将报错的explolrer.exe压缩发来，扫描sreng日志一并发来。
http://www.kztechs.com/sreng/download.html

感谢随风的风筝兄弟在我这里跟贴，感谢大版主的关注，我的可以进入安全模式，只是安全模式下也是非常环保的桌面，我在PE环景里替换了explolrer.exe，结果问题还是没解决。最近的操作就是昨晚安装了酷我K歌，爱奇艺，正常关机后今天开机就这样了，也不像中毒的现象，现在用起来机子比以前反而流畅一些

再崩溃的时候，先不要点击确定关闭对话框，使用processxp工具提取一下explorer.exe的dmp，操作方法：找到explorer.exe右键create dump——create minidump ，把dmp保存到桌面压缩发来。

回复大版主，原来的Explorer.EXE已经被我替换掉了。日志

不是还报错么，参考13楼提取一下dmp

好的，先下载工具先

要是我呢，我就选择卸载电脑内所有娱乐类软件和安全类软件，再看情况如何

[CODE]

2013-10-23,10:36:00

System Repair Engineer 2.8.4.1331
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    Windows 安全更新检查
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <QQ2009><"C:\Program Files\Tencent\QQ\QQProtect\Bin\QQProtect.exe" /background>  [(Verified)Tencent Technology(Shenzhen) Company Limited]
    <aliim><C:\Program Files\AliWangWang\aliim.exe /run:auto>  [(Verified)TaoBao(china) Software Co., Ltd]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RSDTRAY><"C:\Program Files\Rising\RSD\popwndexe.exe">  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <RavTRAY><"C:\Program Files\Rising\Rav\RSTRAY.EXE" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <BaiduPinyin><"C:\Program Files\Baidu\BaiduPinyin\2.6.2.185\baidupinyin.exe"  --autorun>  [(Verified)Baidu (China) Co., Ltd.]
    <Seagull Drivers><ssdal_nc.exe startup>  [N/A]
    <Adobe ARM><"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe">  [(Verified)Adobe Systems, Incorporated]
    <KDZHJ><D:\智慧记\KDMain.exe>  [File is missing]
    <ICBCEBankAssist><"C:\Program Files\ICBCEbankTools\ICBCSetupIntegration\RunEBank.exe">  [(Verified)Industrial and Commercial Bank of China Limited]
    <kxesc><"C:\Program Files\Kingsoft\kingsoft antivirus\kxetray.exe" -autorun>  [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\logon.scr>  [(Verified)Microsoft Windows Component Publisher]

==================================
启动文件夹
[Service Manager]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Service Manager.lnk --> C:\PROGRA~1\MICROS~4\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N>
[套接字服务器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\套接字服务器.lnk --> D:\GRASP2~1\scktsrvr.exe [Inprise Corporation]><N>
[QQ游戏启动加速程序]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> D:\PROGRA~1\Tencent\QQGame\Accel.exe [深圳市腾讯计算机系统有限公司]><N>

==================================
服务
[Adobe Flash Player Update Service / AdobeFlashPlayerUpdateSvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe><Adobe Systems Incorporated>
[Alipay security service / AlipaySecSvc][Running/Auto Start]
  <"C:\Program Files\alipay\alieditplus\AlipaySecSvc.exe"><Alipay Inc.>
[暴风移动设备识别服务 / BFAssistantSvc_13510][Running/Auto Start]
  <C:\Program Files\Baofeng\PhoneAssistant\BFAssistantSvc.exe><北京暴风科技股份有限公司>
[Windows Presentation Foundation Font Cache 3.0.0.0 / FontCache3.0.0.0][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[ICBC Daemon Service / ICBC Daemon Service][Running/Auto Start]
  <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe><N/A>
[Mozilla Maintenance Service / MozillaMaintenance][Stopped/Manual Start]
  <"C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe"><Mozilla Foundation>
[MSSQLSERVER / MSSQLSERVER][Running/Auto Start]
  <C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe -sMSSQLSERVER><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[Rsd Service / RsMgrSvc][Running/Auto Start]
  <"C:\Program Files\Rising\RSD\RsMgrSvc.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rav Service / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\ravmond.exe"><Beijing Rising Information Technology Co., Ltd.>
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE -i MSSQLSERVER><Microsoft Corporation>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[HyperVM / HyperVM][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\hvm.sys><Beijing Rising Information Technology Co., Ltd.>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\igxpmp32.sys><Intel Corporation>
[PassGuard / PassGuard][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\PassGuard.sys><>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[QMUdisk / QMUdisk][Stopped/Manual Start]
  <\??\C:\Program Files\Tencent\QQPCMgr\8.5.10197.217\QMUdisk.sys><N/A>
[QQProtect / QQProtect][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\QQProtect.sys><Tencent>
[rsd protect / rsdsys][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\protreg.sys><Beijing Rising Information Technology Co., Ltd.>
[rsutils / rsutils][Running/System Start]
  <system32\DRIVERS\rsutils.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[sysmon / sysmon][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sysmon.sys><Beijing Rising Information Technology Co., Ltd.>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>

