风云小站 » 『 求助专区 』 » 一开机,rundll32.exe占用cpu50%..属于Administrator
本页主题: 一开机,rundll32.exe占用cpu50%..属于Administrator 打印 | 加为IE收藏 | 复制链接 | 收藏主题 | 上一主题 | 下一主题

杰哥哥
级别: 新手上路


精华: 0
发帖: 869
威望: 96 点
风云币: 2267 元
专家分: 0 分
论坛群: 雄霸天下
在线时间:171(小时)
注册时间:2007-01-29
最后登录:2017-02-21

 一开机,rundll32.exe占用cpu50%..属于Administrator

RT,请大家帮我看看。。机子本来很卡。刚开始我发现进程多了个update.exe.我把他结束了。。
重启完发现rundll32.exe占用了cpu50%。。
驱逐舰杀完毒,也用360扫了下。都没发现有什么不对啊。隔天发现系统进程有2个rundll32.exe一个不占用CPU,一个占用40~~50之间

360扫描报告:
各位高手:
非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
该诊断报告由360安全卫士提供 http://www.360safe.com
诊断时间: 2008-03-07  22:27:26
诊断平台: Microsoft Windows XP  Service Pack 2
IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180
计算机物理内存:2.00GB - 当前可用内存:901.92MB

100 - 未知 - Process: FYFireWall.exe [风云防火墙个人版] - C:\Program Files\FengYun\FYFireWall.exe
100 - 未知 - Process: stormliv.exe [暴风影音媒体控制中心] - C:\Program Files\StormII\stormliv.exe
100 - 未知 - Process: rundll32.exe [NVIDIA Display Properties Extension] - C:\WINDOWS\system32\rundll32.exe NVCPL.DLL,NvSetRmAcStatus 1
100 - 未知 - Process: Winrtm32.exe [Winrtm32] - C:\WINDOWS\system32\winrtm32.exe
100 - 未知 - Process: Game.exe [天龙八部] - G:\天龙八部\Bin\Game.exe -fl
100 - 未知 - Process: QQ.exe [QQ] - E:\软件\QQ2007DIY1030\Tencent\QQ.exe
100 - 未知 - Process: TIMPlatform.exe [TIMPlatform] - E:\软件\QQ2007DIY1030\Tencent\TIMPlatform.exe -Embedding
100 - 未知 - Process: QQ.exe [QQ] - E:\软件\QQ2007DIY1030\Tencent\QQ.exe
100 - 未知 - Process: P2POver.exe [P2POver Microsoft 基础类应用程序] - E:\软件\P2POver\P2POver.exe
100 - 未知 - Process: SpiderMl.exe [SpIDer Mail ? for Windows Workstation] - C:\Program Files\Virus Chaser\Spiderml.exe
100 - 未知 - Process: Game.exe [天龙八部] - G:\天龙八部\Bin\Game.exe -fl
O2 - 未知 - BHO: (ThunderAtOnce Class) - [迅雷浏览器高级特性支持模块] - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - E:\软件\Thunder-AyuConfig\Thunder\ComDlls\TDAtOnce_Now.dll
O4 - 未知 - HKLM\..\Run: [SkyTel] [Realtek Voice  Manager] SkyTel.EXE
O4 - 未知 - HKLM\..\Run: [FY_FireWall] [风云防火墙个人版] C:\Program Files\FengYun\FYFireWall.exe
O4 - 未知 - HKCU\..\Run: [DAEMON Tools Pro Agent] [DAEMON Tools Pro Tray Application] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O8 - 未知 - Extra context menu item: 使用迅雷下载 - E:\软件\Thunder-AyuConfig\Thunder\Program\geturl.htm
O8 - 未知 - Extra context menu item: 使用迅雷下载全部链接 - E:\软件\Thunder-AyuConfig\Thunder\Program\getallurl.htm
O10 - 未知 - Winsock LSP: [Dr.Web Winsock Provider Hook] [{7706E029-9A28-43A9-846D-1CE70CD3FEE5}]C:\WINDOWS\system32\DRWEBSP.DLL
O10 - 未知 - Winsock LSP: [Dr.Web Winsock Provider Hook] [{6E794481-9C07-4972-8FD3-A267C9D79982}]C:\WINDOWS\system32\DRWEBSP.DLL
O10 - 未知 - Winsock LSP: [Dr.Web Winsock Provider Hook] [{B039694D-0E77-4EBC-9327-B237A57BDC31}]C:\WINDOWS\system32\DRWEBSP.DLL
O10 - 未知 - Winsock LSP: [Dr.Web Winsock Provider Hook] [{BE9E92F6-C8EB-403C-9BC7-E8BCA2123482}]C:\WINDOWS\system32\DRWEBSP.DLL
O16 - 未知 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O18 - 未知 - Protocol: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O18 - 未知 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O23 - 未知 - Service: ccosm [Contrl Center of Storm Media] - C:\Program Files\StormII\stormliv.exe /asservice - (running)
O23 - 未知 - Service: pr2ahvub [Fantasia Sango 3 CH (Pro_CD) Drivers Auto Removal (pr2ahvub)] - C:\WINDOWS\system32\pr2ahvub.exe svc - (not running)
O23 - 未知 - Service: spidernt [Anti Virus System - Virus Chaser] - C:\Program Files\Virus Chaser\SpiderNT.exe - (running)
O23 - 未知 - Service: WINRTM32 [Windows Remote Service] - C:\WINDOWS\system32\winrtm32.exe - (running)

