter : application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll
O18 - Filter : application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\System32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - D:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - E:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - D:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\WINDOWS\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\System32\mshtml.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - D:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - D:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - D:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - D:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - D:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - D:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\System32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - D:\WINDOWS\System32\msdxm.ocx
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - D:\WINDOWS\system32\wiascr.dll
O20 - AppInit_DLLs: D:\WINDOWS\SYSTEM32\USERINIT.EXE;
O20 - Winlogon Notify: DateTime
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - D:\WINDOWS\system32\upnpui.dll
O23 - Service: Print Manager (8NASCAR) -  - D:\WINDOWS\System32\rundll32.exe d:\windows\system32\wbem\irjit.dll,export 1087
O23 - Service: Adobe LM Service (Adobe LM Service) - Adobe Systems - "D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
O23 - Service: Apache2 (Apache2) -  - "C:\wt2ksrv\bin\Apache.exe" -k runservice
O23 - Service: Command Service (cmdService) -  - D:\WINDOWS\dXNlcg\command.exe
O23 - Service: dcfssvc (Dcfssvc) - Eastman Kodak Company - D:\WINDOWS\System32\drivers\dcfssvc.exe
O23 - Service: Human Interface Device Access (HidServ) -  - D:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - D:\WINDOWS\System32\icdsptsv.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - E:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: KVSrvXP (KVSrvXP) - JiangMin Ltd. - E:\KV2003\KVSrvXP.exe -Service
O23 - Service: Network Engine (Live) -  - D:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: Macromedia Licensing Service (Macromedia Licensing Service) -  - "D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"
O23 - Service: MsLX32 (MsLX32) -  - "D:\WINDOWS\MsLX32.exe"
O23 - Service: mswmf32 (mswmf32) -  - "D:\WINDOWS\mswmf32.exe"
O23 - Service: MySql (MySql) -  - C:\wt2ksrv\bin\mysqld-opt
O23 - Service: Network Monitor (Network Monitor) -  - D:\Program Files\Network Monitor\netmon.exe service
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: P4P Service (P4P Service) -  - D:\Program Files\P4P\p2psvr.exe
O23 - Service: PACSPTISVR (PACSPTISVR) - Sony Corporation - D:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: Peanut Hull Client Service (Peanut Hull Client Service) - Oray Network Resource Co., Ltd - E:\Program Files\PeanutHull\PHSvc.exe
O23 - Service: RaySatxsi4_0 Server (RaySatxsi4_0Server) -  - E:\Softimage\XSI_4.0\Application\bin\raysatxsi4_0server.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - "E:\Program Files\Rising\Rav\CCenter.exe"
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - "E:\Program Files\Rising\Rav\Ravmond.exe"
O23 - Service: Smart Card Helper (SCardDrv) -  - D:\WINDOWS\System32\scardser.exe
O23 - Service: SPM License Server (spmd) - mental images GmbH & Co. KG - D:\WINDOWS\System32\spm\spmd.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - D:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: Remote_Procedure_Call (svchost) - Microsoft Corporation - D:\WINDOWS\System32\svchost.cmd
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - E:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Update Manager (UpdateManager) -  - D:\WINDOWS\update\updmgr.exe /updatemgr

XP系统，D盘为系统盘，用瑞星查出explorer.exe有毒，路径为WINDOWS\，

困扰一个多星期的问题，问过多位朋友都不知道，特在此贴向大虾求助，望不吝赐教

还是有很多问题的
为了方便修复
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。
我怀疑这几项都是病毒，建议，如果你也不知道，建议删除。
O23 - Service: Print Manager (8NASCAR) - - D:\WINDOWS\System32\rundll32.exe d:\windows\system32\wbem\irjit.dll,export 1087
O23 - Service: Command Service (cmdService) - - D:\WINDOWS\dXNlcg\command.exe
O23 - Service: MsLX32 (MsLX32) - - "D:\WINDOWS\MsLX32.exe"
O23 - Service: mswmf32 (mswmf32) - - "D:\WINDOWS\mswmf32.exe"
O23 - Service: Network Monitor (Network Monitor) - - D:\Program Files\Network Monitor\netmon.exe service
O23 - Service: Remote_Procedure_Call (svchost) - Microsoft Corporation - D:\WINDOWS\System32\svchost.cmd

O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - D:\WINDOWS\System32\icdsptsv.exe(这项只是在怀疑当中，请自行确认)

下载好用，运行
System Repair Engineer，点“启动项目，服务，勾选“隐藏微软服务”选中病毒服务Print Manager，Command Service，MsLX32，mswmf32，Network Monitor，Remote_Procedure_Call，Sony SPTI Service for DVE选择“删除所选服务”“否”最后重启。（每一个逗号隔开的就是一个病毒的服务，请逐一删除）
双击我的电脑--工具---文件夹选项--查看--单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示您确定更改时，单击“是”
删除
d:\windows\system32\wbem\irjit.dll
D:\WINDOWS\dXNlcg\command.exe
D:\WINDOWS\MsLX32.exe
D:\WINDOWS\mswmf32.exe
D:\Program Files\Network Monitor
D:\WINDOWS\System32\svchost.cmd
D:\WINDOWS\System32\icdsptsv.exe
提示，如果你是双系统，可以在C盘的系统上任意删除这几个文件。
其它的只是一个垃圾软件，也建议删除
建议你下载超级兔子。
http://dl.pconline.com.cn/html_2/1/75/id=273&pn=0.html
安装好后，打开“超级兔子优化王”“专业卸载，卸载所有提示的垃圾。
修复，请重启，再扫份System Repair Engineer报告粘上来。