我的电脑现在出现了一种奇怪的现象,CPU每隔几分钟就使用100%,系统就超慢,CPU风扇就响(我的电脑是笔记本),过几分钟就好了!我的瑞星是最新版本,又查不到病毒,不知道是什么原因,是services.exe进程使用了90%以上!
我把我的扫描结果发给你们,请帮我诊断一下!
系统活动进程
C:\WINDOWS\SYSTEM32\TP4MON.EXE
C:\WINDOWS\SYSTEM32\CTFMON.EXE
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\DFSSVC.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\TASKMGR.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE
C:\PROGRAM FILES\RISING\RFW\RFWRULE.DLL
C:\PROGRAM FILES\RISING\RFW\RFWLOG.DLL
C:\PROGRAM FILES\RISING\RFW\RFWDRV.DLL
C:\PROGRAM FILES\RISING\RFW\PSAPI.DLL
C:\PROGRAM FILES\RISING\RFW\MONDRV.DLL
C:\PROGRAM FILES\RISING\RFW\PROCLIB.DLL
C:\PROGRAM FILES\阿里巴巴\贸易通\ALITALK.EXE
C:\PROGRAM FILES\阿里巴巴\贸易通\SYSIDLE.DLL
C:\PROGRAM FILES\阿里巴巴\贸易通\ALIVIEWERAPI.DLL
C:\PROGRAM FILES\阿里巴巴\贸易通\ALIMAIL\MAILDLL.DLL
C:\PROGRAM FILES\阿里巴巴\贸易通\RICHED32.DLL
C:\PROGRAM FILES\阿里巴巴\贸易通\RICHED20.DLL
C:\PROGRAM FILES\阿里巴巴\贸易通\MESSAGENOTIFY.DLL
C:\PROGRA~1\阿里巴巴\贸易通\ATABCO~1.OCX
C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\WINDOWS\SYSTEM32\KIME.IME
C:\PROGRAM FILES\COMMON FILES\KINGSOFT\EXTRACT\KSENGINE.DLL
C:\WINDOWS\SYSTEM32\WINWB86.IME
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\CNMLM3Y.DLL
C:\WINDOWS\SYSTEM32\MDIMON.DLL
C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\CNMPD3Y.DLL
C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\MDIPPR.DLL
C:\WINDOWS\SYSTEM32\MSDTC.EXE
C:\WINDOWS\SYSTEM32\ALG.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\ACSIGNICON.DLL
C:\WINDOWS\SYSTEM32\RAVEXT.DLL
C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\ACSIGNCORE16.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\PROGRAM FILES\WINRAR\RAREXT.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL
C:\WINDOWS\SYSTEM32\MSCOREE.DLL
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\MSOHEV.DLL
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRA~1\MICROS~3\MSSQL\BINN\SQLSERVR.EXE
C:\PROGRA~1\MICROS~3\MSSQL\BINN\OPENDS60.DLL
C:\PROGRA~1\MICROS~3\MSSQL\BINN\UMS.DLL
C:\PROGRA~1\MICROS~3\MSSQL\BINN\SQLSORT.DLL
C:\PROGRA~1\MICROS~3\MSSQL\BINN\RESOURCES\2052\SQLEVN70.RLL
C:\PROGRA~1\MICROS~3\MSSQL\BINN\SSNETLIB.DLL
C:\PROGRA~1\MICROS~3\MSSQL\BINN\SSNMPN70.DLL
C:\PROGRA~1\MICROS~3\MSSQL\BINN\SSMSLPCN.DLL
C:\PROGRA~1\MICROS~3\MSSQL\BINN\SQLFTQRY.DLL
C:\PROGRAM FILES\COMMON FILES\SYSTEM\OLE DB\SQLOLEDB.DLL
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE
C:\PROGRAM FILES\RISING\RFW\RSGUILIB.DLL
C:\PROGRAM FILES\RISING\RFW\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\RFW\PNGDLL.DLL
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
D:\软件\瑞星专杀工具\RSDETECT.EXE
普通自启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
IMJPMIG8.1 = "C:\WINDOWS\IME\IMJP8_1\IMJPMIG.EXE" /SPOIL /REMADVDEF /MIGRATION32
PHIME2002ASync = C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A = C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /IMENAME
TrackPointSrv = TP4MON.EXE
IMSCMig = C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /PRELOAD
RfwMain = "C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE" -STARTUP
RavTask = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
KernelFaultCheck = C:\WINDOWS\SYSTEM32\MSIME.EXE
CheckFaultKernel = C:\WINDOWS\SYSTEM32\MSWDM.EXE
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe = C:\WINDOWS\SYSTEM32\CTFMON.EXE
AppInit_DLLs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs =
其它启动项
WIN.INI
无信息
SYSTEM.INI
SHELL = EXPLORER.EXE
SCRNSAVE.EXE = C:\WINDOWS\system32\scrnsave.scr
Winlogon 启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
crypt32chain = CRYPT32.DLL
cryptnet = CRYPTNET.DLL
cscdll = CSCDLL.DLL
ScCertProp = WLNOTIFY.DLL
Schedule = WLNOTIFY.DLL
sclgntfy = SCLGNTFY.DLL
SensLogn = WLNOTIFY.DLL
termsrv = WLNOTIFY.DLL
wlballoon = WLNOTIFY.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit = USERINIT.EXE,
shell = EXPLORER.EXE
IE - BHO