=======================================

100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序,用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件管理。] - C:\WINDOWS\Explorer.EXE
100 - 安全 - Process: RTHDCPL.EXE [瑞昱出品的声卡相关程序。] - C:\WINDOWS\RTHDCPL.EXE
100 - 安全 - Process: Vcrmon.exe [virus 驱逐舰杀毒软件相关程序。] - C:\Program Files\Virus Chaser\Vcrmon.exe
100 - 安全 - Process: rundll32.exe [windows rundll32为了需要调用dlls的程序。] - C:\WINDOWS\system32\RUNDLL32.EXE
100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\system32\ctfmon.exe
100 - 安全 - Process: nvsvc32.exe [nvidia driver helper service在nvida显卡驱动中被安装。] - C:\WINDOWS\system32\nvsvc32.exe
100 - 安全 - Process: p2psvr.exe [搜狗下载加速器。] - C:\Program Files\Common Files\Sogou PXP\p2psvr.exe
100 - 安全 - Process: SpiderNT.exe [virus 驱逐舰杀毒软件相关程序。] - C:\Program Files\Virus Chaser\SpiderNT.exe
100 - 安全 - Process: alg.exe [这是一个应用层***服务用于网络共享。] - C:\WINDOWS\System32\alg.exe
100 - 安全 - Process: SpiderUI.exe [驱逐舰杀毒软件相关程序。] - C:\Program Files\Virus Chaser\Spiderui.exe
100 - 安全 - Process: IEXPLORE.EXE [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\iexplore.exe
100 - 安全 - Process: IEXPLORE.EXE [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\IEXPLORE.EXE
100 - 安全 - Process: 360Safe.exe [360安全卫士] - E:\软件\360safe-v3.63final\360safe\360Safe.exe
100 - 安全 - Process: 360tray.exe [360安全卫士实时保护模块] - E:\软件\360safe-v3.63final\360safe\safemon\360Tray.exe
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
O2 - 安全 - BHO: (Thunder Browser Helper) - [迅雷附带下载监视器相关文件。] - {889D2FEB-5411-4565-8998-1DD2C5261283} - E:\软件\Thunder-AyuConfig\Thunder\ComDlls\xunleiBHO_Now.dll
O4 - 安全 - HKLM\..\Run: [RTHDCPL] [realtek声卡特性设置软件相关程序。] RTHDCPL.EXE
O4 - 安全 - HKLM\..\Run: [Alcmtr] [一款声卡相关程序。] ALCMTR.EXE
O4 - 安全 - HKLM\..\Run: [Vcrmon] [驱逐舰防病毒软件。] C:\Program Files\Virus Chaser\Vcrmon.exe
O4 - 安全 - HKLM\..\Run: [NvCplDaemon] [是NVIDIA显示卡相关动态链接库文件。] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 安全 - HKLM\..\Run: [nwiz] [是NVidia的Nview特性相关程序。该程序用于用户对其特性进行配置,将桌面扩展到多台显示器上。 ] nwiz.exe /install
O4 - 安全 - HKLM\..\Run: [NvMediaCenter] [是NVidia显示卡相关文件。] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe
O8 - 安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - 安全 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (Windows升级工具V5) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156754453019
O16 - 安全 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Flash播放器) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - 安全 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O18 - 安全 - Protocol: OFFICE 相关 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O23 - 安全 - Service: NVSvc [是NVIDIA显示卡相关程序。] - C:\WINDOWS\system32\nvsvc32.exe - (running)
O23 - 安全 - Service: P4P Service [搜狐的搜狗下载加速工具。] - C:\Program Files\Common Files\Sogou PXP\p2psvr.exe - (running)

