请问这个东西怎么杀?瑞星现在的版本17.50.42不能发现和查杀,金山能发现但是杀了后重新启动又会出现!请教高手这个怎么杀?
我系统启动10分或30分后就会出现这个提示框,然后系统的CPU使用情况100%(如果再运行其他的3D游戏的话)

瑞星老大我是瑞星用户啊要解决问题涩?

……什么都没有看到

自启动项
HKEY_LOCAL_MACHINE Software\Microsoft\Windows\Currentversion\Run
CnsMin = Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
RavTimer = E:\瑞星20~1\RAVTIMER.EXE
RavMon = E:\瑞星20~1\RAVMON.EXE -SYSTEM
RfwMain = "E:\瑞星2005版个人放火墙\rfwmain.exe" -Startup
PHIME2002ASync = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
IMSCMig = C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
IMJPMIG8.1 = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
BigDog303 = C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
POPO2004 =
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

HKEY_CURRENT_USER Software\Microsoft\Windows\Currentversion\Run
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
shell32.dll =
C:\WINDOWS\DOWNLO~1\CnsHook.dll=

HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
PostBootReminder = %SystemRoot%\system32\SHELL32.dll
CDBurn = %SystemRoot%\system32\SHELL32.dll
WebCheck = %SystemRoot%\system32\webcheck.dll
SysTray = C:\WINDOWS\system32\stobject.dll

HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
%SystemRoot%\system32\browseui.dll= Browseui 预加载程序
%SystemRoot%\system32\browseui.dll= 组件类别缓存程序


SYSTEM.INI BOOT SHELL Explorer.exe
SYSTEM.INI BOOT SCRNSAVE.EXE C:\WINDOWS\system32\scrnsave.scr


其他相关项
HKEY_LOCAL_MACHINE Software\Microsoft\Windows NT\CurrentVersion\Winlogon DefaultUserName ----> 管理员
HKEY_LOCAL_MACHINE Software\Microsoft\Windows NT\CurrentVersion\Winlogon AltDefaultUserName ----> 管理员
HKEY_LOCAL_MACHINE Software\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit ----> C:\WINDOWS\system32\userinit.exe,
HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs ----> C:\WINDOWS\system32\userinit.exe,
HKEY_USERS .Default\Software\Microsoft\Internet Explorer\Main start page ----> http://tomatolei.com/


Hosts
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

进程列表

[System Process]
System
E:\17173下载直通车\p2psvr.exe (Made by Sohu R&D)
C:\WINDOWS\VM303_STI.EXE (Made by Vimicro)

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
E:\瑞星2005版杀毒软件\Ravmond.exe
E:\瑞星2005版杀毒软件\RavStub.exe
e:\瑞星2005版个人放火墙\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
E:\瑞星2005版杀毒软件\CCENTER.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
E:\瑞星20~1\RAVTIMER.EXE
E:\瑞星20~1\RAVMON.EXE
E:\瑞星2005版个人放火墙\rfwmain.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
E:\瑞星20~1\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ntvdm.exe
E:\瑞星2005版杀毒软件\瑞星听诊器\RavDetect.exe

