瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】CPU使用率100%,高手过来帮忙看看,附日志

1   1  /  1  页   跳转

[求助] 【求助】CPU使用率100%,高手过来帮忙看看,附日志

收藏
冰激凌想你
头像
初生襁褓狮
  • 帖子:67
  • 注册: 2007-05-04
  • 来自:
发表于: 2008-06-10 20:20 | 只看楼主 短消息 资料
字号: 1楼

【求助】CPU使用率100%,高手过来帮忙看看,附日志

[CODE]

2008-06-10,20:17:37

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <MsnMsgr><"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background>  [(Verified)Microsoft Corporation]
    <WangWang><F:\下载\WangWang\WangWang.exe>  [(Verified)"Alibaba Software(Shanghai)Co,. Ltd"]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <switch><c:\windows\system32\壁纸自动换.exe>  []
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <RavTask><"F:\下载\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
    <!AVG Anti-Spyware><"F:\下载\AVG Anti-Spyware 7.5\avgas.exe" /minimized>  [(Verified)GRISOFT LTD]
    <Sys_Update><rundll32.exe C:\WINDOWS\System32\WmpUpdate.dll CheckUpdate>  [N/A]
    <QuickTime Task><"f:\下载\会声会影9.0简体中文版\qttask.exe" -atboottime>  [N/A]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [(Verified)"RealNetworks, Inc."]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><ieprot.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]

==================================
启动文件夹
[QQ游戏启动加速程序]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> E:\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
[彩虹QQ显IP]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\彩虹QQ显IP.lnk --> F:\下载\qq2008\彩虹QQ\CaiHong.exe [N/A]><N>

==================================
服务
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
  <F:\下载\AVG Anti-Spyware 7.5\guard.exe><GRISOFT s.r.o.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"F:\下载\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"F:\下载\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
  <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
  <"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><Microsoft Corporation>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  <\??\F:\下载\AVG Anti-Spyware 7.5\guard.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[Broadcom 802.11网络适配卡驱动程序 / BCM43XX][Stopped/Manual Start]
  <system32\DRIVERS\bcmwl5.sys><Broadcom Corporation>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[HSFHWICH / HSFHWICH][Running/Manual Start]
  <system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP][Running/Manual Start]
  <system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[mdmxsdk / mdmxsdk][Running/Auto Start]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[winachsf / winachsf][Running/Manual Start]
  <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <F:\下载\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[RealPlayer Download and Record Plugin for Internet Explorer]
  {3049C3E9-B461-4BC5-8870-4C09146192CA} <C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, RealPlayer>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\下载\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Windows Live 登录帮助程序]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <F:\下载\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[IE搜索工具条]
  {BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[PhotoDraw Class]
  {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} <F:\下载\qq2008\Qzone\QQPhotoDraw.dll, TENCENT>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[Plugin Class]
  {6FE2FC9F-1203-4688-8764-2D2314579F84} <C:\WINDOWS\Downloaded Program Files\JerquePlug.dll, >
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[Submit Class]
  {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} <C:\WINDOWS\Downloaded Program Files\safeInput4jh.dll, Beijing eChannels Century Technology Co.,Ltd>
[KooPlayer Control]
  {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\DOWNLO~1\CCTVKO~1.OCX, Koos>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <F:\下载\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[RealPlayer Download and Record Plugin for Internet Explorer]
  {3049C3E9-B461-4BC5-8870-4C09146192CA} <C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, RealPlayer>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\下载\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Windows Live 登录帮助程序]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[使用迅雷下载]
  <F:\下载\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <F:\下载\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0(Compatible Mozilla/4.0(Compatible-EmbeddedWB 14.59 http://bsalsa.com/ EmbeddedWB- 14.59  from: http://bsalsa.com/ ; (R1 1.6); MAXTHON 2.0)
分享到:
gototop
 
冰激凌想你
头像
初生襁褓狮
  • 帖子:67
  • 注册: 2007-05-04
  • 来自:
发表于: 2008-06-10 20:22 | 只看楼主 短消息 资料
字号: 2楼

