CPU开机后一直偏高不知如何造成?下面是资料.
- 2007-03-20,12:50:06
- System Repair Engineer 2.3.13.690
- Smallfrogs (http://www.KZTechs.com)
- Windows XP Professional Service Pack 2 (Build 2600)
- - 管理权限用户 - 完整功能
- 以下内容被选中:
- 所有的启动项目(包括注册表、启动文件夹、服务等)
- 浏览器加载项
- 正在运行的进程(包括进程模块信息)
- 文件关联
- Winsock 提供者
- Autorun.inf
- HOSTS 文件
- 启动项目
- 注册表
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
- <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
- [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
- <load><> [N/A]
- <run><> [N/A]
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
- <CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32> [北京三七二一科技有限公司]
- <wallpaper><c:\windows\system32\壁纸自动换.exe> [N/A]
- <CorelDRAW Graphics Suite 11b><C:\Program Files\Corel\Corel Graphics 12\Languages\CS\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=032707 serial=DR12CNM-8360416-CFY lang=CS> [Corel Corporation]
- <InsertImage><C:\Program Files\!Sunv\DFVCD2003\InsertImage.exe> [N/A]
- <kav><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"> [Kaspersky Lab]
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
- <shell><Explorer.exe> [(Verified)Microsoft Corporation]
- <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
- <AppInit_DLLs><> [N/A]
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
- <UIHost><logonui.exe> [(Verified)Microsoft Corporation]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
- <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\cnshook.dll> [北京三七二一科技有限公司]
- <{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\ASSIST~1\yclickon.dll> [N/A]
- <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><D:\工具\AVG\AVG Anti-Spyware 7.5\shellexecutehook.dll> [Anti-Malware Development a.s.]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
- <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll> [Kaspersky Lab]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
- <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
- <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [N/A]
- <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [N/A]
- ==================================
- 启动文件夹
- [Adobe Gamma Loader]
- <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
- ==================================
- 服务
- [AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
- <D:\工具\AVG\AVG Anti-Spyware 7.5\guard.exe><Anti-Malware Development a.s.>
- [卡巴斯基反病毒6.0 / AVP][Running/Auto Start]
- <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
- [Human Interface Device Access / HidServ][Stopped/Disabled]
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
- [PnpWMmng / PnpWMmng][Running/Auto Start]
- <D:\工具\SafeUninst2007\PnpWMmng.exe><完美卸载组件>
- ==================================
- 驱动程序
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
- <system32\drivers\ac97intc.sys><Intel Corporation>
- [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
- <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
- [AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
- <\??\D:\工具\AVG\AVG Anti-Spyware 7.5\guard.sys><N/A>
- [AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
- <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
- [CnsMinKP / CnsMinKP][Running/Boot Start]
- <\SystemRoot\system32\drivers\CnsMinKP.sys><Copyright (C) 3721 Corporation.>
- [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
- <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
- [VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Running/Manual Start]
- <system32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.>
- [kl1 / kl1][Running/Boot Start]
- <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
- [klif / klif][Running/System Start]
- <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
- [npkcrypt / npkcrypt][Running/Auto Start]
- <\??\C:\Program Files\QQ2006\npkcrypt.sys><INCA Internet Co., Ltd.>
- [nv / nv][Stopped/Manual Start]
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
- [ogshjj / ogshjj][Running/Boot Start]
- <\SystemRoot\\SystemRoot\System32\drivers\ogshjj.sys><N/A>
- [PnpWmkDrv / PnpWmkDrv][Stopped/System Start]
- <\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys><N/A>
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
- [S3SavageNB / S3SavageNB][Running/Manual Start]
- <system32\DRIVERS\s3gnbm.sys><S3 Graphics, Inc.>
- [Secdrv / Secdrv][Stopped/Manual Start]
- <system32\DRIVERS\secdrv.sys><N/A>
- [TCP/IP Protocol Driver / Tcpip][Running/System Start]
- <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
- [ViaIde / ViaIde][Running/Boot Start]
- <\SystemRoot\system32\DRIVERS\viaidexp.sys><VIA Technologies, Inc.>
- [VIA AC'97 Audio Controller (WDM) / VIAudio][Running/Manual Start]
- <system32\drivers\viaudio.sys><VIA Technologies, Inc.>
- [R2A / R2A][Stopped/Disabled]
- <\??\C:\WINDOWS\system32a2.sys><N/A>
- ==================================
- 浏览器加载项
- [CnsHook Class]
- {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\cnshook.dll, 北京三七二一科技有限公司>
- [Web反病毒保护]
- {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll, Kaspersky Lab>