进程详细信息
"C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\DOWNLO~1\CnsHint.dll (made by 3721)
T$hPVh-
D$@BPV
T$hPVh-
D$@BPV
L$4RUh
T$@AQh
SUWjkP
D$(Sh!7
l$hVWU
D$0QPhE
D$4h!7
L$DPh@
u(PPPW
T$,PSQR
PPj1VW
D$Xj0PQ
T$$QRh
D$0h,#
L$0h,#
d$ h0#
9|$ tD
T$thT$
WjHjZV
D$,QVVWj
L$,SUWQ
T$,SUWR
T$Xj6QPj
L$hVQS
j6QPUUUW
j6QPUUUS
PSUWVQ
|$ VWSU
PVWSUQ
D$$RPVt
T$(QRVP
T$(QRVP
T$(QRVP
T$(QRVP
L$4RVPQ
jjjjjj
Software\Microsoft\Windows\CurrentVersion\Explorer
Software\Microsoft\Internet Explorer\TypedURLs
DeleteName
GetName
GetCount
CnsMinIO.dll
\CnsMinIO.dll
CLSID\{B83FC273-3522-4CC6-92EC-75CC86678DA4}\Inpro
Kernel32.dll
DeactivateActCtx
ActivateActCtx
Unicows.dll
FindActCtxSectionStringW
CreateActCtxW
GetModuleHandleExW
QueryActCtxW
HYPERLINK2
HYPERLINK1
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
Comctl32.dll
Software\Cn2004\Plugins
3721CnsBarProp
ObjectFromLresult
WM_HTML_GETOBJECT
OLEACC.DLL
Internet Explorer_Server
http://help.3721.com/activewlsm/usage.html
Software\3721\CnsMin
menuid
Combobox
tooltips_class32
ToolbarWindow32
CnsLeftBarCtrl
Shell DocObject View
CnsRightBarCtrl
RebarWindow32
iexplore.exe
EnableCustom
CnsEnable
SOFTWARE\Microsoft\Internet Explorer\Main
CnsTips
ToolBarwindow32
Address Band Root
FreeAll
GetPlusResource
cnsplus.dll
&type=z&act=info&fw=image&argse=image&ng=1
&type=z&act=info&fw=news3721&argse=news3721&ng=1
&type=z&act=info&fw=music3721&argse=music3721&ng=1
&type=z&act=info&fw=new3721&argse=new3721&ng=1
http://cns.3721.com/cns.dll?fw=cm2&name=%s&ff=%d&p
PlugUIText
@%s%s,-%d
cnshint.dll
UncheckedValue
CheckedValue
DefaultValue
ValueName
RegPath
HKeyRoot
checkbox
SOFTWARE\Microsoft\Internet Explorer\AdvancedOptio
1.5.0.6
CnsMin.dll
CLSID\%s\LocalServer32
3721home
SOFTWARE\3721\CnsMin
Partner
WebSearch
DefaultScope
DisplayName
Software\Microsoft\Internet Explorer\SearchScopes
&ei=UTF-8
InitCommonControlsEx
IEXPLORE.EXE,EXPLORER.EXE,NETSCAPE.EXE,NETSCP6.EXE
TTRAVE~1.EXE
TTRAVELER.EXE
ComboBox#32770ReBarWindoTencent_Tr
SSREADER.EXE
TComboBoxTToolBarTPanelTfmIEMDIClientTfrmSSRead
FASTBROWSER.EXE
TIEAddressTPanelTPanelTCoolBarTPanelTPanelTPanelTF
NHSC4.EXE
ComboBox#32770ReBarWindoAfx:400000
MYIE.EXE
ComboBoxComboBoxExToolbarWinReBarWindoAfx:400000
ComboBoxToolbarWinAfx:400000
NHBROWSER.EXE
ComboBoxComboBoxEx#32770ReBarWindoReBarWindoAfx:40
TBROWSER.EXE
ComboBoxComboBoxEx#32770ReBarWindoAfx:400000
WSBROWSER.EXE
TIEAddressTMyPanelTCoolBarTPanelTPanelTPanelTDFWS3
IWPS.EXE
ComboBoxAfx:400000AfxControlKSiWPSWndC
MSN6 WindoMSN6 Windo
TComboBoxTStatusBarTMainForm
TPathComboTMainForm
HAPPYWIN.EXE
TComboBoxTStatusBarTMainFormTApplicati
SINAPLUS.EXE
ComboBoxComboBoxEx#32770Afx:400000
3721WIN.EXE
ComboBox#32770Static
ComboBoxComboBoxExReBarWindoMyOfficeCl
TNCComboBoTToolBarTCoolBarTPanelTPanelTfrmMain
TNCComboBoTPanelTCoolBarTPanelTPanelTfrmMain
TComboBoxTPanelTCoolBarTPanelTPanelTfrmMain
NP.EXE
ComboBox#32770
ComboBox#32770NeoPlanetN
ComboBox#32770NeoPlanet2
ComboBox#32770OUIWINDOW
ComboBox#32770BrowserWinMDIClientOpera Main
OPERA.EXE
ComboBox#32770BLD_ObjWinMDIClientBLDOPERA
NETSCAPE.EXE
ComboBox#32770Afx:400000
ComboBox#32770Afx:400000Afx:400000Afx:400000
ComboBoxComboBoxExAddress BaReBarWindoWorkerWBrows
ComboBoxComboBoxExReBarWindoSizableRebIEFrame
ComboBoxComboBoxExReBarWindoWorkerWCabinetWCl
ComboBoxComboBoxExReBarWindoWorkerWExploreWCl
ComboBoxComboBoxExReBarWindoWorkerWIEFrame
ComboBoxComboBoxExReBarWindoWorkerAIEFrame
ComboBoxComboBoxExReBarWindoWorkerAExploreWCl
ComboBoxComboBoxExReBarWindoWorkerACabinetWCl
ComboBoxComboBoxExReBarWindoWorkerIEFrame
ComboBoxComboBoxExReBarWindoShell_Tray
ComboBoxComboBoxExReBarWindoWorkerExploreWCl
ComboBoxComboBoxExReBarWindoWorkerCabinetWCl
%s%s%s
ImageList_Draw
Rundll32
,WipeAddressDlg
wiper.dll
MsgBoxPicProp
AdressList
KeepKey
CNSList
CNSMenu
Software\3721\Assist
ETranslate
Software\Microsoft\Internet Explorer\Main
CNSHint
SOFTWARE\Microsoft\Internet Explorer\AdvancedOptio
%d.%d.%d.%d
HyperLinkControl
YahooBar
color:#%s; background:#%s
000000
FFFF00

