安全模式下  关闭系统还原
拿最新的杀软 搞下就OK

C:\Program Files\Internet Explorer\IEXPLORE.EXE
你开网页他不出现才怪

O4 - 启动项HKLM\\Run: [ms] C:\Program Files\Microsoft\svhost32.exe
O4 - 启动项HKLM\\Run: [zt] C:\WINDOWS\Intel\rundll32.exe
O4 - 启动项HKLM\\Run: [xy] C:\WINDOWS\Download\svhost32.exe
这三个都干掉

结束进程 并找到相应项删除
开始运行 MSCONFIG 删除相应启动项

修复
F3 - REG:win.ini: load=C:\WINDOWS\rundl132.exe
O2 - BHO: FiltrateWebObj Class - {42AFACEE-2A77-41EB-9EE2-D9F8AF827F90} - (no file)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O4 - 启动项HKLM\\Run: [Tray] C:\WINDOWS\command\rundll32.exe
O4 - 启动项HKLM\\Run: [ms] C:\Program Files\Microsoft\svhost32.exe
O4 - 启动项HKLM\\Run: [zt] C:\WINDOWS\Intel\rundll32.exe
O4 - 启动项HKLM\\Run: [xy] C:\WINDOWS\Download\svhost32.exe
O9 - 浏览器额外的按钮: (no name) - {0062C9BD-B349-40DE-91A0-755F37ACD559} - (no file)
删除
C:\WINDOWS\rundl132.exe
C:\WINDOWS\command\rundll32.exe
C:\Program Files\Microsoft\svhost32.exe
C:\WINDOWS\Intel\rundll32.exe
C:\WINDOWS\Download\svhost32.exe

修复杀软安全模式下查杀..


http://mopery.hits.io/sreng2.zip 下载System Repair Engineer
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来，不要修改

我看进程里有两个就以为一个是病毒了~这两天给病毒搞神经了！！猪大虾见笑了~~~

杀毒前一定要清空IE缓存.

引用:

【山颠一寺的贴子】C:\Program Files\Internet Explorer\IEXPLORE.EXE 我每次将这个进程停止，过一会它都会自动又运行，是不是有问题啊~ 高手们指点下~ 还有 1.exe这个进程，照猪大侠的方法结束了进程又找到文件删除了，但是过一会还是会出现~请问该怎么办啊？？ ………………

照12楼的话做,另外运行注册表编辑器,找到所有与1.exe相关的键值全删除
然后尝试用超级兔子对电脑进行清理,主要是清理临时文件夹

照12楼的话做,另外运行注册表编辑器,找到所有与1.exe相关的键值全删除


这怎么找啊？我知道我很菜！

给我说说呀？

12楼的大侠说的日志如下：

2006-09-25,23:08:44

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Standard Edition Service Pack 1 (Build 3790)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><C:\WINDOWS\rundl132.exe>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot>  [RealNetworks, Inc.]
    <SKYNET Personal FireWall><C:\Program Files\SkyNet\FireWall\pfw.exe>  [天网]
    <Tray><C:\WINDOWS\command\rundll32.exe>  []
    <Super Rabbit Desktop Set><C:\Program Files\Super Rabbit\MagicSet\DS.EXE /Load>  [Super Rabbit Software]
    <ms><C:\Program Files\Microsoft\svhost32.exe>  []
    <zt><C:\WINDOWS\Intel\rundll32.exe>  []
    <xy><C:\WINDOWS\Download\svhost32.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <CheckFaultKernel><C:\WINDOWS\system32\mswdm.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><%SystemRoot%\system32\logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{6E44887F-5214-41F2-AB46-4728735C4CC6}><C:\Program Files\Internet Explorer\PLUGINS\systemy.sys>  []
    <{99F1D023-7CEB-4586-80F7-BB1A98DB7602}><C:\Program Files\Internet Explorer\IEXPLORE.Sys>  []
    <{FEB94F5A-69F3-4645-8C2B-9E71D270AF2E}><C:\Program Files\Internet Explorer\IEXPLORE.Dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <IMEKRMIG6.1><; ; C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [Microsoft Corporation]
    <IMJPMIG8.1><; ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <NTdhcp><; >  []
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <Super Rabbit SRRestore><; C:\PROGRA~1\SUPERR~1\IEPro\SRRest.exe /autosave>  [Super Rabbit Soft]

==================================

启动文件夹
[新浪UC]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\新浪UC.lnk><N>

==================================
服务

==================================
浏览器加载项
[conimehlp Class]
  {B10343BD-1DC6-442F-9BA2-D44C708CEE83} <C:\WINDOWS\system32\mskey32.dll, Microsoft>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <, N/A>
[SearchToolbar]
  {08BEC6AA-49FC-4379-3587-4B21E286C19E} <, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, Xiang Feng Technology>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[Wipe]
  {AF279B30-86EB-11D1-81BF-0000F87557DB} <C:\WINDOWS\system32\dxtmsft.dll, Microsoft Corporation>
[conimehlp Class]
  {B10343BD-1DC6-442F-9BA2-D44C708CEE83} <C:\WINDOWS\system32\mskey32.dll, Microsoft>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE6]
  {BF3FF9A2-AC03-40A1-BA0F-F31076325AA7} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[IEMoni Class]
  {F236CC5A-F6E4-4011-9EED-C52FDF51CE3D} <, N/A>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[上传到QQ网络硬盘]
  <90F16-9C73-11D3-B32E-00C04F990BB4}, N/A>
[使用KuGoo3下载(&K)]
  <D:\Program Files\KuGoo3\KuGoo3DownX.htm, N/A>
[使用网际快车下载]
  <D:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <, N/A>
[添加到QQ表情]
  <, N/A>
[用QQ彩信发送该图片]
  <, N/A>