请高手帮忙！实验室好几台电脑中病毒了，用瑞星和诺盾都可以杀到，瑞星提示病毒名为Trojan.dockiller.p，其中被感染的文件都变成了可
执行性文件，文件夹下无法查看全部文件，进程中怀疑木马的doc.exe文件，在DOS下手动删除，同时取消启动项中该程序，但是现在的
问题是：
不管是用什么杀毒软件，杀完之后文件夹选项的查看全部文件仍然无法打开，重新调整之后，马上又复原到隐藏文件夹下，是不是还有未完全清除的木马或病毒呢？
好像这个病毒不太像WORD文件杀手病毒，因为他在C：\WINDOWS\下建立的是一个DOC.EXE文件，而不是SYS.EXE文件，难道是一个变种病毒？？
系统名称: WINDOWSXPSP1
[正在运行任务]

名称    路径    处理 ID    优先顺序    最小工作设置    最大工作设置    开始时间    版本    大小    文件日期   
system idle process    不可用    0    0    不可用    不可用    不可用    不可用    不可用    不可用   
system    不可用    4    8    0    1413120    不可用    不可用    不可用    不可用   
smss.exe    c:\windows\system32\smss.exe    576    11    204800    1413120    2005-10-24 23:52    5.1.2600.1106 (xpsp1.020828-1920)    44.50 KB (45,568 字节)    2002-10-7 12:00   
csrss.exe    不可用    640    13    不可用    不可用    2005-10-24 23:52    不可用    不可用    不可用   
winlogon.exe    c:\windows\system32\winlogon.exe    668    13    204800    1413120    2005-10-24 23:52    5.1.2600.1106 (xpsp1.020828-1920)    490.00 KB (501,760 字节)    2002-10-7 12:00   
services.exe    c:\windows\system32\services.exe    716    9    204800    1413120    2005-10-24 23:52    5.1.2600.0 (xpclient.010817-1148)    99.00 KB (101,376 字节)    2002-10-7 12:00   
lsass.exe    c:\windows\system32\lsass.exe    728    9    204800    1413120    2005-10-24 23:52    5.1.2600.1106 (xpsp1.020828-1920)    11.50 KB (11,776 字节)    2002-10-7 12:00   
svchost.exe    c:\windows\system32\svchost.exe    888    8    204800    1413120    2005-10-24 23:52    5.1.2600.0 (xpclient.010817-1148)    12.50 KB (12,800 字节)    2002-10-7 12:00   
svchost.exe    c:\windows\system32\svchost.exe    932    8    204800    1413120    2005-10-24 23:52    5.1.2600.0 (xpclient.010817-1148)    12.50 KB (12,800 字节)    2002-10-7 12:00   
svchost.exe    不可用    1028    8    不可用    不可用    2005-10-24 23:52    不可用    不可用    不可用   
svchost.exe    不可用    1040    8    不可用    不可用    2005-10-24 23:52    不可用    不可用    不可用   
explorer.exe    c:\windows\explorer.exe    1332    8    204800    1413120    2005-10-24 23:52    6.00.2800.1106 (xpsp1.020828-1920)    926.50 KB (948,736 字节)    2002-10-7 12:00   
spoolsv.exe    c:\windows\system32\spoolsv.exe    1400    8    204800    1413120    2005-10-24 23:52    5.1.2600.0 (XPClient.010817-1148)    50.00 KB (51,200 字节)    2002-10-7 12:00   
alg.exe    不可用    1500    8    不可用    不可用    2005-10-24 23:52    不可用    不可用    不可用   
cdantsrv.exe    c:\windows\system32\drivers\cdantsrv.exe    1516    8    204800    1413120    2005-10-24 23:52    3.24.010    31.50 KB (32,256 字节)    2005-9-22 22:09   
defwatch.exe    d:\symant~1\symant~1\defwatch.exe    1552    8    204800    1413120    2005-10-24 23:52    8.1.0.821    32.00 KB (32,768 字节)    2003-5-16 14:08   
igfxtray.exe    c:\windows\system32\igfxtray.exe    1688    8    204800    1413120    2005-10-24 23:52    3.0.0.2209    152.00 KB (155,648 字节)    2003-7-9 20:25   
hkcmd.exe    c:\windows\system32\hkcmd.exe    1704    8    204800    1413120    2005-10-24 23:52    3.0.0.2209    112.00 KB (114,688 字节)    2003-7-9 20:13   
realsched.exe    c:\program files\common files\real\update_ob\realsched.exe    1728    8    204800    1413120    2005-10-24 23:52    0.1.0.1622    148.04 KB (151,597 字节)    2005-3-20 23:00   
vptray.exe    d:\symant~1\symant~1\vptray.exe    1744    8    204800    1413120    2005-10-24 23:52    8.1.0.821    88.00 KB (90,112 字节)    2003-5-19 15:28   
explore.exe    c:\windows\system\explore.exe    1756    8    204800    1413120    2005-10-24 23:52    不可用    368.00 KB (376,832 字节)    2002-3-11 11:17   
rtvscan.exe    d:\symant~1\symant~1\rtvscan.exe    1768    8    204800    1413120    2005-10-24 23:52    8.1.0.821    596.00 KB (610,304 字节)    2003-5-30 10:37   
taskmgr.exe    c:\windows\system32\taskmgr.exe    1008    13    204800    1413120    2005-10-24 23:53    5.1.2600.1106 (xpsp1.020828-1920)    113.00 KB (115,712 字节)    2002-10-7 12:00   
helpctr.exe    c:\windows\pchealth\helpctr\binaries\helpctr.exe    1232    8    204800    1413120    2005-10-24 23:54    5.1.2600.1106 (xpsp1.020828-1920)    725.00 KB (742,400 字节)    2005-3-7 23:07   
helpsvc.exe    c:\windows\pchealth\helpctr\binaries\helpsvc.exe    1320    8    204800    1413120    2005-10-24 23:54    5.1.2600.1106 (xpsp1.020828-1920)    687.00 KB (703,488 字节)    2005-3-7 23:07   
rnathchk.exe    c:\program files\common files\real\update_ob\rnathchk.exe    1972    8    204800    1413120    2005-10-25 0:00    7.0.0.1176    56.04 KB (57,389 字节)    2005-3-20 23:00   
wmiprvse.exe    不可用    228    8    不可用    不可用    2005-10-25 0:00    不可用    不可用    不可用