' style='
Textedit
Character
nInprocServer32
CLSID\%s
{B83FC273-3522-4CC6-92EC-75CC86678DA4}
%s\cnsio.dll
1.0.2.5
1.5.1.0
http://assistant.3721.com
PicDlgProc
%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%s
Ms sans serif
ComboboxEx32
ShowGoButton
UxTheme.dll
EnableThemeDialogTexture
.?AV_com_error@@
.?AVtype_info@@
C:\WINDOWS\DOWNLO~1\
2Kernel32.dll
l???.???
Comctl32.dll


C:\WINDOWS\DOWNLO~1\cnsplus.dll (made by 3721)

t9HuAV
SS@SSPVSS
t#SSUP
t$$VSS
_^][YY
VWuBhxd
t.;t$$t(
VC20XC00U
PPPPPPPP
PPPPPPPP
C:\Program Files\Internet Explorer\iexplore.exe
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
((((((((((((((((((((((((((
((((( H


C:\WINDOWS\system32\xunleibho_v8.dll

8A|F9~
tkVWSS
addallurl
sendurl
--------------------------------------------------
--------------------------
---------------------------
Cookie
---------------------------
------------------------------
CCatchRightClick Create
thunder://
Software\Sandai Technologies Inc.\Thunder\Paramete
Software\Thunder Network\ThunderOem\thunder_backwn
Software\Sandai Technologies Inc.\ThunderOem
ThunderOemArray
Software\Thunder Network\ThunderOem
IsMiniVer
[yufeng]-------------------
----------------
-----------------
----------------
IsInvalid
UseDlaccel
Software\Sandai Technologies Inc.\ThunderOem\
Software\Thunder Network\ThunderOem\
Software\3721
yahoo_mini
mmst://
mms://
https://
http://
ftp://
Config_Monitor
IESuffixs
thunder.ini
Monitor
ExtendNames
.asf;.avi;.exe;.iso;.mp3;.mpeg;.mpga;.ra;.rar;.rm;
UserConfig.ini
MonitoringIE
MonitorIE
thunder_backwnd
thunder_backwnd
thunder_backwnd
TfrmCmdCenter
#32770
thunder_backwnd
CallThunder
#*05#*
#*04#*
#*03#*
#*02#*
#*01#*
bho exit
ThunderCatchRight Class
ThunderIEHelper Class
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
Xunleibho.CatchRightClick.1
CLSID\%s
Xunleibho.CatchRightClick.1\CLSID
\ProgID
CLSID\
Apartment
ThreadingModel
CLSID\%s\InprocServer32
.?AV_com_error@@
.?AVtype_info@@