回复:【求助】CPU使用率100%,高手过来帮忙看看,附日志

正在运行的进程
[PID: 388 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 640 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 664 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 712 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 724 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 872 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 952 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1040 / SYSTEM][F:\下载\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.28]
[PID: 1076 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wups2.dll]  [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 1144 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1264 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1348 / SYSTEM][F:\下载\RISING\RAV\ravmond.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.76]
    [F:\下载\RISING\RAV\BWList.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.4]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [F:\下载\RISING\RAV\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [F:\下载\RISING\RAV\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [F:\下载\RISING\RAV\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.34]
    [F:\下载\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [F:\下载\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [F:\下载\RISING\RAV\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [F:\下载\RISING\RAV\Hooksys.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 9]
    [F:\下载\RISING\RAV\HookReg.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 4]
    [F:\下载\RISING\RAV\HookNtos.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
    [F:\下载\RISING\RAV\rswalmon.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]
    [F:\下载\RISING\RAV\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39]
    [F:\下载\RISING\RAV\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [F:\下载\RISING\RAV\ffr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]
    [F:\下载\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.8]
    [F:\下载\RISING\RAV\HookCont.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]
    [F:\下载\Rising\Rav\fakescan.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.13]
    [F:\下载\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.36]
    [F:\下载\RISING\RAV\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [F:\下载\RISING\RAV\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [F:\下载\RISING\RAV\extfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
    [F:\下载\RISING\RAV\pearc.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
    [F:\下载\RISING\RAV\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.2]
    [F:\下载\RISING\RAV\nvfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
    [F:\下载\RISING\RAV\scanexec.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [F:\下载\RISING\RAV\unexe.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [F:\下载\RISING\RAV\scanex.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 75]
    [F:\下载\RISING\RAV\scanpack.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [F:\下载\RISING\RAV\revm.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
    [F:\下载\RISING\RAV\urutils.dll]  [, 20, 0, 0, 6]
    [F:\下载\RISING\RAV\ur000.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
    [F:\下载\RISING\RAV\scansct.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
gototop
 
冰激凌想你
头像
初生襁褓狮
  • 帖子:67
  • 注册: 2007-05-04
  • 来自:
发表于: 2008-06-10 20:23 | 只看楼主 短消息 资料
字号: 3楼

