瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 explorer.exe,桌面无法显示,每次都要加载!

1   1  /  1  页   跳转

[求助] explorer.exe,桌面无法显示,每次都要加载!

explorer.exe,桌面无法显示,每次都要加载!

谢谢你能看我的帖子,我安全模式下杀毒,瑞星把exeplorer.exe删了,“我的电脑”变成未知文件,有关方法我预先在卡卡上已经用瑞星搜索看过一些帮助,也试过。但是没有奏效所以还是请求你的帮助,下面是我的日志,谢谢你!
日志文件 Trend Micro HijackThis v 2.0.2
日志保存时间: 15:05:24,2008-7-15
操作系统: Windows XP SP2 (WinNT 5.01.2600)
IE版本: Internet Explorer v6.00 SP2 (6.00.2900.2180)
启动模式: 正常
正在运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\StormII\stormliv.exe
C:\Program Files\95599 Certificate Tools\CIDC\HD_CertService.exe
C:\Program Files\QvodPlayer\QvodTerminal.exe
C:\WINDOWS\system32\explorer.exe
C:\Program Files\95599 Certificate Tools\CIDC\RegCertTool.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\AntiSpyware\runiep.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TXPlatform.exe
C:\PROGRAM FILES\RISING\RAV\ravmond.exe
C:\Program Files\Rising\Rav\RAVMON.EXE
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe
C:\Documents and Settings\Administrator\桌面\hijackthis.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy48.tmp\hijackthis.exe
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Adobe Flash Upgrade Class - {65807E2D-940C-41a0-99E2-54ABBDD2F506} - C:\WINDOWS\flash9.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O3 - IE 工具栏: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [runeip] "C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [bgswitch] C:\WINDOWS\system32\bgswitch.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O8 - 扩展右键菜单项: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - 扩展右键菜单项: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - 扩展右键菜单项: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O9 - 额外的按钮: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 额外的“工具”菜单项目: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 额外的按钮: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com(文件不存在)
O14 - IERESET.INF: START_PAGE_URL=http://www.tomatolei.com
O15 - Trusted Zone: easyabc.95599.cn
O15 - Trusted Zone: www.95599.cn
O15 - Trusted Zone: www.abchina.com
O16 - DPF: {1E0DFFCF-27FF-4574-849B-55007349FEDA} (iTrusPTA Class) - https://img.alipay.com/download/1101/aliedit.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl Class) - https://img.alipay.com/download/2121/aliedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{963E649D-38AC-4119-BBEF-108A21931D7B}: NameServer = 222.172.200.68 61.166.150.123
O18 - Protocol: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O23 - NT 服务:  Contrl Center of Storm Media (ccosm) - 北京暴风网际科技有限公司 - C:\Program Files\StormII\stormliv.exe
O23 - NT 服务:  HD_CertService - Unknown owner - C:\Program Files\95599 Certificate Tools\CIDC\HD_CertService.exe
O23 - NT 服务:  Qvod Terminal - Shenzhen QVOD Technology Co.,Ltd - C:\Program Files\QvodPlayer\QvodTerminal.exe
O23 - NT 服务:  Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务:  Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
--
文件结束 - 4963 字节

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) )
分享到:
gototop
 

回复:explorer.exe,桌面无法显示,每次都要加载!

什么是windows助手?我没有用过谢谢!
gototop
 

回复:explorer.exe,桌面无法显示,每次都要加载!

这个东西网上有下载的吗?系统是别人帮我安的
gototop
 

回复:explorer.exe,桌面无法显示,每次都要加载!

哎,刚才又杀了次木马,现在连exeplorer都不能运行了!找不到了!
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT