杀毒、杀木马、杀恶意软件
工具这里找：
都是免费的、正版的、自动升级的
AVAST杀毒、AVG Anti-Spyware杀木马、360杀恶意软件（修复系统漏洞）
2.排除以上因素后再考虑其他问题
例如看看任务管理器里的进程
一般16-25个
太多就要找原因
不需要的软件就卸载
需要的尽量不要随系统启动
3.每次退出前做2件事：
运行360的“清理使用痕迹”、“全选”、“立即清理”；
点“控制面板”、“Internet选项”
“删除文件”，选“删除所有脱机内容”、“确定”
“删除Cookies”、“确定”
您的举报已经提交成功，我们将尽快处理，谢谢！
建议先查杀一下木马，修复一下系统试试。
建议你下载恶意软件和木马强杀工具windows清理助手查杀恶意软件和木马：
下载网址：
下载安装后，首先升级到最新...
是不是卡巴斯基的缘故,我的机器也用的这个,打开保护以后就是特别占资源
1、杀毒软件安装多，并且全部打开监控，少开监控或不开监控，经常查杀病毒就是了。
2、软件或驱动与系统不兼容，重装或升级驱动。
3、系统问题或有木马，查杀一下...
qq你开了视频了嘛?如果开了那是要100%了
还有.BT很占CPU的.开个BT也会到100%就看你电脑的配置了
你重启后不开BT就不会这样了
如果说你...
电脑经常死机的原因有很多，但是一般都是由于遭到远程木马控制或病毒或恶意插件入侵所致，你可以常使用下面的方法解决电脑经常死机的问题。
"电脑死机的原因：
硬件方面...
大家还关注病毒、木马、间谍软件造成CPU使用率占用100%
我的图书馆
病毒、木马、间谍软件造成CPU使用率占用100%
病毒、木马、间谍软件造成CPU使用率占用100%
病毒、木马、间谍软件造成CPU使用率占用100%
　　出现CPU占用率100% 的故障经常是因为病毒木马造成的，比如震荡波病毒。应该首先更新病毒库，对电脑进行全机扫描 。接着，在使用反间谍软件Ad—Aware，检查是否存在间谍软件。论坛上有不少朋友都遇到过svchost.exe占用CPU100%，这个往往是中毒 的表现。
　　svchost.exe Windows中的系统服务是以动态链接库(DLL)的形式实现的，其中一些会把可执行程序指向svchost.exe，由它调用相应服务的动态链接库并 加上相应参数来启动服务。正是因为它的特殊性和重要性，使它更容易成为了一些病毒木马的宿主。
病毒、木马、间谍软件造成CPU使用率占用100%
TA的最新馆藏1&&/&&1&&页
跳转 0 ? parseInt(this.value) : 1) + '.aspx';}else{window.location='showtopic.aspx?topicid=8243591&page=' + (parseInt(this.value) > 0 ? parseInt(this.value) : 1) ;}}"" size="4" maxlength="9"
class="colorblue2"/>页
救命啊，中病毒了，CPU100%
初生襁褓狮
救命啊，中病毒了，CPU100%
高手来帮我看下，中病毒了，CPU使用一直100%，机子好慢啊，救命啊。& & & & & & & &
[CODE],22:17:55System Repair Engineer 2.3.13.690Smallfrogs ()Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：& & 所有的启动项目（包括注册表、启动文件夹、服务等）& & 浏览器加载项& & 正在运行的进程（包括进程模块信息）& & 文件关联& & Winsock 提供者& & Autorun.inf& & HOSTS 文件启动项目注册表[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]& & &ctfmon.exe&&C:\WINDOWS\system32\ctfmon.exe&& [(Verified)Microsoft Corporation]& & &KavPFW&&"F:\金山毒霸2006\KPFW32.EXE"&& [Kingsoft Corporation]& & &Super Rabbit IEPro&&F:\超级兔子\MagicSet\SRIECLI.EXE /LOAD&& [Super Rabbit Soft]& & &swg&&; C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe&& [(Verified)Google Inc.]& & &foxy&&; "D:\惊天动地\摩力游下载器\Foxy.exe" -tray&& [N/A]& & &MSMSGS&&"C:\Program Files\Messenger\msmsgs.exe" /background&& [(Verified)Microsoft Corporation][HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]& & &load&&&& [N/A]& & &run&&&& [N/A][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]& & &TkBellExe&&"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"& -osboot&& [RealNetworks, Inc.]& & &KavStart&&"F:\金山毒霸2006\KAVStart.exe" -startup&& [Kingsoft Corporation]& & &KernelFaultCheck&&%systemroot%\system32\dumprep 0 -k&& [N/A]& & &sdafdsafds&&C:\WINDOWS\temp\sd151.exe&& [N/A][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]& & &Super Rabbit Winspeed&&"F:\超级兔子\MagicSet\srck.exe" /autokill:172,81,12,5&& [Super Rabbit Soft][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]& & &shell&&Explorer.exe&& [(Verified)Microsoft Corporation]& & &Userinit&&C:\WINDOWS\system32\userinit.exe,&& [(Verified)Microsoft Corporation][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]& & &AppInit_DLLs&&&& [N/A][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]& & &UIHost&&logonui.exe&& [(Verified)Microsoft Corporation]==================================启动文件夹[腾讯QQ]& &C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --& C:\PROGRA~1\QQ2006\QQ.exe [TENCENT]&&H&==================================服务[Human Interface Device Access / HidServ][Stopped/Disabled]& &C:\WINDOWS\System32\svchost.exe -k netsvcs--&%SystemRoot%\System32\hidserv.dll&&N/A&[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]& &"F:\金山毒霸2006\KPfwSvc.EXE"&&Kingsoft Corporation&[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]& &F:\金山毒霸2006\KWatch.EXE&&Kingsoft Corporation&[Rising Proxy& Service / RfwProxySrv][Stopped/Manual Start]& &c:\program files\rising\rfw\rfwproxy.exe&&Beijing Rising Technology Co., Ltd.&[Rising Personal Firewall Service / RfwService][Running/Auto Start]& &c:\program files\rising\rfw\rfwsrv.exe&&Beijing Rising Technology Co., Ltd.&[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]& &"F:\Rising\Rav\CCenter.exe"&&N/A&[RsRavMon Service / RsRavMon][Stopped/Auto Start]& &"F:\Rising\Rav\Ravmond.exe"&&N/A&[Windows Manager / Simple][Stopped/Manual Start]& &2 - 系统找不到指定的文件。&&N/A&[Indexing Data / DiRVIn][Stopped/]& &2 - 系统找不到指定的文件。&&N/A&[System Security / Partner][Stopped/]& &2 - 系统找不到指定的文件。&&N/A