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
_{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = NULL
_{33BBE430-0E42-4f12-B075-8D21ACB10DCB} = NULL
_{38928D50-8A48-44C2-945F-D2F23F771410} = NULL
_{62EED7C6-9F02-42f9-B634-98E2899E147B} = NULL
_{7227625A-4A97-CEA2-B670-C60E85489E78} = NULL
_{77FEF28E-EB96-44FF-B511-3185DEA48697} = NULL
_{A5366673-E8CA-11D3-9CD9-0090271D075B} = NULL
_{AA58ED58-01DD-4d91-8333-CF10577473F7} = NULL
_{B1D147E7-873E-4909-8127-695D9BB78728} = NULL
_{F5824EFB-728A-4726-A5A5-85A68B20EDC3} = NULL
{A5366673-E8CA-11D3-9CD9-0090271D075B} = NULL
{EBA8FC1C-C7BB-4306-B019-99AA73D1021C} = NULL
Winsock SPI
MSAFD Tcpip [TCP/IP> = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [UDP/IP> = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [RAW/IP> = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
RSVP UDP Service Provider = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
RSVP TCP Service Provider = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{A51DBB7E-2284-4DE1-AC26-31159C0A4D38}> SEQPACKET 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{A51DBB7E-2284-4DE1-AC26-31159C0A4D38}> DATAGRAM 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{2FB6A4DA-5285-4CA6-8A46-07EC3BAB3C4A}> SEQPACKET 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{2FB6A4DA-5285-4CA6-8A46-07EC3BAB3C4A}> DATAGRAM 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{9552D72B-3582-4FAA-A207-5479B657DA7F}> SEQPACKET 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{9552D72B-3582-4FAA-A207-5479B657DA7F}> DATAGRAM 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7A42A8DF-8DB3-49BC-958F-0352AC82142E}> SEQPACKET 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7A42A8DF-8DB3-49BC-958F-0352AC82142E}> DATAGRAM 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{42264385-189A-4E67-8C65-649DB98875DD}> SEQPACKET 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{42264385-189A-4E67-8C65-649DB98875DD}> DATAGRAM 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{EBC58DB1-433B-4304-A48D-9DF1457FA600}> SEQPACKET 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{EBC58DB1-433B-4304-A48D-9DF1457FA600}> DATAGRAM 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
系统服务项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
Alerter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
ALG = C:\WINDOWS\SYSTEM32\ALG.EXE
AppMgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
AudioSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Autodesk Licensing Service = "C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\SERVICE\ADSKSCSRV.EXE"
BITS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Browser = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
CiSvc = C:\WINDOWS\SYSTEM32\CISVC.EXE
ClipSrv = C:\WINDOWS\SYSTEM32\CLIPSRV.EXE
COMSysApp = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
CryptSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Dfs = C:\WINDOWS\SYSTEM32\DFSSVC.EXE
Dhcp = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE
dmadmin = C:\WINDOWS\SYSTEM32\DMADMIN.EXE /COM
dmserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Dnscache = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE
ERSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K WINERR
Eventlog = C:\WINDOWS\SYSTEM32\SERVICES.EXE
EventSystem = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
helpsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
HidServ = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
HTTPFilter = C:\WINDOWS\SYSTEM32\LSASS.EXE
ImapiService = C:\WINDOWS\SYSTEM32\IMAPI.EXE
IsmServ = C:\WINDOWS\SYSTEM32\ISMSERV.EXE
kdc = C:\WINDOWS\SYSTEM32\LSASS.EXE
lanmanserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
lanmanworkstation = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
LicenseService = C:\WINDOWS\SYSTEM32\LLSSRV.EXE
