打开很多网页就出现msiexec.exe，说Microsoft Office 2003的啥东西安装，这个是怎么回事呀？怎么解决呢

Posted 2023-02-19

情况很复杂，不一定是病毒，可能是你装上Office以后有些组件没有安装或者破损，而那个网页正好需要这类组件，所以就会临时安装，如果没问题的话不点取消让它去安装看能不能行，对于装了防火墙的机器，如果真的是病毒防火墙应该不会没反应的。但这样做也有一定的风险，那就是万一是真的病毒那也就把病毒引进系统里了。

如果你机子根本就没有Office 2003却还出来这类东西，那就肯定是病毒无疑了，因为一些病毒也会伪造这类安装窗口。而且Office也曾经有过通过安装的漏洞，好多人都把Windows Update关了，这样Office也打不了补丁，自然会被这个漏洞利用，建议你还是杀一杀毒为好。这里有一个注册表的修改，不是我写的，希望对你有用。把它粘贴到记事本里另存为.reg文件倒入注册表。

Windows Registry Editor Version 5.00

#kill-bit MS06-014
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\BD96C556-65A3-11D0-983A-00C04FC29E30]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\BD96C556-65A3-11D0-983A-00C04FC29E36]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\AB9BCEDD-EC7E-47E1-9322-D4A210617116]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\0006F033-0000-0000-C000-000000000046]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\0006F03A-0000-0000-C000-000000000046]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\7F5B7F63-F06F-4331-8A26-339E03C0AE3D]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\06723E09-F4C2-43c8-8358-09FCD1DB0766]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\639F725F-1B2D-4831-A9FD-874847682010]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\BA018599-1DB3-44f9-83B4-461454C84BF8]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\D0C07D56-7C69-43F1-B4A0-25F5A11FAB19]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\E8CCCDDF-CA28-496b-B050-6C07C962476B]
"Compatibility Flags"=dword:00000400
#kill-bit Yahoo! Messenger 8.1.0.421溢出漏洞
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\24F3EAD6-8B87-4C1A-97DA-71C126BDA08F]
"Compatibility Flags"=dword:00000400
#kill-bit Apple Quicktime UDTA ATOM整数溢出漏洞
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\02BF25D5-8C17-4B23-BC80-D3488ABDDC6B]
"Compatibility Flags"=dword:00000400
#kill-bit NCTAudioFile2 ActiveX远程栈溢出漏洞
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\77829F14-D911-40FF-A2F0-D11DB8D6D0BC]
"Compatibility Flags"=dword:00000400
#kill-bit 百度搜霸ActiveX控件远程代码执行漏洞
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\A7F05EE4-0426-454F-8013-C41E3596E9E9]
"Compatibility Flags"=dword:00000400
#kill-bit PPStream 堆栈溢出漏洞
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\5EC7C511-CD0F-42E6-830C-1BD9882F3458]
"Compatibility Flags"=dword:00000400
#kill-bit 暴风影音2 mps.dll组件多个缓冲区溢出漏洞
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB]
"Compatibility Flags"=dword:00000400
#kill-bit 迅雷ActiveX控件DownURL2方式远程缓冲区溢出漏洞
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\EEDD6FF9-13DE-496B-9A1C-D78B3215E266]
"Compatibility Flags"=dword:00000400
#kill-bit QVOD播放器最新漏洞
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\F3D0D36F-23F8-4682-A195-74C92B03D4AF]
"Compatibility Flags"=dword:00000400
#kill-bit 联众
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\AE93C5DF-A990-11D1-AEBD-5254ABDD2B69]
"Compatibility Flags"=dword:00000400
#kill-bit 联众新0day
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\61F5C358-60FB-4A23-A312-D2B556620F20]
"Compatibility Flags"=dword:00000400
#kill-bit 超星阅读器
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\7F5E27CE-4A5C-11D3-9232-0000B48A05B2]
"Compatibility Flags"=dword:00000400
#kill-bit 迅雷看看
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\F3E70CEA-956E-49CC-B444-73AFE593AD7F]
"Compatibility Flags"=dword:00000400
#kill-bit 未知的CLSID。。。网马里发现的。
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\00EF2092-6AC5-47c0-BD25-CF2D5D657FEB]
"Compatibility Flags"=dword:00000400
#kill-bit 韩国jetAudio播放器ActiveX控件漏洞2008.1.19发现利用。
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\8D1636FD-CA49-4B4E-90E4-0A20E03A15E8]
"Compatibility Flags"=dword:00000400
