剩下的已打包发送

安全模式不行吗?

不行

请在dos下杀毒,但不知是否有用。我网盘上有瑞星18.07.02和江民12.25。

xp不带dos，我自己没有引导盘

【回复“天天泡泡”的帖子】
不好使，不管用

中止了1个与services.exe有关的服务，plug and play,好用，就是不能用usb接口

注意"imagepath"

实在解决不了，就上报瑞星吧

rocessPIDCPUDescriptionCompany Name
System Idle Process093.27
Interruptsn/aHardware Interrupts
DPCsn/aDeferred Procedure Calls
System40.96
  SMSS.EXE584Windows NT Session ManagerMicrosoft Corporation
  CSRSS.EXE652Client Server Runtime ProcessMicrosoft Corporation
  WINLOGON.EXE676Windows NT Logon ApplicationMicrosoft Corporation
    SERVICES.EXE7242.88Services and Controller appMicrosoft Corporation
    SVCHOST.EXE892Generic Host Process for Win32 ServicesMicrosoft Corporation
      TIMPlatform.exe184TIMPlatformtencent
    CCenter.exe992CCenterBeijing Rising Technology Co., Ltd.
    SVCHOST.EXE1008Generic Host Process for Win32 ServicesMicrosoft Corporation
    SVCHOST.EXE1216Generic Host Process for Win32 ServicesMicrosoft Corporation
    SVCHOST.EXE1248Generic Host Process for Win32 ServicesMicrosoft Corporation
    RavMonD.exe1260RavMondBeijing Rising Technology Co., Ltd.
      RavStub.exe1548Rising RavStubBeijing Rising Technology Co., Ltd.
    rfwsrv.exe1312Rising Personal FireWall ServiceBeijing Rising Technology Co., Ltd.
      RFWMAIN.EXE632Rising Personal FireWall Main ProgramBeijing Rising Technology Co., Ltd.
    SPOOLSV.EXE1624Spooler SubSystem AppMicrosoft Corporation
    ATI2EVXX.EXE1724
    SVCHOST.EXE1780Generic Host Process for Win32 ServicesMicrosoft Corporation
    LSASS.EXE736LSA Shell (Export Version)Microsoft Corporation
EXPLORER.EXE572Windows ExplorerMicrosoft Corporation
ATIPTAXX.EXE964ATI Desktop Control PanelATI Technologies, Inc.
SynTPLpr.exe972TouchPad Driver Helper ApplicationSynaptics, Inc.
SynTPEnh.exe980Synaptics TouchPad EnhancementsSynaptics, Inc.
RavTask.exe1028RavTimerBeijing Rising Technology Co., Ltd.
  RavMon.exe1072RavMonBeijing Rising Technology Co., Ltd.
  iexplore.exe1824Internet ExplorerMicrosoft Corporation
CTFMON.EXE1076CTF LoaderMicrosoft Corporation
MSMSGS.EXE1148MessengerMicrosoft Corporation
POWERPNT.EXE940
iexplore.exe196Internet ExplorerMicrosoft Corporation
regedit.exe636Registry EditorMicrosoft Corporation
procexp.exe16042.88Sysinternals Process ExplorerSysinternals
QQ.EXE524QQTENCENT

Process: SERVICES.EXE Pid: 724

TypeName
Desktop\Default
Directory\Windows
Directory\BaseNamedObjects
Directory\KnownDlls
Event\BaseNamedObjects\SC_AutoStartComplete
Event\BaseNamedObjects\SvcctrlStartEvent_A3752DX
Event\BaseNamedObjects\ScNetDrvMsg
Event\BaseNamedObjects\WBEM_ESS_OPEN_FOR_BUSINESS
Event\BaseNamedObjects\userenv:  User Profile setup event
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\scerpc
File\Device\NamedPipe\scerpc
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\net\NtControlPipe1
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\net\NtControlPipe2
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\net\NtControlPipe3
File\Device\NamedPipe\net\NtControlPipe0
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\net\NtControlPipe4
File\Device\NamedPipe\net\NtControlPipe5
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\net\NtControlPipe6
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\net\NtControlPipe7
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\net\NtControlPipe8
File\Device\NamedPipe\net\NtControlPipe9
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\net\NtControlPipe10
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\ntsvcs
File\Device\NamedPipe\ntsvcs
FileC:\WINDOWS\system32\
KeyHKLM\SYSTEM\ControlSet003\Control\NetworkProvider\Order
KeyHKLM\SYSTEM\ControlSet003\Control\ServiceGroupOrder
KeyHKLM
KeyHKLM\SYSTEM\ControlSet003\Control\ServiceCurrent
KeyHKU
KeyHKU\S-1-5-20
KeyHKU\S-1-5-19
KeyHKLM\SYSTEM\ControlSet003\Control\Nls\Locale
KeyHKLM\SYSTEM\ControlSet003\Control\Nls\Locale\Alternate Sorts
KeyHKLM\SYSTEM\ControlSet003\Control\Nls\Language Groups
KeyHKLM\SYSTEM\ControlSet003\Enum
KeyHKLM\SYSTEM\ControlSet003\Services
KeyHKLM\SYSTEM\ControlSet003\Control\Class
KeyHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage
KeyedEvent\KernelObjects\CritSecOutOfMemoryEvent
Mutant\BaseNamedObjects\ShimCacheMutex
Port\RPC Control\ntsvcs
ProcessSVCHOST.EXE(892)
ProcessCCenter.exe(992)
ProcessSVCHOST.EXE(1008)
ProcessSVCHOST.EXE(1216)
Process(1248)
ProcessRavMonD.exe(1260)
Process(1312)
Process(1624)
Process(1724)
ProcessSVCHOST.EXE(1780)
Section\BaseNamedObjects\ShimSharedMemory
ThreadSERVICES.EXE(724): 792
ThreadSERVICES.EXE(724): 800
ThreadSERVICES.EXE(724): 804
ThreadSERVICES.EXE(724): 868
ThreadSERVICES.EXE(724): 872
ThreadSERVICES.EXE(724): 876
ThreadSERVICES.EXE(724): 880
ThreadSERVICES.EXE(724): 864
ThreadSERVICES.EXE(724): 888
ThreadSERVICES.EXE(724): 1052
ThreadSERVICES.EXE(724): 1468
ThreadSERVICES.EXE(724): 2020
TokenNT AUTHORITY\NETWORK SERVICE
TokenNT AUTHORITY\LOCAL SERVICE
WindowStation\Windows\WindowStations\Service-0x0-3e7$
WindowStation\Windows\WindowStations\Service-0x0-3e7$