==================================
浏览器加载项
[VideoUrlSniffer Class]
  {00000ADA-7E0D-47C1-986C-F017D09C4304} <C:\Documents and Settings\All Users\Application Data\Thunder Network\XMP4\Addins\VideoUrlSniffer.2.2.0.138.(321).dll, (Signed) 深圳市迅雷网络技术有限公司>
[迅雷FLV视频嗅探及下载支持]
  {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} <D:\Program Files\BHO\XlBrowserAddin1.0.8.71.dll, (Signed) 深圳市迅雷网络技术有限公司>
[EyeOnIE Class]
  {20E1725C-7237-41A9-954A-04DCCB1FD16C} <C:\Program Files\Baofeng\StormPlayer\MediaLibraryIcon.dll, (Signed) 北京暴风科技股份有限公司>
[迅雷下载支持]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\BHO\XunleiBHO7.2.13.3882.dll, (Signed) 深圳市迅雷网络技术有限公司>
[99A4FE4D-3269-71AC-1CA9-36563D66BAF7 Class]
  {99A4FE4D-3269-71AC-1CA9-36563D66BAF7} <D:\Program Files\BBInside\{99A4FE4D-3269-71AC-1CA9-36563D66BAF7}\AddressBar.dll, (Signed) >
[ICBC Anti-Phishing class]
  {BB4491A2-D11A-4c6b-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[]
  {14c1d00e-0b92-4379-880b-444fa2d740dd} <, >
[启动迅雷看看播放器]
  {24c1d00e-0b92-4379-880b-444fa2d740dd} <, >
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SubmitControl.dll, (Signed) >
[VideoUrlSniffer Class]
  {00000ADA-7E0D-47C1-986C-F017D09C4304} <C:\Documents and Settings\All Users\Application Data\Thunder Network\XMP4\Addins\VideoUrlSniffer.2.2.0.138.(321).dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
  {02E2D748-67F8-48B4-8AB4-0A085374BB9A} <, >
[AliCertDOCtrl Class]
  {08D512D2-7D97-4E22-B7DB-82791106C086} <C:\Documents and Settings\Administrator\Application Data\alipay\cf\alicdo.dll, (Signed) Alipay>
[迅雷FLV视频嗅探及下载支持代理]
  {0C27ADC4-E826-4620-A3A7-990D7E05545F} <D:\Program Files\BHO\XlBrowserAddin1.0.8.71.dll, (Signed) 深圳市迅雷网络技术有限公司>
[UPEditorCtrl Class]
  {0E48410F-D1B8-472A-85DB-27F3D77284CE} <C:\WINDOWS\system32\UPEdit\UPEditor.dll, (Signed) 中国银联股份有限公司>
[迅雷FLV视频嗅探及下载支持]
  {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} <D:\Program Files\BHO\XlBrowserAddin1.0.8.71.dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
  {14C1D00E-0B92-4379-880B-444FA2D740DD} <, >
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[WWPicUploadCtrl Class]
  {1D63232D-4F15-4A42-890D-EE617AA1537D} <C:\Program Files\AliWangWang\7.21.18C\modules\1685\WWPictureUpload.dll, (Signed) Alibaba software (Shanghai) Corporation>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\3.6.0.0\pta.dll, (Signed) iTruschina Co., Ltd.>
[EyeOnIE Class]
  {20E1725C-7237-41A9-954A-04DCCB1FD16C} <C:\Program Files\Baofeng\StormPlayer\MediaLibraryIcon.dll, (Signed) 北京暴风科技股份有限公司>
[]
  {24C1D00E-0B92-4379-880B-444FA2D740DD} <, >
[]
  {29B6CFD5-0064-411A-8C42-9890C83F9921} <, >
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>
[Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\BHO\ThunderAgent7.2.13.3882.dll, (Signed) 深圳市迅雷网络技术有限公司>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[AgentForAndroid Class]
  {50F4150A-48B2-417A-BE4C-C83F580FB904} <C:\Program Files\Common Files\Tencent\QQPhoneManager\1.8.101.2154\npQQPhoneManagerExt.dll, (Signed) 腾讯公司>
[WangWangX Class]
  {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <C:\Program Files\AliWangWang\7.21.18C\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>

参考14楼日志压缩发来，13楼的方法提取一下dmp

11