回复:【求助】CPU使用率100%,高手过来帮忙看看,附日志

[F:\下载\RISING\RAV\scriptci.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [F:\下载\RISING\RAV\ur001.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [F:\下载\RISING\RAV\uroutine.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [F:\下载\RISING\RAV\ur023.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 1]
    [F:\下载\RISING\RAV\extmail.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
[PID: 1488 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
[PID: 1944 / SYSTEM][F:\下载\RISING\RAV\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.9]
    [F:\下载\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [F:\下载\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [F:\下载\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[PID: 252 / SYSTEM][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe]  [Ulead Systems, Inc., 1, 0, 0, 4]
[PID: 300 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
[PID: 1292 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
[PID: 1304 / Administrator][C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe]  [Microsoft Corporation, 8.5.1302.1018]
    [C:\Program Files\Windows Live\Messenger\MSNCore.dll]  [Microsoft Corporation, 8.5.1302.1018]
    [C:\Program Files\Windows Live\Messenger\msidcrl40.dll]  [Microsoft Corporation, 4.100.313.1]
    [C:\Program Files\Windows Live\Messenger\ContactsUX.dll]  [Microsoft Corporation, 8.5.1302.1018]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\Program Files\Windows Live\Messenger\msgslang.8.5.1302.1018.dll]  [Microsoft Corporation, 8.5.1302.1018]
    [C:\Program Files\Windows Live\Messenger\msgsres.dll]  [Microsoft Corporation, 8.5.1302.1018]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
    [C:\Program Files\Windows Live\Messenger\MSGSWCAM.dll]  [Microsoft Corporation, 8.5.1302.1018]
    [C:\WINDOWS\system32\sirenacm.dll]  [Microsoft Corporation, 8.5.1302.1018]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Windows Live\Messenger\lmcdata.dll]  [Microsoft Corporation, 8.5.1302.1018]
    [C:\Program Files\Windows Live\Messenger\abssm.dll]  [Microsoft Corporation, 8.5.1302.1018]
    [C:\Program Files\Windows Live\Messenger\custsat.dll]  [Microsoft Corporation, 9.0.3790.2428 (srv03_sp1_qfe.050422-1043)]
    [F:\下载\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[PID: 116 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
[PID: 1260 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RtkBtMnt.EXE]  [Realtek Semiconductor Corp., 1.0.0.4]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2492 / Administrator][E:\QQGAME\Accel.exe]  [深圳市腾讯计算机系统有限公司, 2, 0, 103, 5]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\MAPI32.dll]  [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
    [E:\QQGAME\Common\Utility.dll]  [N/A, ]
    [E:\QQGAME\Tenio\TenFact.dll]  [Tencent, 07.1.01.001]
    [E:\QQGAME\Tenio\TenHall.dll]  [Tencent, 07.1.01.001]
[PID: 976 / Administrator][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
[PID: 2852 / Administrator][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [F:\下载\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [F:\下载\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [F:\下载\Thunder\Components\ResWorker\DsBho_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [F:\下载\Thunder\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [F:\下载\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [F:\下载\AVG Anti-Spyware 7.5\context.dll]  [GRISOFT s.r.o., 7, 5, 1, 36]
    [C:\WINDOWS\system32\shlhook.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.9]
[PID: 1900 / Administrator][F:\方正证券\fzwmb.exe]  [上海核新软件技术有限公司, 2007, 3, 16, 0]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [F:\方正证券\RICHED20.dll]  [Microsoft Corporation, 5.30.23.1205]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
[PID: 3240 / Administrator][F:\方正证券\zxt.exe]  [上海核新软件技术有限公司, 2006, 10, 16, 1]
    [F:\方正证券\sqlite30.dll]  [上海核新软件技术有限公司, 2005, 5, 12, 0]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [F:\方正证券\RICHEDTW.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [F:\方正证券\RICHED20.dll]  [Microsoft Corporation, 5.30.23.1205]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
[PID: 3980 / Administrator][F:\方正证券\zdsj.exe]  [上海核新软件技术有限公司, 2007, 3, 16, 0]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [F:\方正证券\RICHED20.dll]  [Microsoft Corporation, 5.30.23.1205]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
[PID: 1904 / Administrator][F:\下载\遨游\Maxthon2\Maxthon.exe]  [Maxthon International ltd., 2, 1, 0, 2082]
    [F:\下载\遨游\Maxthon2\mxpp.dll]  [Maxthon International ltd., 1, 0, 0, 107]
    [F:\下载\遨游\Maxthon2\MxSk.dll]  [Maxthon, 1, 0, 0, 351]
    [F:\下载\遨游\Maxthon2\MxProxy2.dll]  [Maxthon International ltd., 1, 0, 0, 4030]
    [F:\下载\遨游\Maxthon2\MxExt.dll]  [N/A, ]
    [F:\下载\遨游\Maxthon2\MxUI.dll]  [Maxthon International, 3, 2, 2, 16]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
[PID: 2184 / Administrator][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
[PID: 1920 / Administrator][F:\下载\qq2008\QQ.exe]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQBaseClassInDll.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQHelperDll.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\BasicCtrlDll.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [F:\下载\qq2008\MSIMG32.dll]  [N/A, ]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
    [F:\下载\qq2008\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\下载\qq2008\彩虹QQ\CaiHong.dll]  [N/A, ]
    [F:\下载\qq2008\彩虹QQ\Reporter.dll]  [N/A, ]