大侠们，帮帮忙啊！

explore.exe c:\windows\system\explore.exe 值得怀疑.
下个Hijackthis 1.99.1吧
HijackThis1.99.1可以到【公告】反病毒论坛暂行条例（2005.9.12更新）及本版常用小工具1楼中下载
或.（反浏览器劫持版）置顶贴[必读]本版说明及常用小软件下载
用HijackThis扫描，然后把日志贴上来看看.

谢谢了，先试试看！

StartupList report, 2005-11-1, 下午 11:19:39
StartupList version: 1.52
Started from : D:\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
* Including empty and uninteresting sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
D:\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\SYSTEM\explore.exe
D:\SYMANT~1\SYMANT~1\DefWatch.exe
D:\SYMANT~1\SYMANT~1\Rtvscan.exe
D:\HijackThis.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
D:\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\diskman.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\jszgk\「开始」菜单\程序\启动]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Documents and Settings\All Users\「开始」菜单\程序\启动]
*No files*

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

PHIME2002ASync = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
IgfxTray = C:\WINDOWS\System32\igfxtray.exe
HotKeysCmds = C:\WINDOWS\System32\hkcmd.exe
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
vptray = D:\SYMANT~1\SYMANT~1\vptray.exe
diskscan = C:\WINDOWS\SYSTEM\explore.exe
MSConfig = C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
*No values found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\AutoCADScriptFile\shell\open\command

(Default) = C:\WINDOWS\NOTEPAD.EXE "%1"

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\System32\mshta.exe "%1" %*

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\INFERN~1.SCR
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\WINDOWS\System32\xunleibho_v5.dll - {0005A87D-D626-4B3A-84F9-1D9571695F55}
(no name) - C:\WINDOWS\System32\NaviHelper.dll - {3E422F49-1566-40D3-B43D-077EF739AC32}
(no name) - d:\Program Files\Tencent\QQ\QQIEHelper.dll - {54EBD53A-9BC1-480B-966A-843A333CA162}
(no name) - C:\Program Files\justDo\FlashSaver\Jd2002.dll - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E}
(no name) - C:\WINDOWS\System32\qylhelper.dll - {CE7C3CF0-4B15-11D1-ABED-709549C10000}

--------------------------------------------------

Enumerating Task Scheduler jobs:

*No jobs found*

--------------------------------------------------

Enumerating Download Program Files:

[DirectAnimation Java Classes]
CODEBASE = file://C:\WINDOWS\Java\classes\dajava.cab
OSD = C:\WINDOWS\Downloaded Program Files\DirectAnimation Java Classes.osd

[Microsoft XML Parser for Java]
CODEBASE = file://C:\WINDOWS\Java\classes\xmldso.cab
OSD = C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd

[InstaFred]
InProcServer32 = C:\WINDOWS\DOWNLO~1\InstFred.ocx
CODEBASE = file://D:\AUTOCAD\InstFred.ocx

[{24311111-1111-1121-1111-111191113457}]
CODEBASE = file://c:\eied_s7.cab

[{33331111-1111-1111-1111-611111193457}]
CODEBASE = file://c:\ex.cab

[{33331111-1111-1111-1111-611111193458}]
CODEBASE = file://c:\ex.cab

[{43331111-1111-1111-1111-611111195622}]
CODEBASE = file://c:\ex.cab

[AcDcToday 控件]
InProcServer32 = C:\WINDOWS\DOWNLO~1\ACDCTO~1.OCX
CODEBASE = file://D:\AUTOCAD\AcDcToday.ocx

[NOXLATE-BANR]
InProcServer32 = C:\WINDOWS\DOWNLO~1\InstBanr.ocx
CODEBASE = file://D:\AUTOCAD\InstBanr.ocx

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[AcPreview 控件]
InProcServer32 = C:\WINDOWS\DOWNLO~1\ACPREV~1.OCX
CODEBASE = file://D:\AUTOCAD\AcPreview.ocx

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll

自己顶啊，同志们给看看啊！

我也遇到相同的问题,怎么办啊!

可疑项：
C:\WINDOWS\SYSTEM\explore.exe
C:\WINDOWS\diskman.exe
C:\WINDOWS\NOTEPAD.EXE
C:\WINDOWS\System32\winrnr.dll

http://forum.ikaka.com/topic.asp?board=28&artid=6979213用一楼的附件里的工具再扫一个.