windows资源管理器中双击目录后出现与目录名一样的可执行文件？ bbs.ikaka.com

警世钟 - 2005-11-21 15:48:00

windows资源管理器中双击目录后出现与目录名一样的可执行文件（目录名.exe）
这个文件的属性如下：
1）大小：56.0 KB (57,344 字节)
2）属性：隐藏
3）产品版本：1.0
4）产品名称：Xgtray
5）公司：gy
6）内部名称：EXPLORER
7）文件版本：1.00
8）语言：中文(中国)
9）源文件名：EXPLORER.exe

请教：这是什么原因造成的！怎么解决？

以下是我的日志记录：
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\inetsrv\inetinfo.exe
F:\Program Files\System Safety Monitor\SSMService.exe
F:\Program Files\VMware\VMware Workstation\vmware-authd.exe
F:\WINDOWS\System32\vmnat.exe
F:\Program Files\Common Files\Microsoft Shared\MSSearch\Bin\mssearch.exe
F:\WINDOWS\System32\vmnetdhcp.exe
F:\Program Files\System Safety Monitor\sysSafe.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\SkyNet\Firewall\pfw.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\CNNIC\Cdn\cdnup.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\ctfmon.exe
D:\work_bak\(HijackThis1.99.1-日志文件扫描)\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - F:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O2 - BHO: MusicSearch Class - {3D33EAE4-9EAA-4542-BCC8-9A9061392D56} - F:\WINDOWS\system32\MyIMLite\MuSearch.dll (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: IE伴侣 - {B225B89D-5E95-4194-98E8-149993071B31} - F:\WINDOWS\system32\123bar166.dll
O3 - Toolbar: (no name) - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - (no file)
O4 - HKLM\..\Run: [SKYNET Personal FireWall] F:\Program Files\SkyNet\Firewall\pfw.exe
O4 - HKLM\..\Run: [CdnCtr] F:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKLM\..\Run: [ExFilter] Rundll32.exe "F:\PROGRA~1\CNNIC\Cdn\cdnspie.dll,ExecFilter solo"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item:
→★将图片发送到手机 - http://diy.inshouji.com/ie_sendimg.htm
O8 - Extra context menu item:
→★将这段文字发送到短信 - http://diy.inshouji.com/ie_sendtxt.htm
O8 - Extra context menu item:
→直接播放本音乐(影视)文件 - http://soft.jily.net/redirect/play.htm
O8 - Extra context menu item:
★上网指南★ - http://www.jily.net/site.htm
O8 - Extra context menu item: !搜一搜 - res://F:\WINDOWS\DOWNLO~1\CnsMinEx.dll/1003
O8 - Extra context menu item: !搜一搜(&S) - res://F:\WINDOWS\DOWNLO~1\CnsMinEx.dll/1003
O8 - Extra context menu item: 使用网际快车下载 - F:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - F:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 新浪搜索 - http://cha.sina.com.cn/ddt.html
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm?pid=3721_union (file missing)
O9 - Extra button: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - F:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra 'Tools' menuitem: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - F:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra button: (no name) - {4ABAF8F1-2E3E-4439-AFBF-96B7A23F6E4B} - http://www.jily.net/site.htm (file missing)
O9 - Extra 'Tools' menuitem: 上网指南 - {4ABAF8F1-2E3E-4439-AFBF-96B7A23F6E4B} - http://www.jily.net/site.htm (file missing)
O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing)
O9 - Extra button: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing)
O9 - Extra button: 铃声 - {7FA48D98-F2F7-4FAD-9762-2F7165D51650} - http://soft.jily.net/redirect/ring.htm (file missing)
O9 - Extra button: 词霸 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - F:\PROGRA~1\KINGSOFT\XDICT\ieplugin.DLL
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MyIM音乐随心听 - {98C3FD76-B058-474F-BB61-70ED205F7A5C} - F:\WINDOWS\system32\MyIMLite\Music.dll (file missing)
O9 - Extra 'Tools' menuitem: MyIM音乐随心听 - {98C3FD76-B058-474F-BB61-70ED205F7A5C} - F:\WINDOWS\system32\MyIMLite\Music.dll (file missing)
O9 - Extra button: 导航 - {B252D7FF-47B3-4B41-9E69-69D6C1ED523A} - http://www.jily.net/site.htm (file missing)
O9 - Extra button: 卓越 - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - F:\PROGRA~1\KINGSOFT\XDICT\ieplugin.DLL
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: 听歌 - {CC56C5BE-005C-4F82-BC68-E2FD0F819CDB} - http://soft.jily.net/redirect/music.htm (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O10 - Unknown file in Winsock LSP: f:\windows\system32\tcpipdog1.dll
O10 - Unknown file in Winsock LSP: f:\windows\system32\tcpipdog1.dll
O10 - Unknown file in Winsock LSP: f:\windows\system32\tcpipdogr0.dll
O10 - Unknown file in Winsock LSP: f:\windows\system32\tcpipdogr0.dll
O11 - Options group: [!CNS] 网络实名
O11 - Options group: [CDNCLIENT] 中文上网
O12 - Plugin for .pdf: F:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{0215940F-3940-4481-85CC-D28B0CB7ACD3}: NameServer = 61.128.128.67,61.128.128.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{0215940F-3940-4481-85CC-D28B0CB7ACD3}: NameServer = 61.128.128.67,61.128.128.68
O20 - Winlogon Notify: dimsntfy - F:\WINDOWS\SYSTEM32\dimsntfy.dll
O20 - Winlogon Notify: System Safety Monitor - F:\WINDOWS\SYSTEM32\SSMWinlogonEx.dll
O23 - Service: Ati HotKey Poller - Unknown owner - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - f:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: System Safety Monitor (SSM) - System Safety - F:\Program Files\System Safety Monitor\SSMService.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - F:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - F:\WINDOWS\System32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - F:\WINDOWS\System32\vmnat.exe

瑞星卡卡安全论坛