#kill-bit MSIE Dhtml Edit跨站脚本漏洞
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\2D360201-FFF5-11d1-8D03-00A0C959BC0A]
"Compatibility Flags"=dword:00000400
#kill-bit Microsoft IE navcancl.htm跨站脚本执行漏洞（MS07-033）。
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\EEE78591-FE22-11D0-8BEF-0060081841DE]
"Compatibility Flags"=dword:00000400
#kill-bit McAfee Security Center集中配置GUI远程溢出漏洞
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\9BE8D7B2-329C-442A-A4AC-ABA9D7572602]
"Compatibility Flags"=dword:00000400
#kill-bit FlashGet 拒绝服务漏洞
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\FB5DA724-162B-11D3-8B9B-AA70B4B0B524]
"Compatibility Flags"=dword:00000400
#kill-bit 瑞星在线扫描远程代码执行漏洞
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153]
"Compatibility Flags"=dword:00000400
#kill-bit MS07－027
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\d4fe6227-1288-11d0-9097-00aa004254a0]
"Compatibility Flags"=dword:00000400
#kill-bit Symantec的远程执行漏洞
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\22ACD16F-99EB-11D2-9BB3-00400561D975]
"Compatibility Flags"=dword:00000400
#kill-bit Yahoo! Music Jukebox的ActiveX控件缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\5F810AFC-BB5F-4416-BE63-E01DD117BD6C]
"Compatibility Flags"=dword:00000400
#kill-bit MS07-004
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\10072CEC-8CC1-11D1-986E-00A0C955B42E]
"Compatibility Flags"=dword:00000400
#8:44 2008-3-6 IE被劫持
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\4D2EAF15-81D0-42DA-8C39-19EDD39E0FB3]
"Compatibility Flags"=dword:00000400
#MS06-057(2008-04-10更新)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\844F4806-E8A8-11d2-9652-00C04FC30871]
"Compatibility Flags"=dword:00000400
#联众世界GLIEDown.dll组件存在漏洞(2008-05-06更新)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\F917534D-535B-416B-8E8F-0C04756C31A8]
"Compatibility Flags"=dword:00000400
#雅虎助手3721远程代码执行漏洞(2008-05-09更新)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\2283BB66-A15D-4AC8-BA72-9C8C9F5A1691]
"Compatibility Flags"=dword:00000400
#PPStream 堆栈溢出(2008-05-10更新)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\20C2C286-BDE8-441B-B73D-AFA22D914DA5]
"Compatibility Flags"=dword:00000400
#Windows组件导致的0day漏洞(2008-05-18更新)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\00E1DB59-6EFD-4CE7-8C0A-2DA3BCAAD9C6]
"Compatibility Flags"=dword:00000400
#Yahoo! Messenger 8.1.0.249缓冲区溢出漏洞(2008-05-21更新)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\DCE2F8B1-A520-11D4-8FD0-00D0B7730277]
"Compatibility Flags"=dword:00000400
#uusee2008测试版0day(2008-06-17更新)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\2CACD7BB-1C59-4BBB-8E81-6E83F82C813B]
"Compatibility Flags"=dword:00000400
#迅雷ActiveX控件远程代码执行漏洞(2008-06-18更新)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8]
"Compatibility Flags"=dword:00000400
#MS Office Snapshot Viewer ActiveX Exploit 漏洞(2008-07-16更新)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\F0E42D50-368C-11D0-AD81-00A0C90DC8D9]
"Compatibility Flags"=dword:00000400
#MS Office Snapshot Viewer ActiveX Exploit 漏洞(2008-07-16更新)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\F0E42D60-368C-11D0-AD81-00A0C90DC8D9]
"Compatibility Flags"=dword:00000400
#MS Office Snapshot Viewer ActiveX Exploit 漏洞(2008-07-16更新)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\F2175210-368C-11D0-AD81-00A0C90DC8D9]
"Compatibility Flags"=dword:00000400
#新浪DLoader Class ActiveX控件任意文件下载漏洞(2008-07-20更新)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\78ABDC59-D8E7-44D3-9A76-9A0918C52B4A]
"Compatibility Flags"=dword:00000400

参考资料：http://hi.baidu.com/lalalove100/blog/item/e805b718b3251d0135fa4152.html

参考技术A 浏览器漏洞啊，这样的网站赶快关掉，顺便把临时文件清理掉。本回答被提问者采纳