E:\17173下载直通车\SoDAIE.dll (made by sohu.com)

L$4QWR
T$0RWh
T$ Rh@
D$X9L$T
t$89t$
T$89T$,t#
T$DME3
L$D_^]
t-_^]3
t"_^]3
D$HPRR
RPSQFVU
QRSPVU
RPSQVU
T$ ;T$
PQSRVGU
RPSQVU
RPSQVUG
RPSQVU
PQSRVUG
RPSQVU
RPSQVUG
RPSQVU
PQSRVUG
RPSQVU
L$$RSP
D$(SVPU
WQSVRU
tI_^][
D$ SVPU
PWQSVRU
PQSRWU
RPSQVU
PQSWVU
PQSWVU
PQSWVU
PQSWVU
PQSWVU
RPSQVUG
RPSWVU
++++++++
!!!"#"#$%&'()'*
>ERCPt
t!;L$(t
|!9\$$
T$ Rh|
D$$QPU
R(_^[]
L$,_^[
D$$PWh
D$8^[u%
L$@_^]d
M|PPPPPP
U|PPPPPPP
MxQPPPR
QSUVWh
QSUVWh
T$$RhL
t.;t$$t(
VC20XC00U
QQSVWd
HHt`HHt\
sVS;7|B;w
F,98uX
t!SS9]
btFHt+
QQSVW3
t#SSUP
t$$VSS
_^][YY
PPPPPPPP
PPPPPPPP
WWWWVSW
t2WWVPVSW
HHtjHHtF
jjjjjj
jjjjjjj
.?AVCAtlException@ATL@@
.?AVexception@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVtype_info@@
.?AVout_of_range@std@@
C:\Program Files\Internet Explorer\iexplore.exe
((((((((((((((((((((((((((
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
{0CD02091-E941-4C5E-B1BD-69735BF5D664}


C:\PROGRA~1\yisou\yisoub.dll

Apartment
ThreadingModel
CLSID\%s
CLSID\%s\InprocServer32
Interface
TypeLib
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
%%%2.2X
Internet Explorer_Server
{115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5}
Software\3721\yisou
yisoub.dll
1.1.2.4
{EF1D17A9-089F-40cc-8D64-7324CDEBA0DB}
DragSearch
selsearch
Software\Microsoft\Internet Explorer\Search
mailto:%s
mailto:
SetWindowTheme
UxTheme.dll
DRAGWNDINFO
DragWnd
DragSearch_Main
ToolbarWindow32
http://www.yisou.com/search?source=client_bar_drag
http://www.yisou.com/search?source=client_bar_sdra
selsearchie
dragdrop
Software\YiSou
iexplore.exe
Delete
NoRemove
ForceRemove
.?AV_com_error@@
.?AVtype_info@@
SVWhd0
t;9{\v6
Y9C,u+
Yt&@WP
0SVWj0_3
C:\PROGRA~1\yisou\yisoub.dll
REGISTRY
Module
XAction


C:\WINDOWS\VM303_STI.EXE

C:\WINDOWS\VM303_STI.EXE (made by Vimicro)

