发表于: 2007-11-28 22:31 | 只看楼主 短消息 资料
字号: 1楼

【原创】每次启动都有一个陌生的进程,盼解答

华硕的本本,xp sp2的系统
现问题如下:
每次启动系统,都会看到一个完全陌生的进程,用这个进程的名字google一下,没有任何搜索结果,内存占用并不大,3000K不到。
根据卡卡上网助手的进程管理,发现这个进程是在%windows\temp\下面的,该文件夹里面有一个相应名称的文件,图表如图所示



如果在任务管理器中结束该进程,temp下面的文件也相应消失

启动3次系统,得到3个文件名,用卡卡上网助手导出,进程如下:
第一次:
[NHA377.EXE]
PID = 0x6d4
CommandLine = "C:\WINDOWS\TEMP\NHA377.EXE"
    NHA377.EXE
    0x400000
    C:\WINDOWS\Temp\NHA377.EXE
   
   
   
    2004-08-27 03:57:18

    ntdll.dll
    0x7c920000
    C:\WINDOWS\system32\ntdll.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    NT Layer DLL
    2004-08-17 20:00:00

    kernel32.dll
    0x7c800000
    C:\WINDOWS\system32\kernel32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows NT BASE API Client DLL
    2004-08-17 20:00:00

    WSOCK32.dll
    0x71a40000
    C:\WINDOWS\system32\wsock32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Socket 32-Bit DLL
    2004-08-17 20:00:00

    WS2_32.dll
    0x71a20000
    C:\WINDOWS\system32\ws2_32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Socket 2.0 32-Bit DLL
    2004-08-17 20:00:00

    msvcrt.dll
    0x77be0000
    C:\WINDOWS\system32\msvcrt.dll
    7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows NT CRT DLL
    2004-08-17 20:00:00

    WS2HELP.dll
    0x71a10000
    C:\WINDOWS\system32\ws2help.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Socket 2.0 Helper for Windows NT
    2004-08-17 20:00:00

    ADVAPI32.dll
    0x77da0000
    C:\WINDOWS\system32\advapi32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Advanced Windows 32 Base API
    2004-08-17 20:00:00

    RPCRT4.dll
    0x77e50000
    C:\WINDOWS\system32\rpcrt4.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Remote Procedure Call Runtime
    2004-08-17 20:00:00

    USER32.dll
    0x77d10000
    C:\WINDOWS\system32\user32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows XP USER API Client DLL
    2004-08-17 20:00:00

    GDI32.dll
    0x77ef0000
    C:\WINDOWS\system32\gdi32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    GDI Client DLL
    2004-08-17 20:00:00

    WINSPOOL.DRV
    0x72f70000
    C:\WINDOWS\system32\winspool.drv
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Spooler Driver
    2004-08-17 20:00:00

    COMCTL32.dll
    0x5d170000
    C:\WINDOWS\system32\comctl32.dll
    5.82 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Common Controls Library
    2004-08-17 20:00:00

    IMM32.DLL
    0x76300000
    C:\WINDOWS\system32\imm32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows XP IMM32 API Client DLL
    2004-08-17 20:00:00

    LPK.DLL
    0x62c20000
    C:\WINDOWS\system32\lpk.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Language Pack
    2004-08-17 20:00:00

    USP10.dll
    0x73fa0000
    C:\WINDOWS\system32\usp10.dll
    1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Uniscribe Unicode script processor
    2004-08-17 20:00:00

    uxtheme.dll
    0x5adc0000
    C:\WINDOWS\system32\uxtheme.dll
    6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft UxTheme Library
    2004-08-17 20:00:00

    msctfime.ime
    0x73640000
    C:\WINDOWS\system32\MSCTFIME.IME
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft Text Frame Work Service IME
    2004-08-17 20:00:00

    ole32.dll
    0x76990000
    C:\WINDOWS\system32\ole32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft OLE for Windows
    2004-08-17 20:00:00

    PSAPI.DLL
    0x76bc0000
    C:\WINDOWS\system32\psapi.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Process Status Helper
    2004-08-17 20:00:00

第二次:
[RZBB02.EXE]
PID = 0x100
CommandLine = "C:\WINDOWS\TEMP\RZBB02.EXE"
    RZBB02.EXE
    0x400000
    C:\WINDOWS\Temp\RZBB02.EXE
   
   
   
    2004-08-27 03:57:18

    ntdll.dll
    0x7c920000
    C:\WINDOWS\system32\ntdll.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    NT Layer DLL
    2004-08-17 20:00:00

    kernel32.dll
    0x7c800000
    C:\WINDOWS\system32\kernel32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows NT BASE API Client DLL
    2004-08-17 20:00:00

    WSOCK32.dll
    0x71a40000
    C:\WINDOWS\system32\wsock32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Socket 32-Bit DLL
    2004-08-17 20:00:00

    WS2_32.dll
    0x71a20000
    C:\WINDOWS\system32\ws2_32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Socket 2.0 32-Bit DLL
    2004-08-17 20:00:00

    msvcrt.dll
    0x77be0000
    C:\WINDOWS\system32\msvcrt.dll
    7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows NT CRT DLL
    2004-08-17 20:00:00

    WS2HELP.dll
    0x71a10000
    C:\WINDOWS\system32\ws2help.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Socket 2.0 Helper for Windows NT
    2004-08-17 20:00:00

    ADVAPI32.dll
    0x77da0000
    C:\WINDOWS\system32\advapi32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Advanced Windows 32 Base API
    2004-08-17 20:00:00