=======================================

O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Shell extensions for file compression -  -  -  -  - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:加密上下文菜单 -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} -  -  -  -  - 0 -
O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll -  -  -  - 128512 - a6848472777fbcfa17236deb3f518d7c
O31 - 未知 - SEApproved: {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - C:\Program Files\Real\RealPlayer\rpshell.dll - RealNetworks, Inc. - RealPlayer Shell Extensions - 1.0.1.1946 - 49198 - 68718fbfe1513aaeed9bf319d912bb47
O31 - 未知 - SEApproved: {1CDB2949-8F65-4355-8456-263E7C208A5D} - C:\WINDOWS\system32\nvshell.dll -  -  - 6.14.10.11132 - 466944 - 66d0f5d06c9a3209adc45411ff252c5b
O31 - 未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - C:\WINDOWS\system32\nvshell.dll -  -  - 6.14.10.11132 - 466944 - 66d0f5d06c9a3209adc45411ff252c5b
O31 - 未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - C:\WINDOWS\system32\nvshell.dll -  -  - 6.14.10.11132 - 466944 - 66d0f5d06c9a3209adc45411ff252c5b
O31 - 未知 - SEApproved: {E76568E0-C231-11D3-B155-0090961B771E} - C:\Program Files\Virus Chaser\Shellexe.dll - New Technology Wave Inc. - VirusChaser Shell Extension - 5.0.0.0 - 49152 - 6f7c317de6adb2c10d43abd13eaa842c
O31 - 未知 - SEApproved: {e82a2d71-5b2f-43a0-97b8-81be15854de8} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
O31 - 未知 - SEApproved: {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll -  -  -  - 128512 - a6848472777fbcfa17236deb3f518d7c
O31 - 未知 - LSA: Security Packages - sv1_0.dll -  -  -  - 0 -
O31 - 未知 - LSA: Security Packages - channel.dll -  -  -  - 0 -

=======================================

O40 - lsass.exe - Doctor Web, Ltd. - C:\WINDOWS\system32\DRWEBSP.DLL - Dr.Web Winsock Provider Hook - 19ebd44da67428904e1ef36ec6909bcd
O40 - svchost.exe - Doctor Web, Ltd. - C:\WINDOWS\system32\DRWEBSP.DLL - Dr.Web Winsock Provider Hook - 19ebd44da67428904e1ef36ec6909bcd
O40 - svchost.exe - Doctor Web, Ltd. - C:\WINDOWS\system32\DRWEBSP.DLL - Dr.Web Winsock Provider Hook - 19ebd44da67428904e1ef36ec6909bcd
O40 - svchost.exe - Doctor Web, Ltd. - C:\WINDOWS\system32\DRWEBSP.DLL - Dr.Web Winsock Provider Hook - 19ebd44da67428904e1ef36ec6909bcd
O40 - svchost.exe - Doctor Web, Ltd. - C:\WINDOWS\system32\DRWEBSP.DLL - Dr.Web Winsock Provider Hook - 19ebd44da67428904e1ef36ec6909bcd
O40 - Explorer.EXE - www.218.cc - C:\Program Files\FengYun\FYMon.dll - 风云防火墙 DLL - 687e734a5fdd321fdebce298f41533c2
O40 - Explorer.EXE - NVIDIA Corporation - C:\WINDOWS\system32\NVRSZHC.DLL - NVIDIA Simplified Chinese language resource library - edc6d0a6c0f32a4b5b4b8d7a9211c058
O40 - Explorer.EXE -  - C:\WINDOWS\byblos.dll - Byblos Module - af6aa61252d3c281a8af2142e186169f
O40 - Explorer.EXE -  - C:\WINDOWS\system32\nvshell.dll -  - 66d0f5d06c9a3209adc45411ff252c5b
O40 - RUNDLL32.EXE - NVIDIA Corporation - C:\WINDOWS\system32\NVRSZHC.DLL - NVIDIA Simplified Chinese language resource library - edc6d0a6c0f32a4b5b4b8d7a9211c058
O40 - RUNDLL32.EXE - www.218.cc - C:\Program Files\FengYun\FYMon.dll - 风云防火墙 DLL - 687e734a5fdd321fdebce298f41533c2
O40 - rundll32.exe - www.218.cc - C:\Program Files\FengYun\FYMon.dll - 风云防火墙 DLL - 687e734a5fdd321fdebce298f41533c2

=======================================

O41 - ahci8086 - ATI Technology AHCI Compatible Controller Driver for Windows family - C:\WINDOWS\system32\drivers\ahci8086.sys - (running) - ATI Technology AHCI Compatible Controller Driver for Windows family - ATI Technologies Inc. - 3162702a838386f7bc6f6b4711044cf2
O41 - Aspi32 - ASPI for WIN32 Kernel Driver - C:\WINDOWS\system32\drivers\Aspi32.sys - (running) - ASPI for WIN32 Kernel Driver - Adaptec - b979979ab8027f7f53fb16ec4229b7db
O41 - CDGscsi - Virtual CDROM driver - C:\WINDOWS\system32\drivers\cdgscsi.sys - (running) - Virtual CDROM driver - Savage Company - 37c1e880646632d0e3d578a645593e6f
O41 - CSB6IDE - ServerWorks CSB6 PCI IDE Bus Driver - C:\WINDOWS\system32\drivers\csb6ide.sys - (running) - ServerWorks CSB6 PCI IDE Bus Driver - ServerWorks Corporation - 7a49f7091e79cc364d8df1c6ea845756
O41 - drwebnet - SpIDer Guard boot hook driver for Windows NT - C:\WINDOWS\system32\drivers\Drwebnet.sys - (running) - SpIDer Guard boot hook driver for Windows NT - Doctor Web Ltd - 1341a129478672613ec4e94d38856e2e
O41 - FASTTRAK - Promise FastTrak Series Driver for Win2000 - C:\WINDOWS\system32\drivers\fasttrak.sys - (running) - Promise FastTrak Series Driver for Win2000 - Promise Technology, Inc. - d3a41b9167c11b0fa0cb7c61fc876982
O41 - FTSATA2 - Promise Driver for Windows Server 2003 - C:\WINDOWS\system32\drivers\ftsata2.sys - (running) - Promise Driver for Windows Server 2003 - Promise Technology, Inc. - 65b50b303ff74a5517117ba3d25dbe7f
O41 - FYTdifltDrv - FengYun FireWall TDI Driver - C:\Program Files\FengYun\FYTdiDrv.sys - (running) - FengYun FireWall TDI Driver - www.218.cc - 756c74198cfc3c72a44e0431ccdbac24
O41 - IASTOR - Intel Matrix Storage Manager driver - C:\WINDOWS\system32\drivers\iastor.sys - (running) - Intel Matrix Storage Manager driver - Intel Corporation - 580bfec487c55264bfe3d60c3c24eee1
O41 - JRAID - JMicron JR036X RAID Driver - C:\WINDOWS\system32\drivers\Jraid.sys - (running) - JMicron JR036X RAID Driver - JMicron Technology Corp. - f64fc8ff777ca76a81c097df7641306d
O41 - M5281 - ALi SATA RAID Controller Driver - C:\WINDOWS\system32\drivers\m5281.sys - (running) - ALi SATA RAID Controller Driver - ALi Corporation - a51cd61975297508d4483fcbf931d86c
O41 - M5289 - ULi SATA RAID Controller Driver - C:\WINDOWS\system32\drivers\m5289.sys - (running) - ULi SATA RAID Controller Driver - ULi Electronics Inc. - e1ca1ea9ad7c8c50ea533829a6854d63
O41 - machobus - machobus - C:\WINDOWS\system32\drivers\machobus.sys - (running) -  -  - b60c5c71711d0ae031a2abeff65d46fe
O41 - NPF - NPF Driver - TME extensions - C:\WINDOWS\system32\drivers\npf.sys - (running) - NPF Driver - TME extensions - Politecnico di Torino - f498c5c3399a60933196fc215ef074f9
O41 - NVATABUS - NVIDIA? nForce(TM) IDE Performance Driver - C:\WINDOWS\system32\drivers\NVATABUS.SYS - (running) - NVIDIA? nForce(TM) IDE Performance Driver - NVIDIA Corporation - b7fb72492b753930ec70a0f49d04f12f
O41 - QKeyService - KeyCrypt - C:\WINDOWS\system32\KeyCrypt.sys - (running) - KeyCrypt -  Tencent Technology (Shenzhen) Company Limited - ecaa6d40a70bee079f3817601bec1692
O41 - sfdrv01 - StarForce Protection Environment Driver - C:\WINDOWS\system32\drivers\sfdrv01.sys - (running) - StarForce Protection Environment Driver - Protection Technology - 00de597b81b381053cb5b21a7f20e365
O41 - sfhlp02 - StarForce Protection Helper Driver - C:\WINDOWS\system32\drivers\sfhlp02.sys - (running) - StarForce Protection Helper Driver - Protection Technology - 64b9ab76f1b16eb059cb6cdd906c067a
O41 - sfsync02 - StarForce Protection Synchronization Driver - C:\WINDOWS\system32\drivers\sfsync02.sys - (running) - StarForce Protection Synchronization Driver - Protection Technology - 798d918d8f20380008277ce3ce5319d1
O41 - SPIDERCTL - System Monitoring for Windows NT - C:\Program Files\Virus Chaser\Spider.sys - (running) - System Monitoring for Windows NT - New Technology Wave Inc. - b27934851bc5bc7d7a53cde4b3ef85a9
O41 - sptd - sptd - C:\WINDOWS\system32\drivers\sptd.sys - (running) -  -  -
O41 - p2pfilter - p2pfilter - E:\软件\P2POver\p2pfilter.sys - (running) -  -  - 31a8494db52e092a8c00fc26d5de10f4
O41 - A320RAID - Adaptec HostRAID for Ultra320 SCSI - C:\WINDOWS\system32\drivers\a320raid.sys - (not running) - Adaptec HostRAID for Ultra320 SCSI - Adaptec, Inc. - ec8c685100387d4a7a7be2dce922c6d3
O41 - IGALIVE - IGALIVE - C:\Program Files\IGALIVE\IGALIVE.sys - (not running) -  -  -
O41 - M5228 - M5228 ATA RAID Controller Driver - C:\WINDOWS\system32\drivers\m5228.sys - (not running) - M5228 ATA RAID Controller Driver - ALi Corporation. - 06c174e5c7845055c3d6317709af6423
O41 - PCAMp50 - PCAMp50 - C:\WINDOWS\System32\Drivers\PCAMp50.sys - (not running) -  -  -
O41 - PCASp50 - PCASp50 - C:\WINDOWS\System32\Drivers\PCASp50.sys - (not running) -  -  -
O41 - SI3112R - Serial ATA RAID miniport driver - C:\WINDOWS\system32\drivers\Si3112r.sys - (not running) - Serial ATA RAID miniport driver - Silicon Image, Inc - c82f9b4993f502361067e3ab61d46f7a
O41 - SI3114R - SATARAID miniport driver - C:\WINDOWS\system32\drivers\Si3114r.sys - (not running) - SATARAID miniport driver - Silicon Image, Inc - d78d5bcf78d38cf846f1f1fdde718acc
O41 - SI3114R5 - SATA SoftRAID 5 miniport driver - C:\WINDOWS\system32\drivers\Si3114r5.sys - (not running) - SATA SoftRAID 5 miniport driver - Silicon Image, Inc - bf4177bfa0397c6a01ed493240318eae
O41 - SI3124 - Serial ATA miniport driver - C:\WINDOWS\system32\drivers\Si3124.sys - (not running) - Serial ATA miniport driver - Silicon Image, Inc. - c48aaff4947d87ebf6c42d9fced3df7a
O41 - SI3124R - SATARAID miniport driver (PRE-RELEASE) - C:\WINDOWS\system32\drivers\Si3124r.sys - (not running) - SATARAID miniport driver (PRE-RELEASE) - Silicon Image, Inc - 0c71855057883e63ca2c19736cbab018
O41 - SI3124R5 - SATA SoftRAID 5 miniport driver - C:\WINDOWS\system32\drivers\Si3124r5.sys - (not running) - SATA SoftRAID 5 miniport driver - Silicon Image, Inc - 085200d2a56c58ad77ef733082cb6ad4
O41 - SI3132 - Serial ATA miniport driver - C:\WINDOWS\system32\drivers\Si3132.sys - (not running) - Serial ATA miniport driver - Silicon Image, Inc. - 6e42ca2af3516cda7f3776a186ca4f78
O41 - SI3132R5 - SATA SoftRAID 5 miniport driver - C:\WINDOWS\system32\drivers\Si3132r5.sys - (not running) - SATA SoftRAID 5 miniport driver - Silicon Image, Inc - 07adf4521fe169623cc13fc8303bb519
O41 - SYMMPI - LSI Logic Fusion-MPT MiniPort Driver (ScsiPort) - C:\WINDOWS\system32\drivers\symmpi.sys - (not running) - LSI Logic Fusion-MPT MiniPort Driver (ScsiPort) - LSI Logic - 10258f3ff6ebaa3e00f1ffb4724764d9
O41 - TesSafe - TesSafe NT Driver - C:\WINDOWS\system32\TesSafe.sys - (not running) - TesSafe NT Driver - TENCENT - 71d11e69462c95615778bfe286d2d214
O41 - VIAMRAID - VIA RAID DRIVER FOR WIN 2000/XP/2003IA32 - C:\WINDOWS\system32\drivers\viamraid.sys - (not running) - VIA RAID DRIVER FOR WIN 2000/XP/2003IA32 - VIA Technologies inc,.ltd - f199939205dccc7836ae5ab8b5dd5e83
O41 - vmscsi - VMware SCSI Controller - C:\WINDOWS\system32\drivers\vmscsi.sys - (not running) - VMware SCSI Controller - VMware, Inc. - cd8a1f04836111dc0e6c0cd904b3c660
O41 - YXJCNTool - YXJCNTool - C:\WINDOWS\system32\Drivers\YXJCNTool.sys - (not running) -  -  -

=======================================
360Safe.exe=4.0.3.1007
AntiAdwa.dll=4.0.0.1002
AntiEng.dll=4.0.0.1001
AntiActi.dll=2.0.0.3000
CleanHis.dll=4.0.0.1001
live.dll=1.0.1.1023

=======================================
操作历史报告:
----------清理恶评及系统插件历史----------

2008-02-18 23:59
清理恶评软件 - 搜狗客户端共享组件 -
2008-03-06 00:46
清理恶评软件 - 搜狗客户端共享组件 -

2007-11-14 17:45
清理其它插件 - 开屏播放器 - D:\DOCUME~1\TEMP\~DF79C5.tmp
2008-02-14 00:01
清理恶评插件 - 搜狗工具条&地址栏直通车 -
清理恶评插件 - 搜狗客户端共享组件 - C:\Program Files\Common Files\Sogou PXP
2008-02-18 23:38
清理恶评插件 - 搜狗工具条&地址栏直通车 -
清理恶评插件 - 搜狗客户端共享组件 - C:\Program Files\Common Files\Sogou PXP
2008-02-18 23:39
清理恶评插件 - 搜狗客户端共享组件 - C:\Program Files\Common Files\Sogou PXP
2008-02-18 23:58
清理恶评插件 - 搜狗客户端共享组件 - C:\Program Files\Common Files\Sogou PXP
2008-03-06 00:45
清理恶评插件 - 搜狗工具条&地址栏直通车 -
清理恶评插件 - 搜狗客户端共享组件 - C:\Program Files\Common Files\Sogou PXP

----------全面诊断修复历史----------
[ 此贴被杰哥哥在2008-03-07 22:36重新编辑 ]
叹红尘 落朱颜
顶端 Posted: 2008-03-06 01:21 | [楼 主]
zhouyiran
爱点灯的瞎子
级别: 超级会员


精华: 0
发帖: 433
威望: 2077 点
风云币: 2002 元
专家分: 0 分
在线时间:389(小时)
注册时间:2007-06-21
最后登录:2008-04-28

 

一般来说是系统进程  也有可能是病毒进程  杀软查下呗
顶端 Posted: 2008-03-06 08:13 | 1 楼
freelive
独自等待,悄悄离开~
级别: 风云精英


精华: 1
发帖: 1003
威望: 554 点
风云币: 150183 元
专家分: 5 分
在线时间:105(小时)
注册时间:2007-12-31
最后登录:2008-04-27

 

rundll32.exe是系统重要进程,但许多木马会吸附在这个程序上。
如果该进程长时间处于高占用状态,很有可能中木马了,建议杀杀毒
特征:占用用户大量内存

无论是Rundll32.exe或Rundll.exe,独立运行都是毫无作用的,要在程序后面指定加载DLL文件。在Windows的任务管理器中,我们只能看到rundll32.exe进程,而其实质是调用的DLL。我们可以利用进程管理器等软件来查看它具体运行了哪些DLL文件。

可以用工具软件查看加载了哪些DLL,便于直接找到病毒根源。

风云墙-荣誉会员

其实一切与我无关~
顶端 Posted: 2008-03-06 08:53 | 2 楼
帖子浏览记录 版块浏览记录
风云小站 » 『 求助专区 』
感谢,曾经的版主
Total 0.022157(s) query 8, Time now is:11-01 07:52, Gzip enabled 渝ICP备20004412号-1

Powered by PHPWind v6.3.2 Certificate Code © 2003-07 PHPWind.com Corporation
Skin by Chen Bo