CPU老用到１００分之１００【原创】 bbs.ikaka.com

＂粉尘尐▓ - 2007-2-14 21:27:00

我的电脑刚买２个月
可是现在很卡
ＣＰＵ老用到１００分之１００
我只开了一个ＱＱ可是还是用到１００
防火墙显示我用了很多东西
我不知道怎么办
个位大虾
帮帮怎么处理谢谢
我的ＣＰＵ是ＡＭＤ
内存是５１２
集成显卡和声卡

超级游戏迷 - 2007-2-14 21:44:00

QQ是比较占资源，但搞成CPU占100%就不正常了！
情人节，当然电脑不能卡！
请楼主发一个全屏显示的“任务管理器”的“进程”选项卡截图，让论坛诸位朋友帮你分析分析！

＂粉尘尐▓ - 2007-2-14 22:20:00

就是这样啊
帮帮我谢谢类

附件: 8428442007214221130.bmp

心还在否 - 2007-2-14 22:21:00

楼主开了5个浏览器??

1糖果 - 2007-2-14 22:25:00

QQ中病毒了，卸载QQ，杀毒，再重装QQ。。。

tspopo - 2007-2-14 22:44:00

QQ升级至最新版本

＂粉尘尐▓ - 2007-2-14 22:52:00

就是这样的

附件: 8428442007214224324.bmp

終生學習 - 2007-2-14 23:01:00

引用:

【＂粉尘尐▓的贴子】就是这样的
………………

有一个威金啊，，，快杀毒啊

超级游戏迷 - 2007-2-14 23:04:00

您的进程中有一个“RUNDLI32.EXE”，是病毒，需要杀掉！！
PS：以后保存图片时请用JEPG格式保存，否则好难看到！

超级游戏迷 - 2007-2-14 23:07:00

引用:

【心还在否的贴子】楼主开了5个浏览器??
………………

您还少算了一个，共有6个IEXPLORE.EXE进程！

終生學習 - 2007-2-14 23:08:00

引用:

【超级游戏迷的贴子】您的进程中有一个“RUNDLI32.EXE”，是病毒，需要杀掉！！
PS：以后保存图片时请用JEPG格式保存，否则好难看到！
………………

你打错字了，，是rundl132.exe 而不是rundi32.exe

超级游戏迷 - 2007-2-14 23:13:00

另外，请楼主先从控制面板卸栽GOOGLE工具条（对应的就是那个GOOGLE TOOLBAR的进程）。用过那东东，感觉不怎么样，工具条留一个卡卡就行了，机器负担也轻些。

超级游戏迷 - 2007-2-14 23:15:00

引用:

【終生學習的贴子】
你打错字了，，是rundl132.exe 而不是rundi32.exe
………………

没错，是打错了。根本原因在于责任心还不够！谢谢批评....

終生學習 - 2007-2-14 23:18:00

引用:

【＂粉尘尐▓的贴子】我的电脑刚买２个月
可是现在很卡
ＣＰＵ老用到１００分之１００
我只开了一个ＱＱ可是还是用到１００
防火墙显示我用了很多东西
我不知道怎么办
个位大虾
帮帮怎么处理谢谢
我的ＣＰＵ是ＡＭＤ
内存是５１２
集成显卡和声卡
………………

集成显卡就已经很慢的了,如果是装XP的话那就更加慢了,,但是现在中了如果没估计错的话是威金病毒的话,那就慢上之慢了...

＂粉尘尐▓ - 2007-2-14 23:28:00

我杀Ｎ便拉
金威总杀不掉
我不知道金威怎么杀
这是我防火墙显示的信息

附件: 8428442007214231855.bmp

終生學習 - 2007-2-14 23:30:00

【回复“＂粉尘尐▓”的帖子】
用专杀,,
瑞星专杀,江民转杀,,,金山专杀,,
不过你扫个日志上来啊http://szcht.ys168.com系统工具里用SRENG来扫

超级游戏迷 - 2007-2-15 0:32:00

楼主顺便也把漏洞补丁打打，40个也太多了。现在漏洞补丁好象容易打了，最好在凌晨2：00后弄，很快.....
工欲善其事，必先利其器！

＂粉尘尐▓ - 2007-2-15 1:00:00

我不知道金威怎么杀
哪位大虾给个最新版瑞星金威专杀
谢谢

終生學習 - 2007-2-15 1:03:00

引用:

