瑞星卡卡安全论坛

各位大侠们,我的机子每次启动的时候总要弹出一个不知名的东东!~baiduo什么的,我不知道是中了什么病毒?我曾找到那个目录,试图把它删除,可是却删除不掉,有哪位高手知道的,请帮忙解决一下,小女子在此谢过啦!~~~
日志中的地址是这样的:

[baido.exe]
CommandLine = "c:\docume~1\caroline\locals~1\temp\baido.exe"



我再复制一些给大家看看,到底问题是什么
[sysgrst.exe]
CommandLine = "c:\docume~1\caroline\locals~1\temp\sysgrst.exe" www.ebook.com

[nvsvc32.exe]
CommandLine = C:\WINDOWS\System32\nvsvc32.exe

[IEXPLORE.EXE]
CommandLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE"

[taskmgr.exe]
CommandLine = taskmgr.exe

[baido.exe]
CommandLine = "c:\docume~1\caroline\locals~1\temp\baido.exe"

[KkScan.exe]
CommandLine = "C:\Program Files\Rising\KakaToolBar\KkScan.exe"

R3 - Default URLSearchHook is missing
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO:  (file missing)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\System32\kakatool.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Zone Labs Client] D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [exiporer] c:\windows\system32\baiduo.exe
O4 - Startup: desktop.ini =
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\Tencent\QQ\QQ.exe
O4 - Global Startup: desktop.ini =
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\QQ\SendMMS.htm
O14 - IERESET.INF: START_PAGE_URL=about:blank
O16 - DPF: DirectAnimation Java Classes - file://C:\WINDO

O4 - HKLM\..\Run: [exiporer] c:\windows\system32\baiduo.exe
问题可能在这
你看一下系统进程里有没有baiduo.exe这个进程.如果有的话结束掉经再删除这个文件,关闭系统还原.

系统进程里面有啊,但是我删除不掉那个东东的嘛!~删了又出来了,哎,真让人头痛,还有其它方法吗?谢谢,而且刚刚又弹出来了那个窗口,一弹就是好多,像弹琴一样555555

将HijackThis1.99.1版的日志或者SREng的日志完整的贴上来