LmHosts = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
Messenger = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
mnmsrvc = C:\WINDOWS\SYSTEM32\MNMSRVC.EXE
MSDTC = C:\WINDOWS\SYSTEM32\MSDTC.EXE
MSIServer = C:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V
MSSEARCH = "C:\PROGRAM FILES\COMMON FILES\SYSTEM\MSSEARCH\BIN\MSSEARCH.EXE"
MSSQLSERVER = C:\PROGRA~1\MICROS~3\MSSQL\BINN\SQLSERVR.EXE
MSSQLServerADHelper = C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLADHLP.EXE
NetDDE = C:\WINDOWS\SYSTEM32\NETDDE.EXE
NetDDEdsdm = C:\WINDOWS\SYSTEM32\NETDDE.EXE
Netlogon = C:\WINDOWS\SYSTEM32\LSASS.EXE
Netman = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Nla = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
NtFrs = C:\WINDOWS\SYSTEM32\NTFRS.EXE
NtLmSsp = C:\WINDOWS\SYSTEM32\LSASS.EXE
NtmsSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ose = C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\SOURCE ENGINE\OSE.EXE
PlugPlay = C:\WINDOWS\SYSTEM32\SERVICES.EXE
PolicyAgent = C:\WINDOWS\SYSTEM32\LSASS.EXE
ProtectedStorage = C:\WINDOWS\SYSTEM32\LSASS.EXE
RasAuto = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RasMan = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RDSessMgr = C:\WINDOWS\SYSTEM32\SESSMGR.EXE
RemoteAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RemoteRegistry = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K REGSVC
RfwProxySrv = C:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE
RfwService = C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE
RpcLocator = C:\WINDOWS\SYSTEM32\LOCATOR.EXE
RpcSs = C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS
RsCCenter = "C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE"
RSoPProv = C:\WINDOWS\SYSTEM32\RSOPPROV.EXE
RsRavMon = "C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE"
sacsvr = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SamSs = C:\WINDOWS\SYSTEM32\LSASS.EXE
SCardSvr = C:\WINDOWS\SYSTEM32\SCARDSVR.EXE
Schedule = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
seclogon = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SefcsN = C:\WINDOWS\SERVICES.EXE
SENS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SharedAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ShellHWDetection = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Spooler = C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
SQLSERVERAGENT = C:\PROGRA~1\MICROS~3\MSSQL\BINN\SQLAGENT.EXE
stisvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC
swprv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K SWPRV
SysmonLog = C:\WINDOWS\SYSTEM32\SMLOGSVC.EXE
TapiSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K TAPISRV
TermService = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K TERMSVCS
Themes = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
TlntSvr = C:\WINDOWS\SYSTEM32\TLNTSVR.EXE
TrkSvr = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
TrkWks = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Tssdis = C:\WINDOWS\SYSTEM32\TSSDIS.EXE
uploadmgr = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
UPS = C:\WINDOWS\SYSTEM32\UPS.EXE
vds = C:\WINDOWS\SYSTEM32\VDS.EXE
VSS = C:\WINDOWS\SYSTEM32\VSSVC.EXE
W32Time = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WebClient = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
WinHttpAutoProxySvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
winmgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmdmPmSN = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Wmi = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmiApSrv = C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
wuauserv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WZCSVC = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
文件驱动
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
DfsDriver = C:\WINDOWS\SYSTEM32\DRIVERS\DFS.SYS
