Process    PID    CPU    Description    Company Name
System Idle Process    0    95.45       
Interrupts    n/a        Hardware Interrupts   
DPCs    n/a        Deferred Procedure Calls   
System    4           
  SMSS.EXE    564        Windows NT Session Manager    Microsoft Corporation
  CSRSS.EXE    640        Client Server Runtime Process    Microsoft Corporation
  WINLOGON.EXE    668        Windows NT Logon Application    Microsoft Corporation
    SERVICES.EXE    720    3.03    Services and Controller app    Microsoft Corporation
    ATI2EVXX.EXE    880        ATI External Event Utility EXE Module    ATI Technologies Inc.
    SVCHOST.EXE    892        Generic Host Process for Win32 Services    Microsoft Corporation
      TIMPlatform.exe    528        TIMPlatform    tencent
      AgentSvr.exe    3172        Microsoft Agent Server    Microsoft Corporation
    SVCHOST.EXE    972        Generic Host Process for Win32 Services    Microsoft Corporation
    SVCHOST.EXE    1068        Generic Host Process for Win32 Services    Microsoft Corporation
    SVCHOST.EXE    1124        Generic Host Process for Win32 Services    Microsoft Corporation
    SVCHOST.EXE    1280        Generic Host Process for Win32 Services    Microsoft Corporation
    SPOOLSV.EXE    1536        Spooler SubSystem App    Microsoft Corporation
    CCenter.exe    1772        CCenter    rising
    RavMonD.exe    1808        RavMon    Beijing Rising Technology Co., Ltd.
      RavStub.exe    456        Rising Rav Stub    Beijing Rising Technology Co., Ltd.
    SVCHOST.EXE    1924        Generic Host Process for Win32 Services    Microsoft Corporation
    ALG.EXE    644        Application Layer Gateway Service    Microsoft Corporation
    LSASS.EXE    732        LSA Shell (Export Version)    Microsoft Corporation
EXPLORER.EXE    1632        Windows Explorer    Microsoft Corporation
SysExplr.exe    1384           
RavMon.exe    1312        RavMon Rising realtime monitor     Beijing Rising Technology Co., Ltd.
RavTimer.exe    1392        RavTimer    Beijing Rising Technology Co., Ltd.
YLive.exe    1476        YLive    
yassistse.exe    1296        AssistSetting    Yahoo!
CTFMON.EXE    1432        CTF Loader    Microsoft Corporation
QQ.exe    1756        QQ    TENCENT
  QQPet.exe    252        QQ宠物    腾讯公司
iexplore.exe    2924        Internet Explorer    Microsoft Corporation
  Thunder.exe    3092            Thunder Networking Technologies,LTD
RsAgent.exe    2808        RsAgent Application    Beijing Rising Technology Co., Ltd.
procexp.exe    3348    1.52    Sysinternals Process Explorer    Sysinternals

