查出explorer.exe有毒，大小为926K，XP系统，系统盘为D盘,以下为扫描报告 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛查出explorer.exe有毒，大小为926K，XP系统，系统盘为D盘,以下为扫描报告

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

查出explorer.exe有毒，大小为926K，XP系统，系统盘为D盘,以下为扫描报告

闪电17224596 初生襁褓狮帖子:8 注册: 2006-05-26 来自:	发表于： 2006-05-26 18:00 \| 显示全部短消息资料字号：小中大 1楼查出explorer.exe有毒，大小为926K，XP系统，系统盘为D盘,以下为扫描报告 Logfile of Kaka v2. 0. 0. 8 Scan Module v2. 0. 0. 1 Scan saved at 17:56:26, on 2006-05-26 Platform: Microsoft Windows XP Professional Service Pack 1 (Build 2600) MSIE: Internet Explorer v6.00 SP1; (6.00.2800.1106 (xpsp1.020828-1920)) Running processes: [RavTask.exe] CommandLine = "E:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM [ctfmon.exe] CommandLine = "D:\WINDOWS\System32\ctfmon.exe" [RavMon.exe] CommandLine = "E:\Program Files\Rising\Rav\Ravmon.exe" -SYSTEM [QQ.exe] CommandLine = "E:\Program Files\Tencent1\qq\QQ.exe" [iexplore.exe] CommandLine = "D:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome [flashget.exe] CommandLine = "E:\Program Files\FlashGet\flashget.exe" [foobar2000.exe] CommandLine = "E:\Program Files\foobar2000\foobar2000.exe" [explorer.exe] CommandLine = D:\WINDOWS\explorer.exe [KkScan.exe] CommandLine = "E:\Program Files\Rising\KakaToolBar\KkScan.exe" R3 - Default URLSearchHook is missing O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.page-not-found.net O1 - Hosts: 127.0.0.1 page-not-found.net O1 - Hosts: 127.0.0.1 www.exactsearch.net O1 - Hosts: 127.0.0.1 www.contextplus.net O1 - Hosts: 127.0.0.1 www.contextplus.net O2 - BHO: - {6001CDF7-6F45-471b-A203-0225615E35A7} - D:\WINDOWS\DH.dll (file missing) O2 - BHO: XBTP01713 Class - {87A2A7C5-EFEF-4200-9575-A4AE9325F9DE} - D:\PROGRA~1\AFFILI~1\untitled.dll O2 - BHO: (file missing) O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - D:\WINDOWS\System32\IEHelper.dll O2 - BHO: CnsHook Class - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - D:\WINDOWS\DOWNLO~1\CnsHook.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - D:\WINDOWS\System32\WinNB57.dll O3 - Toolbar: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - D:\Program Files\Freeprod Toolbar\freeprod.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll O3 - Toolbar: 珊瑚虫工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll O3 - Toolbar: Affiliate Beta - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - D:\Program Files\Affiliate Beta\untitled.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - D:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll O3 - Toolbar: 实用搜索 - {15ADF205-4C54-4cfe-AC88-1EA0BA6D06A0} - D:\Program Files\ScanToolbar\ScanBar.dll O3 - Toolbar: 捜狗直通车 - {DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C} - D:\PROGRA~1\P4P\Toolbar.dll O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - D:\WINDOWS\System32\kakatool.dll O4 - HKLM\..\Run: [CnsMin] Rundll32.exe D:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32 O4 - HKLM\..\Run: [RavTask] "E:\Program Files\Rising\Rav\RavTask.exe" -system O8 - Extra context menu item: &RSDN Search - res://D:\Program Files\ScanToolbar\ScanBar.dll/GoRSDN.dll.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\Tencent1\qq\AddToNetDisk.htm O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\Tencent1\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\Tencent1\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\Tencent1\qq\SendMMS.htm O9 - Extra Button: 江民在线杀毒 - {06926B30-424E-4f1c-8EE3-543CD96573DC} - http://club.jiangmin.com/kvscan/KvOnline.asp (file missing) O9 - Extra Button: 金山卓越 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - D:\WINDOWS\system32\KAV_IE~1.DLL O9 - Extra Button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\WINDOWS\System32\shdocvw.dll O9 - Extra Button: Affiliate Beta - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - D:\Program Files\Affiliate Beta\untitled.dll O9 - Extra 'Tools' menuitem: Affiliate Beta - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - D:\Program Files\Affiliate Beta\untitled.dll O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\System32\shdocvw.dll O9 - Extra Button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing) O10 - Unknown file in Winsock LSP: D:\WINDOWS\System32\cdnns.dll O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL O10 - Unknown file in Winsock LSP: E:\Program Files\Filseclab\xfilter\XFILTER.DLL O11 - Options group: [!CNS] 网络实名 O11 - Options group: [CDNCLIENT] 中文上网 O11 - Options group: [TBH] 搜搜地址栏搜索 O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://vod.lanyin.net/plugin/PowerPlr.ocx O16 - DPF: {A984ED9F-E8DA-44E5-BC18-C14B9ABEF79D} (photo_uploader Control) - http://upload.photo.163.com/photoup.cab O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab O16 - DPF: {EF6205C1-3F17-4829-BCB5-1336ED89E356} - http://club.jiangmin.com/kvscan/KvDown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{81AA13C6-80B6-4EEF-97B7-5BBF78C96E8F}: NameServer = 60.191.244.5 60.191.244.2 O18 - Filter : application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll O18 - Filter : application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll O18 - Filter : application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\System32\mshtml.dll 2006-06-04 13:21:34
闪电17224596 初生襁褓狮帖子:8 注册: 2006-05-26 来自:	分享到：

闪电17224596 初生襁褓狮帖子:8 注册: 2006-05-26 来自:	发表于： 2006-06-04 08:10 \| 显示全部短消息资料字号：小中大 2楼这么多天过去了，有没有大虾知道原因啊，除了重装系统，有没有办法手动删此病毒？
闪电17224596 初生襁褓狮帖子:8 注册: 2006-05-26 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT