收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 国外杀毒软件 ESET(NOD32) 开QQ时nod32的CPU占用率很高!
12
返回列表 发新帖
楼主: zjx1986
 收起左侧

开QQ时nod32的CPU占用率很高!

[复制链接]
zjx1986
 楼主| 发表于 2007-6-10 12:37:19 | 显示全部楼层

SRE扫描报告(1)

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <!1_ProcessGuard_Startup><"C:\pgfree(进程保护伞)\procguard.exe" -minimize>  []
    <Internat.exe><Internat.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <!1_pgaccount><"C:\pgfree(进程保护伞)\pgaccount.exe">  []
    <nod32kui><"C:\Eset\nod32kui.exe" /WAITSERVICE>  [Eset ]
    <Windows Defender><"C:\Program Files\Windows Defender\MSASCui.exe" -hide>  [(Verified)Microsoft Corporation]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}><C:\PROGRA~1\WINDOW~4\MpShHook.dll>  [(Verified)Microsoft Corporation]
==================================
启动文件夹
N/A
==================================
服务
[DiamondCS Process Guard Service v3.000 / DCSPGSRV][Running/Auto Start]
  <"C:\pgfree(进程保护伞)\dcsuserprot.exe"><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NOD32 Kernel Service / NOD32krn][Running/Auto Start]
  <"C:\Eset\nod32krn.exe"><Eset>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Manual Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Stopped/Manual Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[VMware Authorization Service / VMAuthdService][Stopped/Manual Start]
  <C:\VMware\VMware Workstation\vmware-authd.exe><VMware, Inc.>
[VMware DHCP Service / VMnetDHCP][Stopped/Manual Start]
  <C:\WINDOWS\system32\vmnetdhcp.exe><VMware, Inc.>
[VMware Virtual Mount Manager Extended / vmount2][Stopped/Manual Start]
  <"C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe"><VMware, Inc.>
[VMware NAT Service / VMware NAT Service][Stopped/Manual Start]
  <C:\WINDOWS\system32\vmnat.exe><VMware, Inc.>
==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS][Stopped/Manual Start]
  <system32\drivers\ALCXSENS.SYS><N/A>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMON / AMON][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\amon.sys><Eset>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[HelloNet PPPoE 虚拟网卡 / BRPPPOE][Running/Manual Start]
  <system32\DRIVERS\brpppoe.sys><N/A>
[VMware hcmon / hcmon][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\hcmon.sys><VMware, Inc.>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[MSJDrvr / MSJDrvr][Running/System Start]
  <system32\drivers\MSJDrvr.sys><N/A>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\E:\即用软件\QQ2005\npkcrypt.sys><N/A>
[procguard / procguard][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\procguard.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\R8139n51.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[VMware Virtual Ethernet Adapter Driver / VMnetAdapter][Running/Manual Start]
  <system32\DRIVERS\vmnetadapter.sys><VMware, Inc.>
[VMware Bridge Protocol / VMnetBridge][Running/Auto Start]
  <system32\DRIVERS\vmnetbridge.sys><VMware, Inc.>
[VMware Network Application Interface / VMnetuserif][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\vmnetuserif.sys><VMware, Inc.>
[VMware VMparport / VMparport][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\VMparport.sys><VMware, Inc.>
[VMware vmx86 / vmx86][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\vmx86.sys><VMware, Inc.>
[Vstor2 Virtual Storage Driver / vstor2][Running/Auto Start]
  <\??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys><VMware, Inc.>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Stopped/System Start]
  <system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Stopped/Manual Start]
  <system32\drivers\ialmkchw.sys><Intel Corporation>
回复

举报

zjx1986
 楼主| 发表于 2007-6-10 12:39:04 | 显示全部楼层

SRE扫描报告(2)

浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\Thunder5.6.1.292NoAD\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {A9930D96-9CF0-42A0-A10D-4F28836579D5} <D:\Thunder5.6.1.292NoAD\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <D:\酷狗\KuGoo3DownXControl.ocx, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, N/A>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Thunder5.6.1.292NoAD\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[Thunder Browser Helper]
  {A9930D96-9CF0-42A0-A10D-4F28836579D5} <D:\Thunder5.6.1.292NoAD\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <D:\酷狗\KuGoo3DownXControl.ocx, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[使用迅雷下载]
  <D:\Thunder5.6.1.292NoAD\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Thunder5.6.1.292NoAD\Thunder\Program\getallurl.htm, N/A>
==================================
正在运行的进程
[PID: 668][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 732][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 756][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 800][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 812][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_imon.dll]  [N/A, ]
[PID: 972][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1032][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_imon.dll]  [N/A, ]
[PID: 1612][C:\Program Files\Windows Defender\MsMpEng.exe]  [Microsoft Corporation, 1.1.1593.0]
    [C:\Program Files\Windows Defender\MpSvc.dll]  [Microsoft Corporation, 1.1.1593.0]
    [C:\Program Files\Windows Defender\MpClient.dll]  [Microsoft Corporation, 1.1.1593.0]
    [C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{C76AAD1B-9BE4-43F0-82BA-C029747B5818}\mpengine.dll]  [Microsoft Corporation, 1.1.2503.0]
    [C:\Program Files\Windows Defender\mprtplug.dll]  [Microsoft Corporation, 1.1.1593.0]
[PID: 1652][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_imon.dll]  [N/A, ]
[PID: 1840][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1904][C:\pgfree(进程保护伞)\dcsuserprot.exe]  [N/A, ]
[PID: 980][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\WINDOW~4\MpShHook.dll]  [Microsoft Corporation, 1.1.1593.0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Eset\nodshex.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmext.dll]  [Revenger inc., 1.2.1.2]
    [C:\加密软件\1.6.1\AxCrypt.dll]  [Axantum Software AB, 1, 6, 1, 0]
    [D:\Thunder5.6.1.292NoAD\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 17]
[PID: 1500][C:\pgfree(进程保护伞)\pgaccount.exe]  [N/A, ]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
[PID: 1520][C:\Eset\nod32kui.exe]  [Eset , 2, 51, 26 ]
    [C:\Eset\nod32rui.dll]  [N/A, ]
    [C:\Eset\pu_amon.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_amon.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pu_dmon.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_dmon.dll]  [N/A, ]
    [C:\Eset\pu_emon.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_emon.dll]  [N/A, ]
    [C:\Eset\pu_imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_imon.dll]  [N/A, ]
    [C:\Eset\pu_nod32.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_nod32.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pu_upd.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_upd.dll]  [N/A, ]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
[PID: 1580][C:\Program Files\Windows Defender\MSASCui.exe]  [Microsoft Corporation, 1.1.1593.0]
    [C:\Program Files\Windows Defender\MpClient.dll]  [Microsoft Corporation, 1.1.1593.0]
    [C:\Program Files\Windows Defender\MsMpRes.dll]  [Microsoft Corporation, 1.1.1593.0]
    [C:\Program Files\Windows Defender\MpRtMon.DLL]  [Microsoft Corporation, 1.1.1593.0]
    [C:\Program Files\Windows Defender\MpAsDesc.dll]  [Microsoft Corporation, 1.1.1593.0]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
[PID: 116][C:\pgfree(进程保护伞)\procguard.exe]  [N/A, ]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
[PID: 212][C:\WINDOWS\system32\Internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
[PID: 1792][C:\Program Files\Rising\Rfw\rfwmain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72]
    [C:\Program Files\Rising\Rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [C:\Program Files\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [C:\Program Files\Rising\Rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [C:\Program Files\Rising\Rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
[PID: 620][D:\绿色软件\GreenBrowser\GB精简版\MyIE.exe]  [MoreQuick, 1, 0, 0, 0]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_imon.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\PROGRA~1\WINDOW~4\MpOAv.dll]  [Microsoft Corporation, 1.1.1593.0]
[PID: 1556][D:\千千静听\TTPlayer.exe]  [Alen Soft, 4, 6, 7, 0]
    [D:\千千静听\ttpcomm.dll]  [N/A, ]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [D:\千千静听\ttpres.dll]  [Alen Soft, 4, 6, 7, 0]
    [D:\千千静听\msdmo.dll]  [Microsoft Corporation, 6.03.01.0400]
    [D:\千千静听\Plugins\dsp_omx.dll]  [Octiv Inc., 1, 4, 1, 04]
    [D:\千千静听\AddIn\ttp_lrcsh.dll]  [N/A, ]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_imon.dll]  [N/A, ]
[PID: 1804][C:\Program Files\HelloNet\HNMainUI.exe]  [, 2, 3, 0, 1]
    [C:\Program Files\HelloNet\HNKernel.dll]  [HelloNet, 2.2.0.1]
    [C:\Program Files\HelloNet\HNUtils.dll]  [, 2, 2, 0, 1]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\Program Files\HelloNet\HNRes_0804.dll]  [, 2, 2, 0, 1]
    [C:\Program Files\HelloNet\plugins\Diagnose.dll]  [HelloNet, 2.2.0.1]
[PID: 1732][D:\QQ2007B1\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [D:\QQ2007B1\QQ\CoralAssist.dll]  [Coral Team, 5.0.0 build 20060829]
    [D:\QQ2007B1\QQ\CoralQQ.dll]  [Coral Team, 5.0 Build 20070215]
    [D:\QQ2007B1\QQ\kql.dll]  [Coral Team, 5.0.0 build 20070111]
    [D:\QQ2007B1\QQ\mfc42.dll]  [Microsoft Corporation, 6.00.8665.0]
    [D:\QQ2007B1\QQ\ipsearcher.dll]  [, 1.0.0.4]
    [D:\QQ2007B1\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\BasicCtrlDll.dll]  [Tencent, 7, 0, 101, 80]
    [D:\QQ2007B1\QQ\NoDisturbFilter.cqx]  [Coral Team, 1.0]
    [D:\QQ2007B1\QQ\ConfigHotkey.cqx]  [Coral Team, 1.0]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [D:\QQ2007B1\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [D:\QQ2007B1\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [D:\QQ2007B1\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [D:\QQ2007B1\QQ\AutoReconnect.cqx]  [Coral Team, 1.0.0]
    [D:\QQ2007B1\QQ\LoginCtrl.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\LoginCtrlRes.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\QQMainFrame.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\CQQApplication.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\CoralHotkey.cqx]  [Coral Team, 1.0]
    [D:\QQ2007B1\QQ\QQKnowledgeSearch.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_imon.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\QQAllInOne.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\GroupLive.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [D:\QQ2007B1\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\QQ2007B1\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\QQ2007B1\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\QQ2007B1\QQ\QQAvatar.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\QQSysMsgMng.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\QQPlugin.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [D:\QQ2007B1\QQ\QRingMng.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [D:\QQ2007B1\QQ\QQCustomFace.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\BQQApplication.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [D:\QQ2007B1\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 280]
    [D:\QQ2007B1\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [D:\QQ2007B1\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\QQ2007B1\QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\QQ2007B1\QQ\QQMagicFace.dll]  [, 1, 0, 0, 1]
    [D:\QQ2007B1\QQ\QQSceneMng.dll]  [N/A, ]
    [D:\QQ2007B1\QQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [D:\QQ2007B1\QQ\QQPhoneHelper.dll]  [腾讯科技(深圳)有限公司, 2, 1, 9, 93]
    [D:\QQ2007B1\QQ\QQZip.dll]  [tencent, 0, 3, 2, 4]
    [C:\WINDOWS\system32\UNISPIM5.IME]  [北京紫光华宇软件股份有限公司, 5.0.0.5076]
    [D:\QQ2007B1\QQ\QQFileTransfer.dll]  [Tencent, 0, 3, 3, 5]
[PID: 1900][C:\Program Files\Lenovo\幸福一键通\Kbdriver.exe]  [N/A, ]
    [C:\Program Files\Lenovo\幸福一键通\lxkeyled.dll]  [N/A, ]
    [C:\Program Files\Lenovo\幸福一键通\VolumeOsd.dll]  [N/A, ]
    [C:\Program Files\Lenovo\幸福一键通\ScrOSD32.dll]  [N/A, ]
    [C:\Program Files\Lenovo\幸福一键通\tgekb.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\Program Files\Lenovo\幸福一键通\XPNyGet.dll]  [N/A, ]
[PID: 2384][C:\WINDOWS\system32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
[PID: 2652][C:\Documents and Settings\Administrator\桌面\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 51, 26 ]
    [C:\Eset\pr_imon.dll]  [N/A, ]
==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
NOD32 protected [MSAFD Tcpip [TCP/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [UDP/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [RAW/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP UDP Service Provider]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP TCP Service Provider]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1       localhost
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================

[/CODE]
回复

举报

傻猪猪米走鸡
发表于 2007-6-10 13:02:36 | 显示全部楼层
怎么我无这些情况?
回复

举报

leoyeun
发表于 2007-6-10 14:02:29 | 显示全部楼层
把一些没什么用的启动项全部删除
你运行的进程太多了

[ 本帖最后由 leoyeun 于 2007-6-10 14:04 编辑 ]
回复

举报

xffsfy
发表于 2007-6-10 15:47:57 | 显示全部楼层
没看出可疑的来...
回复

举报

hj5abc
发表于 2007-6-10 17:30:56 | 显示全部楼层
没什么呀..
可能是兼容不好吧.. 瑞星墙,NOD32,Windows Defender 好像还有个什么进程保护伞?
还有,你的Q加载太多东西了,不用珊瑚虫,不知道会不会和NOD32产生影响,象IPSearcher什么的可能会占用一些带宽...
在你QQ时又不怎么浏览网页时就关掉IMON吧..
回复

举报

zjx1986
 楼主| 发表于 2007-6-11 18:52:13 | 显示全部楼层

回复16楼

我试了,还是不行。开QQ后,前十分钟nod32的CPU占用率仍是很高!
回复

举报

hj5abc
发表于 2007-6-11 21:04:51 | 显示全部楼层
原帖由 zjx1986 于 2007-6-11 18:52 发表
我试了,还是不行。开QQ后,前十分钟nod32的CPU占用率仍是很高!

那你就在AMON设置里把这个主文件夹设为排除吧..
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-24 08:34 , Processed in 0.092624 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表