Process:  Pid: 720

Type    Name
Desktop    \Default
Directory    \Windows
Directory    \BaseNamedObjects
Directory    \KnownDlls
Event    \BaseNamedObjects\DINPUTWINMM
Event    \BaseNamedObjects\SC_AutoStartComplete
Event    \BaseNamedObjects\SvcctrlStartEvent_A3752DX
Event    \BaseNamedObjects\ScNetDrvMsg
Event    \BaseNamedObjects\WBEM_ESS_OPEN_FOR_BUSINESS
Event    \BaseNamedObjects\PnP_No_Pending_Install_Events
Event    \BaseNamedObjects\userenv:  User Profile setup event
File    \Device\KsecDD
File    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
File    \Device\NamedPipe\ntsvcs
File    \Device\NamedPipe\ntsvcs
File    \Device\NamedPipe\scerpc
File    \Device\NamedPipe\scerpc
File    \Device\NamedPipe\net\NtControlPipe1
File    \Device\NamedPipe\net\NtControlPipe2
File    \Device\NamedPipe\net\NtControlPipe3
File    \Device\NamedPipe\net\NtControlPipe3
File    C:\WINDOWS\system32\config\AppEvent.Evt
File    C:\WINDOWS\system32\config\SecEvent.Evt
File    C:\WINDOWS\system32\config\SysEvent.Evt
File    \Device\NamedPipe\net\NtControlPipe4
File    \Device\NamedPipe\net\NtControlPipe5
File    \Device\NamedPipe\net\NtControlPipe0
File    \Device\NamedPipe\net\NtControlPipe6
File    \Device\NamedPipe\net\NtControlPipe7
File    \Device\NamedPipe\net\NtControlPipe8
File    \Device\NamedPipe\net\NtControlPipe11
File    \Device\NamedPipe\net\NtControlPipe10
File    \Device\NamedPipe\net\NtControlPipe12
File    \Device\NamedPipe\ntsvcs
File    \Device\NamedPipe\PIPE_EVENTROOT\CIMV2SCM EVENT PROVIDER
File    \Device\NamedPipe\net\NtControlPipe13
File    C:\WINDOWS\system32\
Key    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32
Key    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32
Key    HKLM\SYSTEM\ControlSet001\Control\NetworkProvider\Order
Key    HKLM
Key    HKLM\SYSTEM\ControlSet001\Control\ServiceGroupOrder
Key    HKU\S-1-5-19
Key    HKLM\SYSTEM\ControlSet001\Control\ServiceCurrent
Key    HKLM\SYSTEM\ControlSet001\Services\Eventlog
Key    HKLM\SYSTEM\ControlSet001\Control\ComputerName\ActiveComputerName
Key    HKU
Key    HKU\S-1-5-20
Key    HKU\.DEFAULT
Key    HKU\S-1-5-20
Key    HKLM\SYSTEM\ControlSet001\Control\Nls\Locale
Key    HKU\S-1-5-19
Key    HKLM\SYSTEM\ControlSet001\Control\Nls\Locale\Alternate Sorts
Key    HKLM\SYSTEM\ControlSet001\Control\Nls\Language Groups
Key    HKLM\SYSTEM\ControlSet001\Services
Key    HKLM\SYSTEM\ControlSet001\Enum
Key    HKLM\SYSTEM\ControlSet001\Control\Class
Key    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage
KeyedEvent    \KernelObjects\CritSecOutOfMemoryEvent
Mutant    \BaseNamedObjects\SHIMLIB_LOG_MUTEX
Mutant    \BaseNamedObjects\ShimCacheMutex
Mutant    \BaseNamedObjects\PnP_Init_Mutex
Port    \RPC Control\ntsvcs
Port    \ErrorLogPort
Process    (880)
Process    SVCHOST.EXE(892)
Process    SVCHOST.EXE(972)
Process    (1068)
Process    SVCHOST.EXE(1124)
Process    SVCHOST.EXE(1280)
Process    SPOOLSV.EXE(1536)
Process    CCenter.exe(1772)
Process    RavMonD.exe(1808)
Process    (1924)
Process    ALG.EXE(644)
Section    \BaseNamedObjects\ShimSharedMemory
Section    \BaseNamedObjects\mc2IInjT$2d0
Semaphore    \BaseNamedObjects\shell.{A48F1A32-A340-11D1-BC6B-00A0C90312E1}
Thread    (720): 784
Thread    (720): 792
Thread    (720): 796
Thread    (720): 860
Thread    (720): 864
Thread    (720): 868
Thread    (720): 876
Thread    (720): 852
Thread    (720): 908
Thread    (720): 960
Thread    (720): 1572
Thread    (720): 1140
Thread    (720): 1768
Thread    (720): 1892
Thread    (720): 1136
Thread    (720): 404
Thread    (720): 424
Thread    (720): 416
Token    NT AUTHORITY\NETWORK SERVICE
Token    NT AUTHORITY\LOCAL SERVICE
Token    NT AUTHORITY\NETWORK SERVICE
Token    0D4AFEEE17EB4C4\p
Token    NT AUTHORITY\LOCAL SERVICE
WindowStation    \Windows\WindowStations\Service-0x0-3e7$
WindowStation    \Windows\WindowStations\Service-0x0-3e7$
有病毒吗

ProcessPIDCPUDescriptionCompany Name
System Idle Process089.23
Interruptsn/a1.54Hardware Interrupts
DPCsn/a1.54Deferred Procedure Calls
System41.54
  SMSS.EXE564Windows NT Session ManagerMicrosoft Corporation
  CSRSS.EXE640Client Server Runtime ProcessMicrosoft Corporation
  WINLOGON.EXE668Windows NT Logon ApplicationMicrosoft Corporation
    SERVICES.EXE7201.54Services and Controller appMicrosoft Corporation
    ATI2EVXX.EXE880ATI External Event Utility EXE ModuleATI Technologies Inc.
    SVCHOST.EXE892Generic Host Process for Win32 ServicesMicrosoft Corporation
      TIMPlatform.exe528TIMPlatformtencent
      AgentSvr.exe3172Microsoft Agent ServerMicrosoft Corporation
    SVCHOST.EXE972Generic Host Process for Win32 ServicesMicrosoft Corporation
    SVCHOST.EXE1068Generic Host Process for Win32 ServicesMicrosoft Corporation
    SVCHOST.EXE1124Generic Host Process for Win32 ServicesMicrosoft Corporation
    SVCHOST.EXE1280Generic Host Process for Win32 ServicesMicrosoft Corporation
    SPOOLSV.EXE1536Spooler SubSystem AppMicrosoft Corporation
    CCenter.exe1772CCenterrising
    RavMonD.exe1808RavMonBeijing Rising Technology Co., Ltd.
      RavStub.exe456Rising Rav StubBeijing Rising Technology Co., Ltd.
    SVCHOST.EXE1924Generic Host Process for Win32 ServicesMicrosoft Corporation
    ALG.EXE644Application Layer Gateway ServiceMicrosoft Corporation
    LSASS.EXE732LSA Shell (Export Version)Microsoft Corporation
EXPLORER.EXE1632Windows ExplorerMicrosoft Corporation
SysExplr.exe1384
RavMon.exe1312RavMon Rising realtime monitor Beijing Rising Technology Co., Ltd.
  Rav.exe188Rising Antivirus Main exeBeijing Rising Technology Co., Ltd.
RavTimer.exe1392RavTimerBeijing Rising Technology Co., Ltd.
YLive.exe1476YLive
yassistse.exe1296AssistSettingYahoo!
CTFMON.EXE1432CTF LoaderMicrosoft Corporation
QQ.exe1756QQTENCENT
  QQPet.exe252QQ宠物腾讯公司
iexplore.exe2924Internet ExplorerMicrosoft Corporation
  Thunder.exe30921.54Thunder Networking Technologies,LTD
  WinRAR.exe2548
    procexp.exe32323.08Sysinternals Process ExplorerSysinternals
RsAgent.exe2808RsAgent ApplicationBeijing Rising Technology Co., Ltd.

Process: Procexp Pid: -2

TypeName

没人呀

不是procexp的日志

用Autoruns保存一个日志发上来
日志保存方法:选择File->Save菜单项
保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮)

工具的下载、使用参考http://forum.ikaka.com/topic.asp?board=28&artid=7318038

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ NeroFilterCheckNeroCheckAhead Software Gmbhc:\windows\system32\nerocheck.exe

+ RavMonRavMon Rising realtime monitor Beijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravmon.exe

+ RavTimerRavTimerBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravtimer.exe

+ SysExplrc:\herosoft\herov8\sysexplr.exe

+ yassistseAssistSettingYahoo!c:\program files\yahoo!\assistant\yassistse.exe

+ YLive.exeYLive c:\program files\yahoo!\assistant\ylive.exe

C:\Documents and Settings\p\「开始」菜单\程序\启动

+ 腾讯QQ.lnkQQTENCENTe:\tencent\qq\qq.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

+ Yahoo!PhotoyPhtbYahoo! Chinac:\program files\yahoo!\assistant\assist\yphtb.dll

+ 粉碎文件Wiper 动态链接库c:\program files\yahoo!\assistant\assist\ywiper.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ AntiFish Classyangling.dllYahoo.c:\program files\yahoo!\assistant\assist\yangling.dll

+ DragSearch BHODragSearchc:\program files\yahoo!\assistant\assist\ydragsearch.dll