初生襁褓狮
==================================驱动程序[100234 / 100234][Running/Boot Start]& &\SystemRoot\System32\drivers\100234.sys&&N/A&[84625 / 84625][Running/Boot Start]& &\SystemRoot\System32\drivers\84625.sys&&N/A&[a320raid / a320raid][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\a320raid.sys&&Adaptec, Inc.&[AAC / AAC][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\AAC.SYS&&Adaptec, Inc.&[aar1210 / aar1210][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\aar1210.sys&&Adaptec, Inc.&[abp480n5 / abp480n5][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\abp480n5.sys&&Microsoft Corporation&[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]& &system32\drivers\ac97intc.sys&&Intel Corporation&[adpu160m / adpu160m][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\adpu160m.sys&&Microsoft Corporation&[adpu320 / adpu320][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\adpu320.sys&&Adaptec, Inc.&[ACARD AEC6210UF UltraDMA33 Controller / aec6210][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\aec6210.sys&&ACARD Technology Corp.&[ACARD AEC6260 UltraDMA-66 Controller / aec6260][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\aec6260.sys&&ACARD Technology Corp.&[aec6280 / aec6280][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\aec6280.sys&&ACARD Technology Corp.&[AEC6290 / AEC6290][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\AEC6290.SYS&&ACARD Technology Corp.&[AEC67160 / AEC67160][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\AEC67160.SYS&&ACARD Technology Corp.&[AEC671X / AEC671X][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\AEC671X.SYS&&ACARD Technology Corp.&[AEC6880 / AEC6880][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\AEC6880.SYS&&ACARD Technology Corp.&[AEC6890 / AEC6890][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\AEC6890.sys&&ACARD Technology Corp.&[aec68x5 / aec68x5][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\aec68x5.sys&&ACARD Technology Corp.&[Aha154x / Aha154x][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\aha154x.sys&&Microsoft Corporation&[aic78u2 / aic78u2][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\aic78u2.sys&&Microsoft Corporation&[aic78xx / aic78xx][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\aic78xx.sys&&Microsoft Corporation&[AliIde / AliIde][Running/Boot Start]& &\SystemRoot\System32\DRIVERS\aliide.sys&&Acer Laboratories Inc.&[AMDEIDE / AMDEIDE][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\AMDEIDE.SYS&&N/A&[asc / asc][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\asc.sys&&Advanced System Products, Inc.&[asc3550 / asc3550][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\asc3550.sys&&Advanced System Products, Inc.&[Rising TDI Base Driver / BaseTDI][Running/Auto Start]& &System32\DRIVERS\BaseTDI.SYS&&Beijing Rising Technology Co., Ltd.&[CmdIde / CmdIde][Running/Boot Start]& &\SystemRoot\System32\DRIVERS\cmdide.sys&&CMD Technology, Inc.&[dac2w2k / dac2w2k][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\dac2w2k.sys&&Mylex Corporation&[dpti2o / dpti2o][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\dpti2o.sys&&Microsoft Corporation&[ExpScaner / ExpScaner][Stopped/Auto Start]& &\??\F:\Rising\Rav\ExpScan.sys&&N/A&[FASTSX / FASTSX][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\FASTSX.SYS&&Promise Technology, Inc.&[fasttrak / fasttrak][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\fasttrak.sys&&Promise Technology, Inc.&[fasttx2k / fasttx2k][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\fasttx2k.sys&&Promise Technology, Inc.&[fasttx2k2 / fasttx2k2][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\fasttx2k2.sys&&Promise Technology, Inc.&[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]& &system32\DRIVERS\fetnd5.sys&&VIA Technologies, Inc.&[HookCont / HookCont][Stopped/Auto Start]& &\??\F:\Rising\Rav\HOOKCONT.sys&&N/A&[HookReg / HookReg][Stopped/Auto Start]& &\??\F:\Rising\Rav\HookReg.sys&&N/A&[HookSys / HookSys][Stopped/Auto Start]& &\??\F:\Rising\Rav\HookSys.sys&&N/A&[HookUrl / HookUrl][Running/Auto Start]& &\??\C:\Program Files\Rising\Rfw\HookUrl.sys&&Beijing Rising Technology Co., Ltd.&[Hpt366 / Hpt366][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\Hpt366.sys&&Microsoft Corporation&[HPT371 / HPT371][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\HPT371.sys&&HighPoint Technologies, Inc.&[hpt374 / hpt374][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\hpt374.sys&&HighPoint Technologies, Inc.&[hpt3xx / hpt3xx][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\hpt3xx.sys&&HighPoint Technologies, Inc.&[hptmv / hptmv][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\hptmv.sys&&HighPoint Technologies, Inc.&[hptpro / hptpro][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\hptpro.sys&&HighPoint Technologies, Inc.&[Intel Integrated RAID / iaStor][Stopped/Boot Start]& &\SystemRoot\system32\drivers\iaStor.sys&&Intel Corporation&[ids00026 / ids00026][Stopped/Manual Start]& &\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys&&N/A&[ini910u / ini910u][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\ini910u.sys&&Microsoft Corporation&[ITERAID_Service_Install / iteraid][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\iteraid.sys&&Integrated Technology Express, Inc.&[klstm / klstm][Stopped/Manual Start]& &\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\klstm.sys&&N/A&[KNetWch / KNetWch][Running/System Start]& &\??\F:\金山毒霸2006\KNetWch.SYS&&Kingsoft Corporation&[KWatch3 / KWatch3][Running/System Start]& &\??\C:\WINDOWS\system32\drivers\KWatch3.SYS&&Kingsoft Corporation&[m5228 / m5228][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\m5228.sys&&ALi Corporation.&[m5281 / m5281][Stopped/Boot Start]& &\SystemRoot\system32\drivers\m5281.sys&&ALi Corporation&[MegaIDE / MegaIDE][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\MegaIDE.sys&&LSI Logic Corporation.&[MEMSCAN / MEMSCAN][Stopped/Auto Start]& &\??\F:\Rising\Rav\MEMSCAN.sys&&N/A&[mProcRs / mProcRs][Running/Auto Start]& &\??\c:\program files\rising\rfw\mProcRs.sys&&Beijing Rising Technology Co., Ltd.&[mraid2k / mraid2k][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\mraid2k.sys&&American Megatrends, Inc.&[mraid35x / mraid35x][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\mraid35x.sys&&American Megatrends Inc.&[npkcrypt / npkcrypt][Running/Auto Start]& &\??\C:\Program Files\QQ2006\npkcrypt.sys&&INCA Internet Co., Ltd.&[npkycryp / npkycryp][Stopped/Manual Start]& &\??\C:\Program Files\QQ2006\npkycryp.sys&&N/A&[nv / nv][Running/Manual Start]& &system32\DRIVERS\nv4_mini.sys&&NVIDIA Corporation&[NVATABUS / NVATABUS][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\NVATABUS.SYS&&NVIDIA Corporation&[PNP649R / PNP649R][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\PNP649R.SYS&&CMD Technology, Inc.&[SiI 680 ATA Controller / Pnp680][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\pnp680.sys&&Silicon Image, Inc.&[Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Stopped/Boot Start]
横据古稀狮
日志不全运行SREng2,使用“启动项目”－－注册表－－删除C:\WINDOWS\temp\sd151.exe运行(双击)SRENG2，点“启动项目，服务，点“驱动程序”勾选“隐藏微软服务”选中病毒服务10023484625 ，选择“删除服务”点“设置”选择“否”重启按F８进入安全模式下显示隐藏文件删除：&
SystemRoot\System32\drivers\100234.sys\SystemRoot\System32\drivers\84625.sysC:\WINDOWS\temp\sd151.exe
威望：17287
初生襁褓狮
&\SystemRoot\System32\DRIVERS\pnp680r.sys&&Silicon Image, Inc&[Direct Parallel Link Driver / Ptilink][Running/Manual Start]& &system32\DRIVERS\ptilink.sys&&Parallel Technologies, Inc.&[ql1080 / ql1080][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\ql1080.sys&&QLogic Corporation&[Ql10wnt / Ql10wnt][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\ql10wnt.sys&&Microsoft Corporation&[ql12160 / ql12160][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\ql12160.sys&&QLogic Corporation&[ql1280 / ql1280][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\ql1280.sys&&QLogic Corporation&[RAIDSRC / RAIDSRC][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\RAIDSRC.SYS&&Intel/ICP&[RsFwDrv / RsFwDrv][Running/Auto Start]& &\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys&&Beijing Rising Technology Co., Ltd.&[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]& &system32\DRIVERS\RTL8139.SYS&&Realtek Semiconductor Corporation&[S150SX8 / S150SX8][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\S150SX8.SYS&&Promise Technology, Inc.&[Secdrv / Secdrv][Stopped/Manual Start]& &system32\DRIVERS\secdrv.sys&&N/A&[SiI-3512 SATALink Controller / SI3112][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SI3112.sys&&Silicon Image, Inc.&[Silicon Image SiI 3512 SATARaid Controller / SI3112r][Stopped/Boot Start]& &\SystemRoot\system32\drivers\SI3112r.sys&&Silicon Image, Inc&[SiI-3114 SATALink Controller / SI3114][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SI3114.sys&&Silicon Image, Inc.&[SiI-3114 SATARaid Controller / SI3114r][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SI3114R.sys&&Silicon Image, Inc&[SiI-3124 SATALink Controller / SI3124][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SI3124.sys&&Silicon Image, Inc.&[SiI-3124 SATARaid Controller / SI3124r][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SI3124R.sys&&Silicon Image, Inc&[SATALink driver accelerator / SiFilter][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SiWinAcc.sys&&Silicon Image, Inc.&[SISIDE / SISIDE][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SISIDE.SYS&&Silicon Integrated Systems Corp.&[SiSRaid / SiSRaid][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SiSRaid.sys&&Silicon Integrated Systems&[SiSRaid1 / SiSRaid1][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SiSRaid1.sys&&Silicon Integrated Systems&[SISRAIDS / SISRAIDS][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SISRAIDS.SYS&&Silicon Integrated Systems Corp&[Sparrow / Sparrow][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\sparrow.sys&&Adaptec, Inc.&[sptrak / sptrak][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\sptrak.sys&&Promise Technology, Inc.&[symc810 / symc810][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\symc810.sys&&Symbios Logic Inc.&[symc8xx / symc8xx][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\symc8xx.sys&&LSI Logic&[SYMMPI / SYMMPI][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SYMMPI.SYS&&LSI Logic&[sym_hi / sym_hi][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\sym_hi.sys&&LSI Logic&[sym_u3 / sym_u3][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\sym_u3.sys&&LSI Logic&[TCP/IP Protocol Driver / Tcpip][Running/System Start]& &system32\DRIVERS\tcpip.sys&&Microsoft Corporation&[TosIde / TosIde][Running/Boot Start]& &\SystemRoot\System32\DRIVERS\toside.sys&&Microsoft Corporation&[UlSata / UlSata][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\ulsata.sys&&Promise Technology, Inc.&[ULSATAS / ULSATAS][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\ULSATAS.SYS&&Promise Technology, Inc.&[ultra / ultra][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\ultra.sys&&Promise Technology, Inc.&[ViaIde / ViaIde][Running/Boot Start]& &\SystemRoot\System32\DRIVERS\viaide.sys&&Microsoft Corporation&[viamraid / viamraid][Stopped/Boot Start]& &\SystemRoot\system32\DRIVERS\viamraid.sys&&VIA Technologies inc,.ltd&[VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\viapdsk.sys&&VIA Technologies, Inc.&[viaraid / viaraid][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\viaraid.sys&&VIA Technologies inc,.ltd&[viasraid / viasraid][Stopped/Boot Start]& &\SystemRoot\system32\drivers\viasraid.sys&&VIA Technologies inc,.ltd&[vmscsi / vmscsi][Stopped/Boot Start]& &\SystemRoot\system32\drivers\vmscsi.sys&&VMware, Inc.&[XPROTECTOR / XPROTECTOR][Running/Auto Start]& &\??\C:\WINDOWS\system32\drivers\XPROTECTOR.SYS&&N/A&[hk / hk][Running/Disabled]& &\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hkcum&&N/A&[cdnprot / cdnprot][Stopped/]& &2 - 系统找不到指定的文件。&&N/A&[hjieicic / hjieicic][Stopped/Boot Start]& &\SystemRoot\system32\drivers\hjieicic.sys&&中国互联网络信息中心(CNNIC)&[visvug90 / visvug90][Running/]& &2 - 系统找不到指定的文件。&&N/A&[ndjoj / ndjoj][Running/]& &2 - 系统找不到指定的文件。&&N/A&[msqmx / msqmx][Running/]& &2 - 系统找不到指定的文件。&&N/A&
初生襁褓狮
& &\SystemRoot\System32\DRIVERS\S150SX8.SYS&&Promise Technology, Inc.&[Secdrv / Secdrv][Stopped/Manual Start]& &system32\DRIVERS\secdrv.sys&&N/A&[SiI-3512 SATALink Controller / SI3112][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SI3112.sys&&Silicon Image, Inc.&[Silicon Image SiI 3512 SATARaid Controller / SI3112r][Stopped/Boot Start]& &\SystemRoot\system32\drivers\SI3112r.sys&&Silicon Image, Inc&[SiI-3114 SATALink Controller / SI3114][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SI3114.sys&&Silicon Image, Inc.&[SiI-3114 SATARaid Controller / SI3114r][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SI3114R.sys&&Silicon Image, Inc&[SiI-3124 SATALink Controller / SI3124][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SI3124.sys&&Silicon Image, Inc.&[SiI-3124 SATARaid Controller / SI3124r][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SI3124R.sys&&Silicon Image, Inc&[SATALink driver accelerator / SiFilter][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SiWinAcc.sys&&Silicon Image, Inc.&[SISIDE / SISIDE][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SISIDE.SYS&&Silicon Integrated Systems Corp.&[SiSRaid / SiSRaid][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SiSRaid.sys&&Silicon Integrated Systems&[SiSRaid1 / SiSRaid1][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SiSRaid1.sys&&Silicon Integrated Systems&[SISRAIDS / SISRAIDS][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SISRAIDS.SYS&&Silicon Integrated Systems Corp&[Sparrow / Sparrow][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\sparrow.sys&&Adaptec, Inc.&[sptrak / sptrak][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\sptrak.sys&&Promise Technology, Inc.&[symc810 / symc810][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\symc810.sys&&Symbios Logic Inc.&[symc8xx / symc8xx][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\symc8xx.sys&&LSI Logic&[SYMMPI / SYMMPI][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\SYMMPI.SYS&&LSI Logic&[sym_hi / sym_hi][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\sym_hi.sys&&LSI Logic&[sym_u3 / sym_u3][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\sym_u3.sys&&LSI Logic&[TCP/IP Protocol Driver / Tcpip][Running/System Start]& &system32\DRIVERS\tcpip.sys&&Microsoft Corporation&[TosIde / TosIde][Running/Boot Start]& &\SystemRoot\System32\DRIVERS\toside.sys&&Microsoft Corporation&[UlSata / UlSata][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\ulsata.sys&&Promise Technology, Inc.&[ULSATAS / ULSATAS][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\ULSATAS.SYS&&Promise Technology, Inc.&[ultra / ultra][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\ultra.sys&&Promise Technology, Inc.&[ViaIde / ViaIde][Running/Boot Start]& &\SystemRoot\System32\DRIVERS\viaide.sys&&Microsoft Corporation&[viamraid / viamraid][Stopped/Boot Start]& &\SystemRoot\system32\DRIVERS\viamraid.sys&&VIA Technologies inc,.ltd&[VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\viapdsk.sys&&VIA Technologies, Inc.&[viaraid / viaraid][Stopped/Boot Start]& &\SystemRoot\System32\DRIVERS\viaraid.sys&&VIA Technologies inc,.ltd&[viasraid / viasraid][Stopped/Boot Start]& &\SystemRoot\system32\drivers\viasraid.sys&&VIA Technologies inc,.ltd&[vmscsi / vmscsi][Stopped/Boot Start]& &\SystemRoot\system32\drivers\vmscsi.sys&&VMware, Inc.&[XPROTECTOR / XPROTECTOR][Running/Auto Start]& &\??\C:\WINDOWS\system32\drivers\XPROTECTOR.SYS&&N/A&[hk / hk][Running/Disabled]& &\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hkcum&&N/A&[cdnprot / cdnprot][Stopped/]& &2 - 系统找不到指定的文件。&&N/A&[hjieicic / hjieicic][Stopped/Boot Start]& &\SystemRoot\system32\drivers\hjieicic.sys&&中国互联网络信息中心(CNNIC)&[visvug90 / visvug90][Running/]& &2 - 系统找不到指定的文件。&&N/A&[ndjoj / ndjoj][Running/]& &2 - 系统找不到指定的文件。&&N/A&[msqmx / msqmx][Running/]& &2 - 系统找不到指定的文件。&&N/A&==================================浏览器加载项[WebThunder Browser Helper]& {00000AAA-A363-466E-BEF5-9BB68697AA7F} &C:\Program Files\讯雷\WebThunderBHO_015.dll, Thunder Networking Technologies,LTD&[QQBrowserHelperObject Class]& {54EBD53A-9BC1-480B-966A-843A333CA162} &C:\Program Files\QQ2006\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司&[Google Toolbar Helper]& {AA58ED58-01DD-4d91-8333-CF} &c:\program files\google\googletoolbar2.dll, Google Inc.&[启动Web迅雷]& {962EFB8E--AC74-AAA4C759B9C6} &, N/A&[QQ]& {c95fe080-8f5d-11d2-a20b-00aa003c157b} &C:\Program Files\QQ2006\QQ.EXE, TENCENT&[卡卡上网安全助手]& {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} &C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.&[&Google]& {--9B18-CD4F} &c:\program files\google\googletoolbar2.dll, Google Inc.&[超级兔子上网精灵]& {4FD-4F15-9B46-F4E} &F:\超级兔子\MagicSet\haokanbar.dll, Xiang Feng Technology&[WUWebControl Class]& {6414512B-B978-451D-A0D8-FCFDF33E833C} &C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation&[Shockwave Flash Object]& {D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.&[WebThunder Browser Helper]& {00000AAA-A363-466E-BEF5-9BB68697AA7F} &C:\Program Files\讯雷\WebThunderBHO_015.dll, Thunder Networking Technologies,LTD&[Google Script Object]& {00EF-47C0-BD25-CF2D5D657FEB} &c:\program files\google\googletoolbar2.dll, Google Inc.&[Windows Media Player]& {22D6F312-B0F6-11D0-94AB-E95} &C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation&[&Google]& {--9B18-CD4F} &c:\program files\google\googletoolbar2.dll, Google Inc.&[HTML Document]& {F9-11CF-8FD0-00AA00686F13} &%SystemRoot%\system32\mshtml.dll, N/A&[DHTML Edit Control Safe for Scripting for IE5]& {2D360201-FFF5-11D1-8D03-00A0C959BC0A} &C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation&[超级兔子上网精灵]& {4FD-4F15-9B46-F4E} &F:\超级兔子\MagicSet\haokanbar.dll, Xiang Feng Technology&[HHCtrl Object]& {52A2AAAE-085D-4187-97EA-8C30DB990436} &C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation&[QQBrowserHelperObject Class]& {54EBD53A-9BC1-480B-966A-843A333CA162} &C:\Program Files\QQ2006\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司&[Shell Name Space]& {DE-11D1-B9F2-00A0C98BC547} &%SystemRoot%\system32\shdocvw.dll, N/A&[金山毒霸在线杀毒]& {577A-5DA583F9CE} &, N/A&[Windows Media Player]& {6BF52A52-394A-11D3-B153-00C04F79FAA6} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&[Active Desktop Mover]& {72267F6A-A6F9-11D0-BC94-00C04FB67863} &%SystemRoot%\system32\SHELL32.dll, N/A&[Microsoft Web 浏览器]& {A-11D0-A96B-00C04FD705A2} &C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation&[Google Toolbar Helper]& {AA58ED58-01DD-4D91-8333-CF} &c:\program files\google\googletoolbar2.dll, Google Inc.&[Microsoft Scriptlet Component]& {AE24FDAE-03C6-11D1-8B76-} &C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation&[卡卡上网安全助手]& {AFF6E516-CBE5-4F8A-9C2F-38A} &C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.&[SearchAssistantOC]& {B45FF030--85DE-00C04FA35C89} &%SystemRoot%\system32\shdocvw.dll, N/A&[RDS.DataSpace]& {BD96C556-65A3-11D0-983A-00C04FC29E36} &C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation&[AUDIO__MID Moniker Class]& {CD3AFA74-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&[AUDIO__X_MS_WMA Moniker Class]& {CD3AFA84-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&[VIDEO__X_MS_WMV Moniker Class]& {CD3AFA94-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, Microsoft Corporation&[RealPlayer G2 Control]& {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} &C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.&[Shockwave Flash Object]& {D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.&[卡卡上网安全助手]& {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} &C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.&[&使用迅雷下载]& &C:\Program Files\讯雷\geturl.htm, N/A&[&使用迅雷下载全部链接]& &C:\Program Files\讯雷\getallurl.htm, N/A&[上传到QQ网络硬盘]& &C:\Program Files\QQ2006\AddToNetDisk.htm, N/A&[使用Web迅雷下载]& &C:\Program Files\讯雷\GetUrl.htm, N/A&[使用Web迅雷下载全部链接]& &C:\Program Files\讯雷\GetAllUrl.htm, N/A&[添加到QQ自定义面板]& &C:\Program Files\QQ2006\AddPanel.htm, N/A&[添加到QQ表情]& &C:\Program Files\QQ2006\AddEmotion.htm, N/A&[用QQ彩信发送该图片]& &C:\Program Files\QQ2006\SendMMS.htm, N/A&[金山毒霸反钓鱼...]& &F:\金山毒霸2006\KAF\ShowSet.htm, N/A&
初生襁褓狮
==================================正在运行的进程[PID: 476][\??\C:\WINDOWS\system32\csrss.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 500][\??\C:\WINDOWS\system32\winlogon.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [C:\WINDOWS\system32\tssoft32.acm]& [DSP GROUP, INC., 1.01]& & [C:\WINDOWS\system32\tsd32.dll]& [N/A, N/A]& & [C:\WINDOWS\system32\sl_anet.acm]& [Sipro Lab Telecom Inc., 3.02]& & [C:\WINDOWS\system32\iac25_32.ax]& [Intel Corporation, 2.05.53]& & [C:\WINDOWS\system32\l3codeca.acm]& [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305][PID: 544][C:\WINDOWS\system32\services.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 556][C:\WINDOWS\system32\lsass.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 720][C:\WINDOWS\system32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 792][C:\WINDOWS\system32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 836][C:\WINDOWS\System32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 908][C:\WINDOWS\system32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 972][C:\WINDOWS\system32\svchost.