MRxDAV = C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS
MRxSmb = C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
NetBIOS = C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
Rdbss = C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
Srv = C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS
系统驱动项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
ac97intc = C:\WINDOWS\SYSTEM32\DRIVERS\AC97INTC.SYS
ACPI = C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS
ACPIEC = C:\WINDOWS\SYSTEM32\DRIVERS\ACPIEC.SYS
aeaudio = C:\WINDOWS\SYSTEM32\DRIVERS\AEAUDIO.SYS
aec = C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS
AFD = C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
Arp1394 = C:\WINDOWS\SYSTEM32\DRIVERS\ARP1394.SYS
AsyncMac = C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS
atapi = C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS
Atmarpc = C:\WINDOWS\SYSTEM32\DRIVERS\ATMARPC.SYS
audstub = C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS
BaseTDI = C:\WINDOWS\SYSTEM32\DRIVERS\BASETDI.SYS
Cdrom = C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
ClusDisk = C:\WINDOWS\SYSTEM32\DRIVERS\CLUSDISK.SYS
CmBatt = C:\WINDOWS\SYSTEM32\DRIVERS\CMBATT.SYS
Compbatt = C:\WINDOWS\SYSTEM32\DRIVERS\COMPBATT.SYS
crcdisk = C:\WINDOWS\SYSTEM32\DRIVERS\CRCDISK.SYS
Disk = C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS
dmboot = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS
dmio = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS
dmload = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS
DMusic = C:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS
drmkaud = C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS
E100B = C:\WINDOWS\SYSTEM32\DRIVERS\E100B325.SYS
ExpScaner = C:\PROGRAM FILES\RISING\RAV\EXPSCAN.SYS
FsVga = C:\WINDOWS\SYSTEM32\DRIVERS\FSVGA.SYS
Ftdisk = C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS
Gpc = C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS
HidUsb = C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS
HOOKAPI = C:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS
HookCont = C:\PROGRAM FILES\RISING\RAV\HOOKCONT.SYS
HookReg = C:\PROGRAM FILES\RISING\RAV\HOOKREG.SYS
HookSys = C:\PROGRAM FILES\RISING\RAV\HOOKSYS.SYS
HookUrl = C:\PROGRAM FILES\RISING\RFW\HOOKURL.SYS
HTTP = C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
i8042prt = C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS
ialm = C:\WINDOWS\SYSTEM32\DRIVERS\IALMNT5.SYS
imapi = C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS
IntelIde = C:\WINDOWS\SYSTEM32\DRIVERS\INTELIDE.SYS
IpFilterDriver = C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS
IpInIp = C:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS
IpNat = C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS
IPSec = C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS
isapnp = C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS
k750bus = C:\WINDOWS\SYSTEM32\DRIVERS\K750BUS.SYS
k750mdfl = C:\WINDOWS\SYSTEM32\DRIVERS\K750MDFL.SYS
k750mdm = C:\WINDOWS\SYSTEM32\DRIVERS\K750MDM.SYS
k750mgmt = C:\WINDOWS\SYSTEM32\DRIVERS\K750MGMT.SYS
k750obex = C:\WINDOWS\SYSTEM32\DRIVERS\K750OBEX.SYS
Kbdclass = C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
kmixer = C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS
KWatch3 = C:\WINDOWS\SYSTEM32\DRIVERS\KWATCH3.SYS
MEMSCAN = C:\PROGRAM FILES\RISING\RAV\MEMSCAN.SYS
Mouclass = C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
mouhid = C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS
mProcRs = C:\PROGRAM FILES\RISING\RFW\MPROCRS.SYS
MSKSSRV = C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS
MSPCLOCK = C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS
MSPQM = C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS
NdisTapi = C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