【＂粉尘尐▓的贴子】我不知道金威怎么杀
哪位大虾给个最新版瑞星金威专杀
谢谢
………………

不是叫你扫日值上来吗

＂粉尘尐▓ - 2007-2-15 2:08:00

谢谢提醒
大哥
我扫了
你没看到吗？
你的网站我也去类
那个扫日值
是把我机子的全部内容全发给你吗？

＂粉尘尐▓ - 2007-2-15 2:12:00

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
<ravtask><C:\Progra~1\Eset\rund1132.exe> [N/A]
<f9j7kwt7j5izj6z><C:\WINDOWS\iexpl0re.exe> [N/A]
<svc><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kwatlog.exe> [N/A]
<Skype><"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized> [(Verified)Skype Technologies S.A.]
<Yahoo! Pager><"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<22222222><C:\SysAd1\svchost.exe> [N/A]
<222222222><C:\SysAd2\svchost.exe> [N/A]
<2222222222><C:\SysAd3\svchost.exe> [N/A]
<33><C:\Syswm\svchost.exe> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<SoundMan><SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<nwiz><nwiz.exe /install> [N/A]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [NVIDIA Corporation]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [(Verified)RealNetworks, Inc.]
<load><C:\WINDOWS\uninstall\rundl132.exe> [N/A]
<upxdnd><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1.exe> [N/A]
<cmdbcs><C:\WINDOWS\cmdbcs.exe> [N/A]
<wsttr><C:\WINDOWS\wsttr.exe> [N/A]
<wsttrs><C:\WINDOWS\wsttrs.exe> [N/A]
<mys3><C:\WINDOWS\mys3.exe> [N/A]
<wgs3><C:\WINDOWS\wgs3.exe> [N/A]
<wms3><C:\WINDOWS\wms3.exe> [N/A]
<jts3><C:\WINDOWS\jts3.exe> [N/A]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<mhs3><C:\WINDOWS\mhs3.exe> [N/A]
<wls3><C:\WINDOWS\wls3.exe> [N/A]
<rxs3><C:\WINDOWS\rxs3.exe> [N/A]
<mppds><C:\WINDOWS\mppds.exe> [N/A]
<msccrt><C:\WINDOWS\msccrt.exe> [N/A]
<runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<twin><C:\WINDOWS\system32\twunk32.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Corporation]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
<{9C0CFA58-3A6F-51ba-9EFE-5320F4F621BA}><C:\WINDOWS\system32\bdscheca001.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Corporation]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Corporation]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Corporation]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Corporation]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Corporation]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Corporation]

