两个的路径完全一样
使用冰刃无法结束该进程
ystem Repair Engineer 2.0扫描也没有发现问题

C:\WINDOWS下出现EXPLORER.MS
属性和正常的explorer.exe一样

无启动项目
驱动也未发现异常的

LOG没有任何问题
2006-05-20,21:56:50

System Repair Engineer 2.0.12.350 (2.0 RC 1)
    Windows XP Professional Service Pack 2 - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <Super Rabbit IEPro><; C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <run><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Thunder><; "C:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINDOWS\SYSTEM32\Userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>

==================================
启动文件夹
服务
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[NOD32 Kernel Service / NOD32krn]
  <"C:\Program Files\Eset\nod32krn.exe"><Eset >

==================================
浏览器加载项
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[金山快译(&K)]
  {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <C:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\flash.ocx, Macromedia, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\getallurl.htm, N/A>
[上传到QQ网络硬盘]
  <D:\Program Files\腾讯QQ2006贺岁E代会员版\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <D:\Program Files\腾讯QQ2006贺岁E代会员版\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\腾讯QQ2006贺岁E代会员版\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Program Files\腾讯QQ2006贺岁E代会员版\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 612][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 676][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 700][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SSMWinlogonEx.dll]  <System Safety Limited><2.0.7.570>
[PID: 744][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 756][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\imon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_imon.dll]  <N/A><N/A>
[PID: 920][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 964][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\imon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_imon.dll]  <N/A><N/A>
[PID: 1084][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\imon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_imon.dll]  <N/A><N/A>
[PID: 1176][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\imon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_imon.dll]  <N/A><N/A>
[PID: 1240][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1440][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1808][C:\Program Files\Eset\nod32krn.exe]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\nod32krr.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\ps_amon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_amon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\ps_dmon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_dmon.dll]  <N/A><N/A>
    [C:\Program Files\Eset\ps_emon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_emon.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\imon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_imon.dll]  <N/A><N/A>
    [C:\Program Files\Eset\ps_nod32.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_nod32.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\ps_upd.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_upd.dll]  <N/A><N/A>
[PID: 1852][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 180][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 352][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\imon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_imon.dll]  <N/A><N/A>
[PID: 1224][G:\软件备分\抓图\UltraCapture.exe]  <><1, 0, 0, 1>
[PID: 1636][D:\Program Files\腾讯QQ2006贺岁E代会员版\QQ.exe]  <TENCENT><0, 0, 0, 0>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\CoralAssist.DLL]  <N/A><4.0.0 Build 20051112>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\CoralQQ.DLL]  <Coral Team><4.2.0 Build 20060125>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\IPSearcher.dll]  <N/A><1.0.0.4>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQBaseClassInDll.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQHelperDll.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\BasicCtrlDll.dll]  <Tencent><5, 0, 200, 14>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQAPI.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\LoginCtrl.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\npkcntc.dll]  <INCA Internet Co., Ltd.><2005, 9, 1, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\npkpdb.dll]  <INCA Internet Co., Ltd.><2003, 10, 1, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQRes.dll]  <tencent><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQMainFrame.dll]  <N/A><N/A>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\CQQApplication.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\imon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_imon.dll]  <N/A><N/A>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\NewSkin.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\HostingMgr.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\CameraDll.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\MailSummary.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQSpace.dll]  <><1, 0, 0, 1>
    [C:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQGroupMng.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQSysMsgMng.dll]  <N/A><N/A>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQConfigPlugin.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\UserDefinedHead.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QRingMng.dll]  <N/A><N/A>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\PhoneAPI.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\DialerAllinOne.dll]  <tencent><1, 4, 0, 0>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\LongConnection.dll]  <tencent><0, 3, 3, 8>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQAvatar.dll]  <N/A><N/A>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\FlashAvatarDll.dll]  <><1, 4, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQAllInOne.dll]  <N/A><N/A>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\SCCore.dll]  <N/A><N/A>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQCustomFace.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\Macromed\Flash\flash.ocx]  <Macromedia, Inc.><7,0,2,0>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQSceneMng.dll]  <N/A><N/A>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQPlugin.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\KIme.ime]  <金山软件公司><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\ImageOle.dll]  <TODO: <Company name>><1.0.0.1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\CommercesMng.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQUdpGetFileLib.dll]  <tencent><0, 2, 2, 3>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQAddr.dll]  <深圳市腾讯计算机系统有限公司><5, 0, 101, 141>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQPhoneHelper.dll]  <腾讯科技（深圳）有限公司><2, 0, 2, 21>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\GroupConnection.dll]  <Tencent><0, 3, 3, 5>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQMagicFace.dll]  <><1, 0, 0, 1>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQFileTransfer.dll]  <Tencent><0, 3, 3, 5>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\QQZip.dll]  <tencent><0, 3, 2, 4>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\qqgroupdisk.dll]  <深圳腾讯科技><2, 7, 0, 1022>
    [D:\Program Files\腾讯QQ2006贺岁E代会员版\ShareFiles.dll]  <N/A><N/A>
[PID: 748][C:\WINDOWS\explorer.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 3180][D:\Program Files\LeapFTP 2.7.5.610  汉化修正版\LeapFTP.exe]  <LeapWare><2.7.5.610>
    [C:\WINDOWS\system32\imon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_imon.dll]  <N/A><N/A>
[PID: 520][G:\sreng2\SREng.exe]  <Smallfrogs Studio><2.0.12.350>
    [C:\WINDOWS\system32\imon.dll]  <Eset ><2, 51, 26 >
    [C:\Program Files\Eset\pr_imon.dll]  <N/A><N/A> 
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
NOD32 protected [MSAFD Tcpip [TCP/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [UDP/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [RAW/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP UDP Service Provider]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP TCP Service Provider]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
RSVP UDP Service Provider
    d:\Program Files\FengYun\fyspi.dll(www.218.cc, 风云防火墙 SPI)
RSVP TCP Service Provider
    d:\Program Files\FengYun\fyspi.dll(www.218.cc, 风云防火墙 SPI)
NOD32
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)

explorer.exe本身也无问题

AntiVir 6.34.1.27 05.20.2006  no virus found
Avast 4.6.695.0 05.19.2006  no virus found
AVG 386 05.19.2006  no virus found
BitDefender 7.2 05.21.2006  no virus found
CAT-QuickHeal 8.00 05.21.2006  no virus found
ClamAV devel-20060426 05.21.2006  no virus found
DrWeb 4.33 05.21.2006  no virus found
eTrust-InoculateIT 23.72.13 05.20.2006  no virus found
eTrust-Vet 12.4.2219 05.20.2006  no virus found
Ewido 3.5 05.20.2006  no virus found
Fortinet 2.77.0.0 05.21.2006  no virus found
F-Prot 3.16c 05.20.2006  no virus found
Ikarus 0.2.65.0 05.19.2006  no virus found
Kaspersky 4.0.2.24 05.21.2006  no virus found
McAfee 4766 05.19.2006  no virus found
Microsoft 1.1440 05.21.2006  no virus found
NOD32v2 1.1551 05.21.2006  no virus found
Norman 5.90.17 05.19.2006  no virus found
Panda 9.0.0.4 05.21.2006  no virus found
Sophos 4.05.0 05.21.2006  no virus found
Symantec 8.0 05.21.2006  no virus found
TheHacker 5.9.8.145 05.19.2006  no virus found
UNA 1.83 05.18.2006  no virus found
VBA32 3.11.0 05.20.2006 no virus found