Ndisuio = C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS
NdisWan = C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS
NetBT = C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
NIC1394 = C:\WINDOWS\SYSTEM32\DRIVERS\NIC1394.SYS
ohci1394 = C:\WINDOWS\SYSTEM32\DRIVERS\OHCI1394.SYS
P3 = C:\WINDOWS\SYSTEM32\DRIVERS\P3.SYS
Parport = C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
Parvdm = C:\WINDOWS\SYSTEM32\DRIVERS\PARVDM.SYS
PCI = C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS
Pcmcia = C:\WINDOWS\SYSTEM32\DRIVERS\PCMCIA.SYS
PptpMiniport = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS
Ptilink = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS
RasAcd = C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
Rasl2tp = C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS
RasPppoe = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS
Raspti = C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS
RDPCDD = C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
rdpdr = C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS
redbook = C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS
RsFwDrv = C:\PROGRAM FILES\RISING\RFW\RSFWDRV.SYS
ScsiPort = C:\WINDOWS\SYSTEM32\DRIVERS\SCSIPORT.SYS
Secdrv = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS
serenum = C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS
Serial = C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS
smwdm = C:\WINDOWS\SYSTEM32\DRIVERS\SMWDM.SYS
SONYPVU1 = C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS
splitter = C:\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS
swenum = C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
swmidi = C:\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS
sysaudio = C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS
Tcpip = C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
TermDD = C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
TwoTrack = C:\WINDOWS\SYSTEM32\DRIVERS\TWOTRACK.SYS
Update = C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS
usbhub = C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
usbprint = C:\WINDOWS\SYSTEM32\DRIVERS\USBPRINT.SYS
usbstor = C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
usbuhci = C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS
VgaSave = C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
VolSnap = C:\WINDOWS\SYSTEM32\DRIVERS\VOLSNAP.SYS
Wanarp = C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
wdmaud = C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS
WINIO = C:\WINDOWS\DOWNLOADED PROGRAM FILES\WINIO.SYS
WLBS = C:\WINDOWS\SYSTEM32\DRIVERS\WLBS.SYS
{6080A529-897E-4629-A488-ABA0C29B635E} = C:\WINDOWS\SYSTEM32\DRIVERS\IALMSBW.SYS
{A7E39B01-B403-11d4-BD18-00D0B7A1821E} = C:\WINDOWS\SYSTEM32\DRIVERS\VCH.SYS
{D31A0762-0CEB-444e-ACFF-B049A1F6FE91} = C:\WINDOWS\SYSTEM32\DRIVERS\IALMKCHW.SYS
请问楼主用什么东东扫描的日志?把你扫描的日志利用附件发上来我看看。这样子实在不好看:)
谢谢!
我是用瑞星听诊器扫描的!
详细内容见附件!
瑞星诊断器还真厉害啊
我大部分都看不懂
LZ说cpu占100%,
建议先用任务管理器看看是那个进程占用的......
:'(我用任务管理器看过了,是services.exe进程使用了90%以上!
估计是哪个病毒占了系统进程
AVP扫描后具体提示感染内容是什么?什么病毒类型,如果已提示该文件感染病毒;重启至安全模式下进行查杀,注意升级至最新病毒库;相对于病毒而言,没有完全绝对有效的工具进行阻截,当然反病毒工具也有一定的查杀能力的区别,不可能一个反病毒工具可以查杀当前的所有病毒,且病毒的变种更新很快,这与厂商本身的技术实力有关;AVP、MCAFEE等都不错
可是我找不到病毒!
我想也是什么木马什么的,在后台运行,定期运行占用我的CPU,造成CPU发热!
但我怎么也找不到病毒啊!
有哪位高手给点意见!
SefcsN = C:\WINDOWS\SERVICES.EXE
这个进程的路径显然不对,安全模式下可以删除。
我的机子了总是出现这种事
期望有一个高手出来帮一下忙
真是感激不进!~!~·~!~!
貌似我的机子上以前也有过
keeper11版主:
谢谢您!
不知道注册表会不会有修改呢?
我之前搜索到这个路径的文件,已经删掉了,好象没有什么改变!
就算是病毒也是原程序吧,好象直接删掉也没什么用
请再给点意见,谢谢!
不知道楼上的是怎么处理的呢?
有什么高招!
原帖由 keeper11 于 2006-6-29 09:50 发表
SefcsN = C:\WINDOWS\SERVICES.EXE
这个进程的路径显然不对,安全模式下可以删除。
可是我在路径中找不到这个文件?
怎么处理?
谢谢!
还有高手指点吗?
那个日志看的实在眼花,能否换一个扫描工具
我也有过,不过过一段时间就好了.
原帖由 jywgb 于 2006-6-29 13:32 发表
可是我在路径中找不到这个文件?
怎么处理?
谢谢!
请查看本版精华帖,红桃的原创 灰鸽子的快速手工检测
这可能是中的灰鸽子病毒吗? |
|
设为首页
加入收藏
联系我们
打印本文 
返回顶部 
加入收藏 
关闭窗口
