数百个 rundll32.exe 进程同时运行,导致计算机死机

数百个 rundll32.exe 进程同时运行,导致计算机死机

最近,我注意到我的电脑速度越来越慢,直到完全冻结,只允许鼠标移动,而不允许其他交互(直到最后,有时鼠标也会冻结)。环顾四周,我注意到当大量 rundll32.exe 进程突然同时激活时会发生这种情况。这通常发生在启动后几分钟,但是,有时根本不会发生。

经过大量研究,我认定这是一种病毒,于是使用防病毒软件 (Immunet) 和 Malwarebytes 进行了全面扫描,并隔离了发现的所有威胁。然而,问题仍然存在。我还运行了 sfc 扫描,但无法修复某些文件。失败的输出如下:

Cannot repair member file [l:28{14}]"iassdo.dll.mui" of Microsoft-Windows-Networking-Internet_Authentication_Service_Iassdo.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
Cannot repair member file [l:28{14}]"iassdo.dll.mui" of Microsoft-Windows-Networking-Internet_Authentication_Service_Iassdo.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
This component was referenced by [l:266{133}]"Microsoft-Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
Could not reproject corrupted file [ml:60{30},l:58{29}]"\??\C:\Windows\SysWOW64\en-US"\[l:28{14}]"iassdo.dll.mui"; source file in store is also corrupted
Cannot repair member file [l:28{14}]"iassdo.dll.mui" of Microsoft-Windows-Networking-Internet_Authentication_Service_Iassdo.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
Cannot repair member file [l:28{14}]"iassdo.dll.mui" of Microsoft-Windows-Networking-Internet_Authentication_Service_Iassdo.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
This component was referenced by [l:266{133}]"Microsoft-Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
Could not reproject corrupted file [ml:60{30},l:58{29}]"\??\C:\Windows\SysWOW64\en-US"\[l:28{14}]"iassdo.dll.mui"; source file in store is also corrupted

我不知道这是否有帮助,所以我想我最好发布它。

这是任务管理器的图片。每个进程也运行大约相同数量的内存,这也让我相信这是一个病毒。任务管理器

因此,我想知道在我必须全新安装 Windows 之前,是否有任何已知或潜在的修复方法?我宁愿先尝试所有选项,然后再这样做。谢谢。

答案1

首先,您需要确定它是病毒还是错误。有不同的方法,但我的选择是检查 rundll.exe 是否是您的“原始 Windows”文件:

  • 单击(任意)rundll任务,选择属性并检查以下内容是否正确:
  • 它应该位于此文件夹中:C:\Windows\System32
  • 它应该被称为:“rundll.exe”(就是这样!所以病毒喜欢通过将 L 替换为 1 来隐藏)

如果已经存在问题,则很可能是感染了病毒。如果没有,我们需要进一步调查。

请更新您的备份以避免潜在的数据丢失!

答案2

将命令行列添加到任务管理器并查找正在执行的内容,它可能会给您一个提示,在我的情况下,它是一个坏的 Nvidia 驱动程序,无法与“Sandboxie”应用程序很好地通信,我不得不重新安装它。 在此处输入图片描述

相关内容