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)][PID: 1016][c:\program files\rising\rfw\rfwsrv.exe]& [Beijing Rising Technology Co., Ltd., 4, 0, 0, 32]& & [c:\program files\rising\rfw\RfwRule.dll]& [Beijing Rising Technology Co., Ltd., 4, 0, 0, 13]& & [c:\program files\rising\rfw\rfwlog.dll]& [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]& & [c:\program files\rising\rfw\Rfwdrv.dll]& [Beijing Rising Technology Co., Ltd., 4, 0, 0, 21]& & [c:\program files\rising\rfw\MonDrv.dll]& [rs, 1, 0, 0, 4]& & [c:\program files\rising\rfw\ProcLib.dll]& [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]& & [c:\program files\rising\rfw\mPorts.dll]& [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3][PID: 1264][F:\金山毒霸2006\KWatch.EXE]& [Kingsoft Corporation, , 51]& & [F:\金山毒霸2006\KAVIPC2.DLL]& [Kingsoft Corporation, , 20]& & [F:\金山毒霸2006\KAEPlat.DLL]& [Kingsoft Corp., , 60]& & [F:\金山毒霸2006\KAEMem.DAT]& [Kingsoft, , 16]& & [F:\金山毒霸2006\KAEUnpack.DAT]& [Kingsoft Corp., , 69][PID: 1548][F:\金山毒霸2006\KPfwSvc.EXE]& [Kingsoft Corporation, , 28][PID: 1604][C:\WINDOWS\system32\wdfmgr.exe]& [Microsoft Corporation, 5.2. built by: dnsrv(bld4act)][PID: 328][C:\WINDOWS\Explorer.EXE]& [Microsoft Corporation, 6.00. (xpsp_sp2_rtm.8)]& & [F:\金山毒霸2006\KASocket.dll]& [Kingsoft Corporation, , 233]& & [F:\金山毒霸2006\KMailOEBand.dll]& [Kingsoft Corporation, , 132]& & [C:\Program Files\讯雷\WebThunderBHO_015.dll]& [Thunder Networking Technologies,LTD, 6, 0, 0, 5]& & [C:\WINDOWS\system32\tssoft32.acm]& [DSP GROUP, INC., 1.01]& & [C:\WINDOWS\system32\tsd32.dll]& [N/A, N/A]& & [C:\WINDOWS\system32\sl_anet.acm]& [Sipro Lab Telecom Inc., 3.02]& & [C:\WINDOWS\system32\iac25_32.ax]& [Intel Corporation, 2.05.53]& & [C:\WINDOWS\system32\l3codeca.acm]& [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305][PID: 3088][c:\program files\rising\rfw\RfwMain.exe]& [Beijing Rising Technology Co., Ltd., 4, 0, 0, 52]& & [c:\program files\rising\rfw\RsGuiLib.dll]& [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]& & [c:\program files\rising\rfw\RSCOMMON.DLL]& [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]& & [c:\program files\rising\rfw\PngDll.dll]& [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]& & [F:\金山毒霸2006\KASocket.dll]& [Kingsoft Corporation, , 233]& & [F:\金山毒霸2006\KMailOEBand.dll]& [Kingsoft Corporation, , 132]& & [C:\WINDOWS\system32\tssoft32.acm]& [DSP GROUP, INC., 1.01]& & [C:\WINDOWS\system32\tsd32.dll]& [N/A, N/A]& & [C:\WINDOWS\system32\sl_anet.acm]& [Sipro Lab Telecom Inc., 3.02]& & [C:\WINDOWS\system32\iac25_32.ax]& [Intel Corporation, 2.05.53]& & [C:\WINDOWS\system32\l3codeca.acm]& [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305][PID: 3268][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]& [RealNetworks, Inc., 0.1.0.3208]& & [F:\金山毒霸2006\KASocket.dll]& [Kingsoft Corporation, , 233][PID: 3324][F:\金山毒霸2006\KAVStart.exe]& [Kingsoft Corporation, , 212]& & [F:\金山毒霸2006\KAVIPC2.DLL]& [Kingsoft Corporation, , 20]& & [F:\金山毒霸2006\SvcTimer.DLL]& [Kingsoft Corporation, .84]& & [F:\金山毒霸2006\PopSprt3.dll]& [Kingsoft Corporation, , 38]& & [F:\金山毒霸2006\KAVPassp.dll]& [Kingsoft Corporation, , 270]& & [F:\金山毒霸2006\KASocket.dll]& [Kingsoft Corporation, , 233]& & [F:\金山毒霸2006\KMailOEBand.dll]& [Kingsoft Corporation, , 132][PID: 3184][C:\WINDOWS\system32\ctfmon.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]& & [F:\金山毒霸2006\KASocket.dll]& [Kingsoft Corporation, , 233][PID: 816][F:\金山毒霸2006\KPFW32.EXE]& [Kingsoft Corporation, , 666]& & [F:\金山毒霸2006\KAVIPC2.DLL]& [Kingsoft Corporation, , 20]& & [F:\金山毒霸2006\KAConfig.DLL]& [Kingsoft Corporation, , 39]& & [F:\金山毒霸2006\FiltList.dll]& [N/A, N/A]& & [F:\金山毒霸2006\KAVPassp.DLL]& [Kingsoft Corporation, , 270]& & [F:\金山毒霸2006\KASocket.dll]& [Kingsoft Corporation, , 233]& & [F:\金山毒霸2006\KMailOEBand.dll]& [Kingsoft Corporation, , 132][PID: 3840][F:\金山毒霸2006\KMailMon.EXE]& [Kingsoft Corporation, , 942]& & [F:\金山毒霸2006\KAntiSpm.dll]& [Kingsoft Corporation, , 104]& & [F:\金山毒霸2006\KAVIPC2.DLL]& [Kingsoft Corporation, , 20]& & [F:\金山毒霸2006\KAECall2.DLL]& [Kingsoft Corporation, , 7]& & [F:\金山毒霸2006\KAEPlat.DLL]& [Kingsoft