+ Google Toolbar HelperGoogle IE 客户端工具栏Google Inc.c:\program files\google\googletoolbar1.dll

+ IeCatch2 Classjccatch ModuleAmaze Softc:\program files\flashget\jccatch.dll

+ QQBrowserHelperObject ClassQQIEHelper Module深圳市腾讯计算机系统有限公司e:\tencent\qq\qqiehelper.dll

+ ThunderIEHelper Classxunleibho BHOThunder Networking Technologies,LTDc:\windows\system32\xunleibho_v8.dll

+ Yahoo!PhotoyPhtbYahoo! Chinac:\program files\yahoo!\assistant\assist\yphtb.dll

+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll

HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks

+ coolbarToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ FlashGet BarFlashGet IE BarAmaze Softc:\program files\flashget\fgiebar.dll

+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll

HKLM\System\CurrentControlSet\Services

+ Ati HotKey PollerATI External Event Utility EXE ModuleATI Technologies Inc.c:\windows\system32\ati2evxx.exe

+ ATI SmartATI Smartc:\windows\system32\ati2sgag.exe

+ RsCCenterCCenterrisingc:\program files\rising\rav\ccenter.exe

+ RsRavMonRavMonBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravmond.exe

HKLM\System\CurrentControlSet\Services

+ ALCXWDMRealtek AC'97 Audio Driver (WDM)Realtek Semiconductor Corp.c:\windows\system32\drivers\alcxwdm.sys

+ ati2mtagATI Radeon WindowsNT Miniport DriverATI Technologies Inc.c:\windows\system32\drivers\ati2mtag.sys

+ BaseTDIbasetdiRisingc:\windows\system32\drivers\basetdi.sys

+ EagleNTFile not found: C:\WINDOWS\system32\drivers\EagleNT.sys

+ ExpScanerExpScan.sysc:\program files\rising\rav\expscan.sys

+ HookContTDI HOOK DriverRising tech Co. ltdc:\program files\rising\rav\hookcont.sys

+ HookRegc:\program files\rising\rav\hookreg.sys

+ HookSys瑞星c:\program files\rising\rav\hooksys.sys

+ New0File not found: C:\WINDOWS\system32\new.sys

+ npkcryptnProtect KeyCrypt DriverINCA Internet Co., Ltd.e:\tencent\qq\npkcrypt.sys

+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys

+ SecdrvSafeDisc driverc:\windows\system32\drivers\secdrv.sys

+ viamraidVIA RAID DRIVER FOR WIN 2000/XP/2003IA32VIA Technologies inc,.ltdc:\windows\system32\drivers\viamraid.sys

+ yukonwxpNDIS5.1 Miniport Driver for Marvell Yukon Ethernet ControllerMarvellc:\windows\system32\drivers\yk51x86.sys

+ zntportFile not found: C:\WINDOWS\system32\zntport.sys

+ ZSMC303Video streaming and Capture Device DriverVimicro Corporationc:\windows\system32\drivers\usbvm303.sys

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run           

+ NeroFilterCheck    NeroCheck    Ahead Software Gmbh    c:\windows\system32\nerocheck.exe

+ RavMon    RavMon Rising realtime monitor     Beijing Rising Technology Co., Ltd.    c:\program files\rising\rav\ravmon.exe

+ RavTimer    RavTimer    Beijing Rising Technology Co., Ltd.    c:\program files\rising\rav\ravtimer.exe

+ SysExplr            c:\herosoft\herov8\sysexplr.exe

+ yassistse    AssistSetting    Yahoo!    c:\program files\yahoo!\assistant\yassistse.exe

+ YLive.exe    YLive         c:\program files\yahoo!\assistant\ylive.exe

C:\Documents and Settings\p\「开始」菜单\程序\启动           

+ 腾讯QQ.lnk    QQ    TENCENT    e:\tencent\qq\qq.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ RISING    Rising Shell Ext Module    Beijing Rising Technology Co., Ltd.    c:\windows\system32\ravext.dll

+ Yahoo!Photo    yPhtb    Yahoo! China    c:\program files\yahoo!\assistant\assist\yphtb.dll

