explorer.exe개관

파일explorer.exe은 뒤에 오는 소프트웨어안에 포함된다

Windows XP Home Edition, Deutsch 정보 더
버전: 6.0.2800.1221
파일 날짜: 2003-05-29 11:48:20
파일 사이즈: 999.424 바이트
파일 경로: C:\WINDOWS\system32\dllcache\explorer.exe
쇼explorer.exe세부사항
Windows XP Home Edition, Deutsch 정보 더
버전: 6.0.2800.1106
파일 날짜: 2002-08-29 14:00:00
파일 사이즈: 1.007.104 바이트
파일 경로: C:\WINDOWS\$NtUninstallKB820291$\explorer.exe
쇼explorer.exe세부사항

explorer.exe은 뒤에 오는 보고안에 발견되었다:


Trojan.Eurosol
Trojan.Eurosol에 관하여 ...It does this by modifying the System.ini file and appending itself to the shell = Explorer.exe line in the [boot] section.... 제거 지시 ...similar to the following: shell=Explorer.exe <additional text added by Trojan>... ...Delete all text (on the shell=Explorer.exe line only) that is to the right of Explorer.exe.... ...done, the line should read: shell=Explorer.exe Click File, click Exit, and... 근원: http://securityresponse.symantec.com/avcenter/venc/data/trojan.eurosol.html
W97M.Heathen.12288.A
Trojan.Eurosol에 관하여 ...Even when it works under a Windows 95 system, the modified EXPLORER.EXE becomes unstable. It may also crash MS Word... 위협 평가 ...Similar to the way it tricks Windows to replace EXPLORER.EXE with HEATHEN.VEX, the virus adds a WININIT.INI file that contains: [rename] nul=System.dat... 기술적 세부사항 ...infect MS Word 97 documents. 3. The virus modifies EXPLORER.EXE in the WINDOWS directory.... ...modification adds a loading routine such that HEATHEN.VDL gets loaded every time EXPLORER.EXE is executed. 4. If it fails to modify EXPLORER.EXE... ...Then, it modifies HEATHEN.VEX. To have EXPLORER.EXE replaced by HEATHEN.VEX, the virus creates a WININIT.INI file that contains:... ...[rename] C:WINDOWSExplorer.exe=C:WINDOWSHeathen.vex This instruction in the WININIT.INI... ...file upon the next startup. When a modified EXPLORER.EXE runs, the following events occur:... 제거 지시 ...Unfortunately, the modification to EXPLORER.EXE is irreversible. EXPLORER.EXE needs to be restored... ...from a clean copy. A clean copy of EXPLORER.EXE can be found on the Windows Installation CD:... 근원: http://securityresponse.symantec.com/avcenter/venc/data/w97m.heathen.12288.a.html
Bloodhound.Exploit.14
Trojan.Eurosol에 관하여 ...image files that could be used to exploit a Denial of Service (DoS) vulnerability in Explorer.exe on Microsoft Windows XP. The files that are detected... 기술적 세부사항 ...The vulnerability is reported to exist when Explorer.exe handles certain TIFF format images.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/bloodhound.exploit.14.html
W32.HLLW.Spirit
Trojan.Eurosol에 관하여 ...It copies itself as %Windir%System32Explorer.exe. W32.HLLW.Spirit is written... 기술적 세부사항 ...Copies itself as %Windir%System32Explorer.exe. Copies itself to the Kazaa... ...IE 6 FULL.exe Internet Explorer.exe Kazaa Lite Hack 2.4.exe... ..."Explorer"="%Windir%System32Explorer.exe" to the registry keys:... 근원: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.spirit.html
Trojan.Loome
Trojan.Eurosol에 관하여 ...detected as Spyware.Look2Me. Then, it ends the Explorer.exe process to load the .dll, which crashes Windows 2000/XP.... 기술적 세부사항 ...C:WindowsSystem32 (Windows XP). Ends the Explorer.exe process in order to load the .dll.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/trojan.loome.html
VBS.Vanina
Trojan.Eurosol에 관하여 ...computer with a copy of itself. It also sends the file Explorer.exe two email addresses that are registered in Argentina.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/vbs.vanina.html
VBS.Taber
Trojan.Eurosol에 관하여 ...The worm attempts to delete C:WindowsExplorer.exe and make some configuration changes to Internet Explorer by editing the registry... 기술적 세부사항 ...HKEY_CURRENT_USERSoftwarePoliciesMicrosoftInternet ExplorerRestrictions Add the values:... ...HKEY_CURRENT_USERSoftwarePoliciesMicrosoftInternet ExplorerControl Panel Adds the value:... ...HKEY_CURRENT_USERSoftwarePoliciesMicrosoftInternetExplorerInfodeliveryRestrictions... ...HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer Attempts to copy itself to... ...Attempts to delete C:WindowsExplorer.exe. Displays these two messages:... 근원: http://securityresponse.symantec.com/avcenter/venc/data/vbs.taber.html
W32.Fourseman.A
위협 평가 ...Deletes files: Overwrites explorer.exe with itself. Causes system instability:... 기술적 세부사항 ...%Temp%Win_Security_Patch_2602.exed %Windir%Explorer.exe %Windir%SystemExplorer.exe... 제거 지시 ...Run a full system scan and delete all the files detected as W32.Fourseman.A. If Explorer.exe was overwritten, restore it from backup or re-install it.... ...W32.Fourseman.A, click Delete. If Explorer.exe was overwritten, restore it from backup or re-install it.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/w32.fourseman.a.html
Backdoor.Nota
기술적 세부사항 ...C:\%Windows%All UsersStart MenuProgramsStartUpExplorer.exe NOTES:... ...It adds the following line: shell=Explorer.exe winfat32.exe These changes cause the Trojan... 제거 지시 ...the steps in this section. To do this using Windows Explorer, go to the C:WindowsRecent folder, and in the right pane delete the Win.ini file.... ...similar to the following: shell=Explorer.exe winfat32.exe Delete all of the text to... ...that the line looks like: shell=Explorer.exe Click File, and click Save.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.nota.html
W32.Poscal.Worm
위협 평가 ...C:WindowsSystem.ini, C:WindowsExplorer.exe C:WindowsRegedit.exe C:WindowsTelnet.exe... 기술적 세부사항 ...C:WindowsF<??>K_AVs.exe C:WindowsSystemExplorer.exe C:Windows egedit.exe... ...C:WindowsTelnet.exe C:WindowsExplorer.exe NOTES:... ...The attributes of the C:WindowsF<??>K_AVs.exe and C:WindowsSystemExplorer.exe files are set to read-only and hidden.... ...C:WindowsRegedit.exe, C:WindowsTelnet.exe, and C:WindowsExplorer.exe are valid Windows programs that are overwritten by the worm on Windows 95/98/Me-based... ...... 근원: http://securityresponse.symantec.com/avcenter/venc/data/w32.poscal.worm.html

항법

파일을 찾아보십시요

• 이름으로

explorer.exe개관

explorer.exe은 뒤에 오는 보고안에 발견되었다:

Trojan.Eurosol

W97M.Heathen.12288.A

Bloodhound.Exploit.14

W32.HLLW.Spirit

Trojan.Loome

VBS.Vanina

VBS.Taber

W32.Fourseman.A

Backdoor.Nota

W32.Poscal.Worm

항법