Corp., , 60]& & [F:\金山毒霸2006\KAEMem.DAT]& [Kingsoft, , 16]& & [F:\金山毒霸2006\KAEUnpack.DAT]& [Kingsoft Corp., , 69]& & [F:\金山毒霸2006\KAConfig.DLL]& [Kingsoft Corporation, , 39]& & [F:\金山毒霸2006\KASocket.dll]& [Kingsoft Corporation, , 233]& & [F:\金山毒霸2006\KMailOEBand.dll]& [Kingsoft Corporation, , 132][PID: 3128][C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe]& [Google Inc., 1, 2, 908, 5008]& & [F:\金山毒霸2006\KMailOEBand.dll]& [Kingsoft Corporation, , 132]& & [F:\金山毒霸2006\KASocket.dll]& [Kingsoft Corporation, , 233]& & [C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\res_zh-CN.dll]& [Google Inc., 1, 2, 908, 5008]& & [C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\swg.dll]& [Google Inc., 1, 2, 908, 5008][PID: 2576][F:\超级兔子\MagicSet\srck.exe]& [Super Rabbit Soft, 7.84]& & [F:\金山毒霸2006\KMailOEBand.dll]& [Kingsoft Corporation, , 132]& & [F:\金山毒霸2006\KASocket.dll]& [Kingsoft Corporation, , 233]& & [F:\超级兔子\MagicSet\shlobj71.ocx]& [Sky Software (), 7, 1, 0, 0]& & [F:\超级兔子\MagicSet\fldrvw71.ocx]& [Sky Software (), 7, 1, 0, 0][PID: 3556][C:\WINDOWS\system32\spoolsv.exe]& [Microsoft Corporation, 5.1. (xpsp_sp2_gdr.9)][PID: 2340][C:\Program Files\Messenger\msmsgs.exe]& [Microsoft Corporation, 4.7.3001]& & [F:\金山毒霸2006\KMailOEBand.dll]& [Kingsoft Corporation, , 132]& & [F:\金山毒霸2006\KASocket.dll]& [Kingsoft Corporation, , 233][PID: 2776][F:\SREng2\SREng.EXE]& [Smallfrogs Studio, 2.3.13.690]& & [F:\金山毒霸2006\KMailOEBand.dll]& [Kingsoft Corporation, , 132]& & [F:\金山毒霸2006\KASocket.dll]& [Kingsoft Corporation, , 233]==================================文件关联.TXT& OK. [%SystemRoot%\system32\NOTEPAD.EXE %1].EXE& OK. ["%1" %*].COM& OK. ["%1" %*].PIF& OK. ["%1" %*].REG& OK. [regedit.exe "%1"].BAT& OK. ["%1" %*].SCR& OK. ["%1" /S].CHM& OK. ["C:\WINDOWS\hh.exe" %1].HLP& OK. [%SystemRoot%\system32\winhlp32.exe %1].INI& OK. [%SystemRoot%\system32\NOTEPAD.EXE %1].INF& OK. [%SystemRoot%\system32\NOTEPAD.EXE %1].VBS& OK. [%SystemRoot%\System32\WScript.exe "%1" %*].JS&
OK. [%SystemRoot%\System32\WScript.exe "%1" %*].LNK& OK. [{0-}]==================================Winsock 提供者N/A==================================Autorun.infN/A==================================HOSTS 文件127.0.0.1& & &
localhost==================================API HOOK警告！System Repair Engineer 提醒你下面的函数内容与预期值不符，他们可能被一些恶意的软件所修改：入口点错误：LoadLibraryExW==================================[/CODE]
初生襁褓狮
好了贴完了，帮看下
横据古稀狮
运行SREng2,使用“启动项目”－－注册表－－删除C:\WINDOWS\temp\sd151.exe运行(双击)SRENG2，点“启动项目，服务，点“驱动程序”勾选“隐藏微软服务”选中病毒服务10023484625 hk hjieiciccdnprotvisvug90 ndjojmsqmx ，选择“删除服务”点“设置”选择“否”重启按F８进入安全模式下显示隐藏文件删除： SystemRoot\system32\drivers\hjieicic.sysSystemRoot\System32\drivers\100234.sys\SystemRoot\System32\drivers\84625.sysC:\WINDOWS\temp\sd151.exeC:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hkcum可疑文件C:\WINDOWS\system32\tssoft32.acmC:\WINDOWS\system32\tsd32.dll:\WINDOWS\system32\sl_anet.acmC:\WINDOWS\system32\iac25_32.axC:\WINDOWS\system32\l3codeca.acm
威望：17287
1&&/&&1&&页
跳转 0 ? parseInt(this.value) : 1) + '.aspx';}else{window.location='showtopic.aspx?topicid=8243591&page=' + (parseInt(this.value) > 0 ? parseInt(this.value) : 1) ;}}"" size="4" maxlength="9"
class="colorblue2"/>页
论坛跳转...
热点专题 &&瑞星安全云 &&瑞星ESM（瑞星下一代网络版杀毒软件） &&瑞星杀毒软件网络版 &&瑞星杀毒软件 && &&瑞星杀毒软件V16+ && && &&V16+新引擎测试专区 && &&瑞星全功能安全软件 && &&瑞星杀毒软件2011 &&瑞星安全联盟论坛 &&瑞星个人防火墙V16 && &&广告过滤 && &&瑞星个人防火墙2011 && &&北方区 && &&华东区 && &&华南区 && &&木马入侵拦截有奖体验专区 && &&瑞星2009版查杀引擎测试 && &&瑞星2009测试版问题反馈 && && &&瑞星杀毒软件2009公测 && && &&瑞星个人防火墙2009公测 && && &&瑞星全功能安全软件2009公测瑞星产品求助区 &&瑞星路由安全卫士 && &&路由系统内核漏洞 &&瑞星安全随身WiFi &&瑞星手机安全助手 &&APP保镖 &&瑞星安全浏览器 &&瑞星其他产品 && &&瑞星安全助手 && && &&卡卡上网安全助手 && &&瑞星WiFi助手 && &&瑞星软件管家 && &&瑞星加密盘 && &&账号保险柜5.0 && &&瑞星专业数据恢复技术交流区 &&反病毒/反流氓软件论坛 && &&菜鸟学堂 && &&安全技术讨论 &&可疑文件交流 &&恶意网站交流 && &&瑞星云安全网站联盟专版 && &&每日网马播报 &&入侵防御（HIPS） &&系统软件 && &&防火墙自定义规则 &&硬件交流综合娱乐区 &&Rising茶馆 &&影音贴图 &&瑞星安全游戏 && &&凡人修真 && &&华人德州扑克 && &&一球成名 && &&星际世界 && &&神仙道 && &&赢家竞技 && &&梦幻飞仙 && &&三国演义 && &&仙落凡尘 && &&秦美人 && &&攻城掠地 && &&女神联盟 && &&风云无双 && &&傲视九重天 && &&深渊 && &&魅影传说 && &&热血屠龙 && &&雷霆之怒 && &&大天使之剑 && &&传奇霸业 && &&无上神兵 &&活动专区 && &&瑞星积分商城 && &&实习生专区 && && &&实习生交流区 && && && &&实习生签到区 && && &&实习生考核区 && &&“安全之狮”校园行活动专版 && &&历史活动 && && &&论坛9周年活动专区 && && &&关注灾情 同心抗灾本站站务区 &&站务 &&版主之家[限] && &&禁言禁访记录 &&待审核 &&瑞星客户俱乐部[限]