+ 粉碎文件    Wiper 动态链接库        c:\program files\yahoo!\assistant\assist\ywiper.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects           

+ AntiFish Class    yangling.dll    Yahoo.    c:\program files\yahoo!\assistant\assist\yangling.dll

+ DragSearch BHO    DragSearch        c:\program files\yahoo!\assistant\assist\ydragsearch.dll

+ Google Toolbar Helper    Google IE 客户端工具栏    Google Inc.    c:\program files\google\googletoolbar1.dll

+ IeCatch2 Class    jccatch Module    Amaze Soft    c:\program files\flashget\jccatch.dll

+ QQBrowserHelperObject Class    QQIEHelper Module    深圳市腾讯计算机系统有限公司    e:\tencent\qq\qqiehelper.dll

+ ThunderIEHelper Class    xunleibho BHO    Thunder Networking Technologies,LTD    c:\windows\system32\xunleibho_v8.dll

+ Yahoo!Photo    yPhtb    Yahoo! China    c:\program files\yahoo!\assistant\assist\yphtb.dll

+ 雅虎助手    ToolBar    Yahoo!    c:\program files\yahoo!\assistant\assist\yasbar.dll

HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks           

+ coolbar    ToolBar    Yahoo!    c:\program files\yahoo!\assistant\assist\yasbar.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar           

+ FlashGet Bar    FlashGet IE Bar    Amaze Soft    c:\program files\flashget\fgiebar.dll

+ 雅虎助手    ToolBar    Yahoo!    c:\program files\yahoo!\assistant\assist\yasbar.dll

HKLM\System\CurrentControlSet\Services           

+ Ati HotKey Poller    ATI External Event Utility EXE Module    ATI Technologies Inc.    c:\windows\system32\ati2evxx.exe

+ ATI Smart    ATI Smart        c:\windows\system32\ati2sgag.exe

+ RsCCenter    CCenter    rising    c:\program files\rising\rav\ccenter.exe

+ RsRavMon    RavMon    Beijing Rising Technology Co., Ltd.    c:\program files\rising\rav\ravmond.exe

HKLM\System\CurrentControlSet\Services           

+ ALCXWDM    Realtek AC'97 Audio Driver (WDM)    Realtek Semiconductor Corp.    c:\windows\system32\drivers\alcxwdm.sys

+ ati2mtag    ATI Radeon WindowsNT Miniport Driver    ATI Technologies Inc.    c:\windows\system32\drivers\ati2mtag.sys

+ BaseTDI    basetdi    Rising    c:\windows\system32\drivers\basetdi.sys

+ EagleNT            File not found: C:\WINDOWS\system32\drivers\EagleNT.sys

+ ExpScaner    ExpScan.sys        c:\program files\rising\rav\expscan.sys

+ HookCont    TDI HOOK Driver    Rising tech Co. ltd    c:\program files\rising\rav\hookcont.sys

+ HookReg            c:\program files\rising\rav\hookreg.sys

+ HookSys        瑞星    c:\program files\rising\rav\hooksys.sys

+ New0            File not found: C:\WINDOWS\system32\new.sys

+ npkcrypt    nProtect KeyCrypt Driver    INCA Internet Co., Ltd.    e:\tencent\qq\npkcrypt.sys

+ Ptilink    Direct Parallel Link Driver    Parallel Technologies, Inc.    c:\windows\system32\drivers\ptilink.sys

+ Secdrv    SafeDisc driver        c:\windows\system32\drivers\secdrv.sys

+ viamraid    VIA RAID DRIVER FOR WIN 2000/XP/2003IA32    VIA Technologies inc,.ltd    c:\windows\system32\drivers\viamraid.sys

+ yukonwxp    NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller    Marvell    c:\windows\system32\drivers\yk51x86.sys

+ zntport            File not found: C:\WINDOWS\system32\zntport.sys

+ ZSMC303    Video streaming and Capture Device Driver    Vimicro Corporation    c:\windows\system32\drivers\usbvm303.sys

没看出问题，还是昨天那个病毒吗，如果是有可能是街头篮球有问题。