    RPCRT4.dll
    0x77e50000
    C:\WINDOWS\system32\rpcrt4.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Remote Procedure Call Runtime
    2004-08-17 20:00:00

    USER32.dll
    0x77d10000
    C:\WINDOWS\system32\user32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows XP USER API Client DLL
    2004-08-17 20:00:00

    GDI32.dll
    0x77ef0000
    C:\WINDOWS\system32\gdi32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    GDI Client DLL
    2004-08-17 20:00:00

    WINSPOOL.DRV
    0x72f70000
    C:\WINDOWS\system32\winspool.drv
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Spooler Driver
    2004-08-17 20:00:00

    COMCTL32.dll
    0x5d170000
    C:\WINDOWS\system32\comctl32.dll
    5.82 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Common Controls Library
    2004-08-17 20:00:00

    IMM32.DLL
    0x76300000
    C:\WINDOWS\system32\imm32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows XP IMM32 API Client DLL
    2004-08-17 20:00:00

    LPK.DLL
    0x62c20000
    C:\WINDOWS\system32\lpk.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Language Pack
    2004-08-17 20:00:00

    USP10.dll
    0x73fa0000
    C:\WINDOWS\system32\usp10.dll
    1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Uniscribe Unicode script processor
    2004-08-17 20:00:00

    uxtheme.dll
    0x5adc0000
    C:\WINDOWS\system32\uxtheme.dll
    6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft UxTheme Library
    2004-08-17 20:00:00

    msctfime.ime
    0x73640000
    C:\WINDOWS\system32\MSCTFIME.IME
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft Text Frame Work Service IME
    2004-08-17 20:00:00

    ole32.dll
    0x76990000
    C:\WINDOWS\system32\ole32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft OLE for Windows
    2004-08-17 20:00:00

    PSAPI.DLL
    0x76bc0000
    C:\WINDOWS\system32\psapi.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Process Status Helper
    2004-08-17 20:00:00

第三次:
[HNECF7.EXE]
PID = 0x670
CommandLine = "C:\WINDOWS\TEMP\HNECF7.EXE"
    HNECF7.EXE
    0x400000
    C:\WINDOWS\Temp\HNECF7.EXE
   
   
   
    2004-08-27 03:57:18

    ntdll.dll
    0x7c920000
    C:\WINDOWS\system32\ntdll.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    NT Layer DLL
    2004-08-17 20:00:00

    kernel32.dll
    0x7c800000
    C:\WINDOWS\system32\kernel32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows NT BASE API Client DLL
    2004-08-17 20:00:00

    WSOCK32.dll
    0x71a40000
    C:\WINDOWS\system32\wsock32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Socket 32-Bit DLL
    2004-08-17 20:00:00

    WS2_32.dll
    0x71a20000
    C:\WINDOWS\system32\ws2_32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Socket 2.0 32-Bit DLL
    2004-08-17 20:00:00

    msvcrt.dll
    0x77be0000
    C:\WINDOWS\system32\msvcrt.dll
    7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows NT CRT DLL
    2004-08-17 20:00:00

    WS2HELP.dll
    0x71a10000
    C:\WINDOWS\system32\ws2help.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Socket 2.0 Helper for Windows NT
    2004-08-17 20:00:00

    ADVAPI32.dll
    0x77da0000
    C:\WINDOWS\system32\advapi32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Advanced Windows 32 Base API
    2004-08-17 20:00:00

    RPCRT4.dll
    0x77e50000
    C:\WINDOWS\system32\rpcrt4.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Remote Procedure Call Runtime
    2004-08-17 20:00:00

    USER32.dll
    0x77d10000
    C:\WINDOWS\system32\user32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows XP USER API Client DLL
    2004-08-17 20:00:00

    GDI32.dll
    0x77ef0000
    C:\WINDOWS\system32\gdi32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    GDI Client DLL
    2004-08-17 20:00:00

    WINSPOOL.DRV
    0x72f70000
    C:\WINDOWS\system32\winspool.drv
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Spooler Driver
    2004-08-17 20:00:00

    COMCTL32.dll
    0x5d170000
    C:\WINDOWS\system32\comctl32.dll
    5.82 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Common Controls Library
    2004-08-17 20:00:00

    IMM32.DLL
    0x76300000
    C:\WINDOWS\system32\imm32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows XP IMM32 API Client DLL
    2004-08-17 20:00:00

    LPK.DLL
    0x62c20000
    C:\WINDOWS\system32\lpk.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Language Pack
    2004-08-17 20:00:00

    USP10.dll
    0x73fa0000
    C:\WINDOWS\system32\usp10.dll
    1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Uniscribe Unicode script processor
    2004-08-17 20:00:00

    uxtheme.dll
    0x5adc0000
    C:\WINDOWS\system32\uxtheme.dll
    6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft UxTheme Library
    2004-08-17 20:00:00

    msctfime.ime
    0x73640000
    C:\WINDOWS\system32\MSCTFIME.IME
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft Text Frame Work Service IME
    2004-08-17 20:00:00

    ole32.dll
    0x76990000
    C:\WINDOWS\system32\ole32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft OLE for Windows
    2004-08-17 20:00:00

    PSAPI.DLL
    0x76bc0000
    C:\WINDOWS\system32\psapi.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Process Status Helper
    2004-08-17 20:00:00


有谁知道这个进程到底是什么么,盼解答

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TencentTraveler )
最后编辑2007-11-28 22:31:32.593000000