- [Yahoo 3.5G电邮]
- {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
- [名品折扣]
- {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
- [雅虎助手]
- {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
- [雅虎WIDGET]
- {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
- [信息检索(&R)]
- {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
- [情景聊天]
- {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
- []
- {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
- []
- {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
- [Windows Genuine Advantage Validation Tool]
- {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
- [Microsoft Web 浏览器]
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
- [CnsHook Class]
- {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\cnshook.dll, 北京三七二一科技有限公司>
- [Shockwave Flash Object]
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9a.ocx, Adobe Systems, Inc.>
- [使用迅雷下载]
- <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
- [使用迅雷下载全部链接]
- <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
- [导出到 Microsoft Office Excel(&X)]
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
- [添加到雅虎收藏+]
- <http://myweb.cn.yahoo.com/post.html?F=D2_A, N/A>
- [用比特精灵下载(&B)]
- <D:\工具\比特精灵(BitSpirit)_V3.2.2.215\bsurl.htm, N/A>
- ==================================
- 正在运行的进程
- [PID: 612][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [PID: 676][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [PID: 700][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [C:\WINDOWS\system32\klogon.dll] [Kaspersky Lab, 6.0.0.299]
- [PID: 744][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [PID: 756][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [PID: 912][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [PID: 1012][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [PID: 1148][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [PID: 1192][D:\工具\SafeUninst2007\PnpWMmng.exe] [完美卸载组件, 5.1.2600.2937 ]
- [PID: 1276][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [PID: 1396][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [PID: 1516][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
- [C:\WINDOWS\DOWNLO~1\cnshook.dll] [北京三七二一科技有限公司, 2.5.0.3]
- [C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 2, 5, 0, 6]
- [D:\工具\AVG\AVG Anti-Spyware 7.5\shellexecutehook.dll] [Anti-Malware Development a.s., 7, 5, 0, 47]
- [PID: 1676][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
- [PID: 1944][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
- [PID: 1924][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [PID: 408][C:\WINDOWS\system32\Rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 2, 5, 0, 6]
- [PID: 552][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 2, 5, 0, 6]
- [PID: 3708][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
- [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll] [Kaspersky Lab, 1.0.6.299]
- [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll] [Kaspersky Lab, 6.0.0.299]
- [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll] [Kaspersky Lab, 6.0.0.299]
- [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll] [Kaspersky Lab, 6.0.0.299]
- [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl] [Kaspersky Lab, 6.0.0.304]
- [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl] [Kaspersky Lab, 6.0.0.299]
- [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl] [Kaspersky Lab, 6.0.0.299]
- [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl] [Kaspersky Lab, 6.0.0.299]
- [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl] [Kaspersky Lab, 6.0.0.299]
- [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl] [Kaspersky Lab, 6.0.0.299]
- [PID: 1704][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- [PID: 2376][D:\工具\新建文件夹\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
- [C:\WINDOWS\DOWNLO~1\CnsMin.dll] [北京三七二一科技有限公司, 2, 5, 0, 6]
- ==================================
- 文件关联
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
- .EXE OK. ["%1" %*]
- .COM OK. ["%1" %*]
- .PIF OK. ["%1" %*]
- .REG OK. [regedit.exe "%1"]
- .BAT OK. ["%1" %*]
- .SCR OK. ["%1" /S]
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
- .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
- ==================================
- Winsock 提供者
- N/A
- ==================================
- Autorun.inf
- N/A
- ==================================
- HOSTS 文件
- 127.0.0.1 localhost
- ==================================
- API HOOK
- 警告!System Repair Engineer 提醒
- 你下面的函数内容与预期值不符,他
- 们可能被一些恶意的软件所修改:
- RVA 错误: LoadLibraryA
- RVA 错误: LoadLibraryExA
- RVA 错误: LoadLibraryExW
- RVA 错误: LoadLibraryW
- ==================================
**************以下分析报告由SREngLog分析助手提供******************
根据SREng扫描日志请按照如下步骤,尝试删除和修复
1.建议使用XDelBox删除以下文件(若有*.sys文件不推荐抑制再生打勾):(XDelBox下载)
2.删除重启后使用SREng修复下面各项:
**************以上分析报告由SREngLog分析助手提供******************
分析:草莽书生
时间:2007-3-20
SREngLog分析助手 1.0 Beta |
发表于 2007-3-20 13:14:11
楼主
啊~不知该如何设置啊~请赐教详细步骤~