    [F:\下载\qq2008\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [F:\下载\qq2008\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [F:\下载\qq2008\QQAPI.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\LoginCtrl.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\LoginCtrlRes.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQRes.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\WizardCtrl.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQMainFrame.dll]  [N/A, ]
    [F:\下载\qq2008\QQPlugin.dll]  [N/A, ]
    [F:\下载\qq2008\UnReadMsgMgr.dll]  [N/A, ]
    [F:\下载\qq2008\CQQApplication.dll]  [N/A, ]
    [F:\下载\qq2008\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [F:\下载\qq2008\NewSkin.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\MailSummary.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [F:\下载\qq2008\QQAllInOne.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [F:\下载\qq2008\CameraDll.dll]  [TENCENT, 8,0,776,1805]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [F:\下载\qq2008\OEMApplication.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQKnowledgeSearch.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQGroupMng.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQPet.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQSpace.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\UserDefinedHead.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQConfigPlugin.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQCustomFace.dll]  [N/A, ]
    [F:\下载\qq2008\LongConnection.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QRingMng.dll]  [N/A, ]
    [F:\下载\qq2008\QQSysMsgMng.dll]  [N/A, ]
    [F:\下载\qq2008\QQLiveQMng.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQAvatar.dll]  [N/A, ]
    [F:\下载\qq2008\PhoneAPI.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [F:\下载\qq2008\GroupConnection.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\BQQApplication.dll]  [N/A, ]
    [F:\下载\qq2008\ImageOle.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [F:\下载\qq2008\QQMagicFace.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQSceneMng.dll]  [N/A, ]
    [F:\下载\qq2008\CommercesMng.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\PersonalDesktop.dll]  [TENCENT, 8,0,776,1805]
    [F:\下载\qq2008\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 330]
    [F:\下载\qq2008\AddrSearch.dll]  [腾讯科技(深圳)有限公司, 2, 2, 1, 15]
[PID: 236 / Administrator][F:\下载\遨游\Maxthon2\Maxthon.exe]  [Maxthon International ltd., 2, 1, 0, 2082]
    [F:\下载\遨游\Maxthon2\mxpp.dll]  [Maxthon International ltd., 1, 0, 0, 107]
    [F:\下载\遨游\Maxthon2\MxSk.dll]  [Maxthon, 1, 0, 0, 351]
    [F:\下载\遨游\Maxthon2\MxProxy2.dll]  [Maxthon International ltd., 1, 0, 0, 4030]
    [F:\下载\遨游\Maxthon2\MxExt.dll]  [N/A, ]
    [F:\下载\遨游\Maxthon2\MxUI.dll]  [Maxthon International, 3, 2, 2, 16]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
    [F:\下载\遨游\Maxthon2\mxtool.dll]  [, 1, 0, 0, 1]
    [F:\下载\遨游\Maxthon2\maxzlib.dll]  [, 1.2.3]
    [F:\下载\遨游\Maxthon2\mxfeedU.dll]  [, 1, 0, 45, 92]
    [F:\下载\遨游\Maxthon2\Modules\MxWebBoost\MxWebBoost.dll]  [Maxthon, 1,0,2,1187]
    [F:\下载\遨游\Maxthon2\mxdb.dll]  [Max, 3, 5, 3, 125]
    [F:\下载\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [F:\下载\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
[PID: 3128 / Administrator][F:\下载\Rising\Rav\RavMon.exe]  [Beijing Rising Technology Co., Ltd., 20.0.01.19]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [F:\下载\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [F:\下载\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [F:\下载\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [F:\下载\Rising\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39]
    [F:\下载\Rising\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [F:\下载\Rising\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [F:\下载\Rising\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [F:\下载\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [F:\下载\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [F:\下载\Rising\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [F:\下载\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
    [F:\下载\Rising\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 89]
    [F:\下载\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 3620 / Administrator][F:\下载\程序\系统日志\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\UNISPIM6.IME]  [北京紫光华宇软件股份有限公司, 6.1.0.6223]
    [F:\下载\程序\系统日志\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
0.0.0.0 182838.com
0.0.0.0 204.177.92.68
0.0.0.0 asiafriendfinder.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 www.jpbeauty.com
0.0.0.0 beautishow.com
0.0.0.0 goodmovies88.com
0.0.0.0 hothack.home.chinaren.com
0.0.0.0 hualiao.net
0.0.0.0 iplus.allyes.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
219.153.32.215 auto.search.msn.com

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1260, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\RTKBTMNT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1900, F:\方正证券\FZWMB.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3240, F:\方正证券\ZXT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3980, F:\方正证券\ZDSJ.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1904, F:\下载\遨游\MAXTHON2\MAXTHON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1904, F:\下载\遨游\MAXTHON2\MAXTHON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 236, F:\下载\遨游\MAXTHON2\MAXTHON.EXE]

==================================
API HOOK
入口点错误:NtCreateFile (危险等级: 高,  被下面模块所HOOK: 0x003C42B5)
入口点错误:NtWriteFile (危险等级: 高,  被下面模块所HOOK: 0x003C4355)
入口点错误:ZwCreateFile (危险等级: 高,  被下面模块所HOOK: 0x003C42B5)
入口点错误:ZwWriteFile (危险等级: 高,  被下面模块所HOOK: 0x003C4355)

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT