圣人 荣誉会员 楼主 2006-11-14 20:14 私信 引用 编辑 如何修复explorer.exe进程呢 问题一机器过一段时间就会弹出explorer.exe错误我点关闭机器就黑了,好像是个文件重新启动了一下问题二,不知道这个文件是不是病毒,在C盘用卡巴也杀不掉手动删了也会再出现,在C盘子目录里名字为tool1.exe,,tool2,tool3,tool4晕哦, tool1.rar (61 K / 下载 3 次) ←——点我
圣人 荣誉会员 #5 2006-11-14 20:46 私信 引用 编辑 Logfile of HijackThis v1.99.1Scan saved at 20:43:59, on 2006-11-14Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Unable to get Internet Explorer version!Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\system32\conime.exeG:\网络娱乐\GreenBrowserGB\GreenBrowser.exeC:\WINDOWS\explorer.exeG:\安全\TrojanDetector.EXEC:\WINDOWS\regedit.exeG:\安全\ha_hijackthis_1991\HijackThis.exeC:\WINDOWS\system32\ePower.exeC:\WINDOWS\system32\ePower.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\RunOnce: [Super Rabbit SRCK] "C:\Program Files\Super Rabbit\MagicSet\SRCK.exe" /autokill:223O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htmO8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htmO8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htmO8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htmO8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htmO8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htmO9 - Extra button: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exeO9 - Extra 'Tools' menuitem: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exeO9 - Extra button: 解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - d:\HEROSOFT\Hero3000\MPLAYER.EXEO9 - Extra 'Tools' menuitem: 超级解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - d:\HEROSOFT\Hero3000\MPLAYER.EXEO9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXEO9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXEO9 - Extra button: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing)O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{6D37D8DC-43C3-4403-9B74-E5002B325489}: NameServer = 211.98.192.3 61.233.65.3O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dllO20 - Winlogon Notify: trafkbdy - C:\WINDOWS\O21 - SSODL: NetWork - {FC055E7D-8144-4706-8586-2F1C49FCDD2A} - C:\WINDOWS\system32\cmspl.dllO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: instver - Unknown owner - C:\WINDOWS\system32\instver.exe (file missing)O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: PC Back Servers (PCBackServers) - Unknown owner - C:\WINDOWS\system32\877232pro.exe (file missing)O23 - Service: IPSEC Client (SDTSTA) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing)O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Unknown owner - (no file)O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\system32\wdfmgr.exe (file missing) ←——点我
圣人 荣誉会员 #7 2006-11-16 16:43 私信 引用 编辑 PS14的朋友,我也一样呀,我中了TOOL了后来把系统重做了,在进程里还是有个ePower.exe,晕死了,不知道怎么回事 ←——点我