HtHHur
L$ Qh\
T$(QRP
D$$_^][
uI_^][
UWUVh
H_^][Y
D$$RPj
H_^][Y
t.;t$$t(
T$ QRP
D$,SUV
D$LQURP
T$TPQRS
T$LPQRS
D$$QRP
T$0QRPWS
L$0RPQ
D$,PVU
L$$PSQVU
T$ RSUW
D$ _^]
HSUVWh
VC20XC00U
D$(PWSUQ
VPWSUQ
D$8QVRh
L$ RQP
+D$ _^][
D$TRVP
T$DQPR
L$ PQF
T$(SUVf
f9|$(w
9D$*u,9D$.
jjjjjj
SOFTWARE\ZSMC\USBCAMERA\ZC0303\BigDogPath
BIGDOG
BigDog301
SoundFile
Snapshot2
Snapshot1
MusicEnable
MyFileMappingObject
SOFTWARE\ZSMC\USBCAMERA\ZC0303\TWAIN
C:\WINDOWS\amcap.exe
C:\WINDOWS\VM303Cap.exe
((((((((((((((((((((((((((
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
C:\WINDOWS\VM303_STI.EXE
vid_0ac8
FriendlyName
Video Capture
((((( H
BigDog301
@device:pnp:\\?\usb#vid_0ac8&pid_303b#5&33492b58&0
amcap.exe
eM303Cap.exe


C:\WINDOWS\system32\VM303Prp.Ax (made by Vimicro)

T$dSRP
L$ PQh
D$LPPQ
T$8PQR
T$(jHQ
T$(jHQ
T$PQhH
L$PPhH
D$PPh
T$PRh
L$HWhH
T$HRh
D$$PVQRj
T$$RVP
L$HPhH
D$HRhH
D$HRhH
L$HQh
T$$RVj
L$HHPhH
T$HRh
L$$QVVRj
T$$RVj
T$HQhH
T$HQhH
t'Ht$Hu#


tRNt)NuL
D$(VhH
L$(Qh
L$(PhH
L$(PhH
D$(Ph
D$(JRhH
L$(Qh
L$(PhH
L$(PhH
L$(PhH
L$4PhH
L$4PhH
D$4RhH
L$4PhH
L$4PhH
L$4PhH
L$4PhH
T$4QhH
D$4Ph
L$4HPhH
T$4Rh
l$$VWU
T$,Rhh
L$$jHP
D$`jHQ
D$(jhR
Q,_^][
Q,_^][
R,_^][
R,_^][
R,_^]3
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
Q,_^][
D$ j(R
T$$j(Q
1AABBf
t&9t$@t
jjjjjjjh
OFTWARE\ZSMC\USBCAMERA\ZC0303\BigDogPath
Driver Page
WindowHandle
FrameWizard.exe
DriverPage.ini
\EffectResources\VM0303\
fail to Copy file.
MusicRelease
File is too big! please choose a small one
Vimicro
Please choose a music file for play
\VM303.mid
\VM303.wav
SoundFile
\HV7131B
\HV7121B
\TAS5130C
\TAS5110B
\CS2102
\CS2103
\OV7620
\OVCIF
\HDCS2020
\HDCS1020
\PB0330
\PB0111
\ICM105A
\ICM102A
\PAS202B
\PAS106B
Settings
Vertical
BandWidthAuto
GainAuto
WhiteBalanceAuto
ExposureAuto
Default
Flicker
Mirror
Exposure
FrameRate
ColorEnable
BackLight
WhiteBalance
Sharpness
Saturation
Contrast
Brightness
BandWidth
Software\ZSMC\USBCAMERA\ZC0303\CustomSettings
Software\ZSMC\USBCAMERA\ZC0303\DefaultSettings
WM_SETFRAME_CANCEL
WM_SETFRAME_OK
MusicEnable
ImagePara_%d
Image_Para
FrameName_%d
PhotoFrames
no *image.ini
Message
UserImage.ini
VMImage.ini
ImagePara_8
finished!
Feature Demo
\HV7131B
\HV7121B
\TAS5130C
\TAS5110B
\CS2102
\CS2103
\OV7620
\OVCIF
\HDCS2020
\HDCS1020
\PB0330
\PB0111
\ICM105A
\ICM102A
\PAS202B
\PAS106B
\UserImage.ini
\VMImage.ini
Service Pack 2
ZSMC BackDoor Property Page
ZSMC Custom Property Page


E:\17173下载直通车\p2psvr.exe

E:\17173下载直通车\p2psvr.exe (made by Sohu R&D) "

换卡爸上

给点建设性的意见涩各位