＂粉尘尐▓ - 2007-2-15 2:14:00

启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[System Security / Relations]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\baywe.dll><Microsoft Corporation>
[Rising Proxy Service / RfwProxySrv]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[abp480n5 / abp480n5]
<C:\WINDOWS\SYSTEM32\DRIVERS\abp480n5.SYS><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
<system32\drivers\ac97intc.sys><Intel Corporation>
[aic78u2 / aic78u2]
<C:\WINDOWS\SYSTEM32\DRIVERS\aic78u2.SYS><Microsoft Corporation>
[aic78xx / aic78xx]
<C:\WINDOWS\SYSTEM32\DRIVERS\aic78xx.SYS><Microsoft Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMD K8 Processor Driver / AmdK8]
<System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[Rising TDI Base Driver / BaseTDI]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cd20xrnt / cd20xrnt]
<C:\WINDOWS\SYSTEM32\DRIVERS\cd20xrnt.SYS><Microsoft Corporation>
[EagleNT / EagleNT]
<\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[hegcfeeg / hegcfeeg]
<\SystemRoot\system32\drivers\hegcfeeg.sys><中国互联网络信息中心(CNNIC)>
[HookCont / HookCont]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
<\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[igbcxzhu / igbcxzhu]
<\SystemRoot\System32\DRIVERS\igbcxzhu.sys><Yahoo! China Corporation>
[MEMSCAN / MEMSCAN]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
<\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[mraid35x / mraid35x]
<C:\WINDOWS\SYSTEM32\DRIVERS\mraid35x.SYS><LSI Logic Corporation>
[Netgroup Packet Filter / NPF]
<system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\QQ2006\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvata / nvata]
<\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
[NVATABUS / NVATABUS]
<\SystemRoot\System32\DRIVERS\NVATABUS.SYS><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD]
<system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus]
<system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[nzuk / nzukl]
<\SystemRoot\System32\DRIVERS\nzukl.sys><N/A>
[pakamb / pakamb]
<\SystemRoot\\SystemRoot\System32\drivers\pakamb.sys><N/A>
[perc2 / perc2]
<C:\WINDOWS\SYSTEM32\DRIVERS\perc2.SYS><Adaptec, Inc.>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080]
<C:\WINDOWS\SYSTEM32\DRIVERS\ql1080.SYS><QLogic Corporation>
[Ql10wnt / Ql10wnt]
<C:\WINDOWS\SYSTEM32\DRIVERS\Ql10wnt.SYS><Microsoft Corporation>
[ql12160 / ql12160]
<C:\WINDOWS\SYSTEM32\DRIVERS\ql12160.SYS><QLogic Corporation>
[ql1240 / ql1240]
<C:\WINDOWS\SYSTEM32\DRIVERS\ql1240.SYS><Microsoft Corporation>
[ql1280 / ql1280]
<C:\WINDOWS\SYSTEM32\DRIVERS\ql1280.SYS><QLogic Corporation>
[RsAntiSpyware / RsAntiSpyware]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv]
<\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS]
<\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[Sparrow / Sparrow]
<C:\WINDOWS\SYSTEM32\DRIVERS\Sparrow.SYS><Adaptec, Inc.>
[symc810 / symc810]
<C:\WINDOWS\SYSTEM32\DRIVERS\symc810.SYS><Symbios Logic Inc.>
[symc8xx / symc8xx]
<C:\WINDOWS\SYSTEM32\DRIVERS\symc8xx.SYS><LSI Logic>
[sym_hi / sym_hi]
<C:\WINDOWS\SYSTEM32\DRIVERS\sym_hi.SYS><LSI Logic>
[sym_u3 / sym_u3]
<C:\WINDOWS\SYSTEM32\DRIVERS\sym_u3.SYS><LSI Logic>
[TCP/IP Protocol Driver / Tcpip]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[ultra / ultra]
<C:\WINDOWS\SYSTEM32\DRIVERS\ultra.SYS><Promise Technology, Inc.>

＂粉尘尐▓ - 2007-2-15 2:20:00

驱动程序
[abp480n5 / abp480n5]
<C:\WINDOWS\SYSTEM32\DRIVERS\abp480n5.SYS><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
<system32\drivers\ac97intc.sys><Intel Corporation>
[aic78u2 / aic78u2]
<C:\WINDOWS\SYSTEM32\DRIVERS\aic78u2.SYS><Microsoft Corporation>
[aic78xx / aic78xx]
<C:\WINDOWS\SYSTEM32\DRIVERS\aic78xx.SYS><Microsoft Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMD K8 Processor Driver / AmdK8]
<System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[Rising TDI Base Driver / BaseTDI]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cd20xrnt / cd20xrnt]
<C:\WINDOWS\SYSTEM32\DRIVERS\cd20xrnt.SYS><Microsoft Corporation>
[EagleNT / EagleNT]
<\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[hegcfeeg / hegcfeeg]
<\SystemRoot\system32\drivers\hegcfeeg.sys><中国互联网络信息中心(CNNIC)>
[HookCont / HookCont]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
<\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[igbcxzhu / igbcxzhu]
<\SystemRoot\System32\DRIVERS\igbcxzhu.sys><Yahoo! China Corporation>
[MEMSCAN / MEMSCAN]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
<\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[mraid35x / mraid35x]
<C:\WINDOWS\SYSTEM32\DRIVERS\mraid35x.SYS><LSI Logic Corporation>
[Netgroup Packet Filter / NPF]
<system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\QQ2006\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvata / nvata]
<\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
[NVATABUS / NVATABUS]
<\SystemRoot\System32\DRIVERS\NVATABUS.SYS><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD]
<system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus]
<system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[nzuk / nzukl]
<\SystemRoot\System32\DRIVERS\nzukl.sys><N/A>
[pakamb / pakamb]
<\SystemRoot\\SystemRoot\System32\drivers\pakamb.sys><N/A>
[perc2 / perc2]
<C:\WINDOWS\SYSTEM32\DRIVERS\perc2.SYS><Adaptec, Inc.>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080]
<C:\WINDOWS\SYSTEM32\DRIVERS\ql1080.SYS><QLogic Corporation>
[Ql10wnt / Ql10wnt]
<C:\WINDOWS\SYSTEM32\DRIVERS\Ql10wnt.SYS><Microsoft Corporation>
[ql12160 / ql12160]
<C:\WINDOWS\SYSTEM32\DRIVERS\ql12160.SYS><QLogic Corporation>
[ql1240 / ql1240]
<C:\WINDOWS\SYSTEM32\DRIVERS\ql1240.SYS><Microsoft Corporation>
[ql1280 / ql1280]
<C:\WINDOWS\SYSTEM32\DRIVERS\ql1280.SYS><QLogic Corporation>
[RsAntiSpyware / RsAntiSpyware]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv]
<\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS]
<\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[Sparrow / Sparrow]
<C:\WINDOWS\SYSTEM32\DRIVERS\Sparrow.SYS><Adaptec, Inc.>
[symc810 / symc810]
<C:\WINDOWS\SYSTEM32\DRIVERS\symc810.SYS><Symbios Logic Inc.>
[symc8xx / symc8xx]
<C:\WINDOWS\SYSTEM32\DRIVERS\symc8xx.SYS><LSI Logic>
[sym_hi / sym_hi]
<C:\WINDOWS\SYSTEM32\DRIVERS\sym_hi.SYS><LSI Logic>
[sym_u3 / sym_u3]
<C:\WINDOWS\SYSTEM32\DRIVERS\sym_u3.SYS><LSI Logic>
[TCP/IP Protocol Driver / Tcpip]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[ultra / ultra]
<C:\WINDOWS\SYSTEM32\DRIVERS\ultra.SYS><Promise Technology, Inc.>

終生學習 - 2007-2-15 3:50:00

我已经看到了，是威金，，，你从我的网站下载威金转杀啊。里面有3个转杀，你先用江民的，再用瑞星

終生學習 - 2007-2-15 3:53:00

病毒太多，即使能杀威金，但是其它病毒还是不能解决掉。。所以建议你叫人帮你重装系统，叫人帮你重装系统的时候，一定要叫帮你重装系统的那个人重新分区，否则病毒还是无法清除

ravtask><C:\Progra~1\Eset\rund1132.exe> [N/A]
<f9j7kwt7j5izj6z><C:\WINDOWS\iexpl0re.exe> [N/A]
<svc><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kwatlog.exe> [N/A]
<Yahoo! Pager><"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<22222222><C:\SysAd1\svchost.exe> [N/A]
<222222222><C:\SysAd2\svchost.exe> [N/A]
<2222222222><C:\SysAd3\svchost.exe> [N/A]
<33><C:\Syswm\svchost.exe> [N/A]
<load><C:\WINDOWS\uninstall\rundl132.exe> [N/A]
<upxdnd><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1.exe> [N/A]
<cmdbcs><C:\WINDOWS\cmdbcs.exe> [N/A]
<wsttr><C:\WINDOWS\wsttr.exe> [N/A]
<wsttrs><C:\WINDOWS\wsttrs.exe> [N/A]
<mys3><C:\WINDOWS\mys3.exe> [N/A]
<wgs3><C:\WINDOWS\wgs3.exe> [N/A]
<wms3><C:\WINDOWS\wms3.exe> [N/A]
<jts3><C:\WINDOWS\jts3.exe> [N/A]
<mhs3><C:\WINDOWS\mhs3.exe> [N/A]
<wls3><C:\WINDOWS\wls3.exe> [N/A]
<rxs3><C:\WINDOWS\rxs3.exe> [N/A]
<mppds><C:\WINDOWS\mppds.exe> [N/A]
<msccrt><C:\WINDOWS\msccrt.exe> [N/A]
<twin><C:\WINDOWS\system32\twunk32.exe> [Microsoft Corporation]

水漫金山 - 2007-2-15 9:29:00

病毒引起，没看RUNDLL32.EXE变成了RUNDL1.EXE了吗，小写的L和数字1看不出来。

＂粉尘尐▓ - 2007-2-15 20:56:00

谢谢大家？

瑞星卡卡安全论坛