bananas |
2007-08-18 19:34 |
瑞星卡卡电脑诊断日志 v1.30 (2007-8-13 13:46:48) 北京瑞星科技股份有限公司
注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中;
+ 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services RsCCenter [A ] 1. c:\program files\rising\rav\ccenter.exe
RsRavMon [A ] 2. c:\program files\rising\rav\ravmond.exe
+ 内核驱动 + HKLM\System\CurrentControlSet\Services ALCXWDM [A ] 3. c:\windows\system32\drivers\alcxwdm.sys
BaseTDI [A ] 4. c:\windows\system32\drivers\basetdi.sys
ExpScaner [A ] 5. c:\program files\rising\rav\expscan.sys
HookCont [A ] 6. c:\program files\rising\rav\hookcont.sys
HookReg [A ] 7. c:\program files\rising\rav\hookreg.sys
HookSys [A ] 8. c:\program files\rising\rav\hooksys.sys
MEMSCAN [A ] 9. c:\program files\rising\rav\memscan.sys
npkcrypt [A ] 10. d:\program files\tencent\qq\npkcrypt.sys
RsAntiSpyware [A ] 11. c:\windows\system32\drivers\rsboot.sys
RsNTGDI [A ] 12. c:\windows\system32\drivers\rsntgdi.sys
RSPPSYS [A ] 13. c:\program files\rising\rav\rsppsys.sys
Secdrv [A ] 14. c:\windows\system32\drivers\secdrv.sys
sfdrv01 [A ] 15. c:\windows\system32\drivers\sfdrv01.sys
sfhlp02 [A ] 16. c:\windows\system32\drivers\sfhlp02.sys
sfsync03 [A ] 17. c:\windows\system32\drivers\sfsync03.sys
ZSMC301b [A ] 18. c:\windows\system32\drivers\usbvm31b.sys
+ IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {01443AEC-0FD1-40fd-9C87-E93D1494C233} [A ] 19. d:\program files\thunder network\thunder\comdlls\tdatonce_now.dll
{889D2FEB-5411-4565-8998-1DD2C5261283} [A ] 20. d:\program files\thunder network\thunder\comdlls\xunleibho_now.dll
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [A ] 21. d:\program files\thunder network\thunder\thunder.exe
Exec [A ] 22. d:\浩方\浩方对战平台\gameclient.exe
+ 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler cdo [A ] 23. c:\program files\common files\microsoft shared\web folders\pkmcdo.dll
KuGoo3 [A ] 24. d:\program files\kugoo3\inextend\kugoo3downxcontrol.ocx
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 25. c:\windows\system32\hticons.dll
WinRAR shell extension [AM] 26. c:\program files\winrar\rarext.dll
Shell Extensions for RealOne Player [A ] 27. c:\program files\real\realplayer\rpshell.dll
Web Folders [A ] 28. c:\program files\common files\microsoft shared\web folders\msonsext.dll
Microsoft Office HTML Icon Handler [A ] 29. c:\program files\microsoft office\office10\msohev.dll
RISING [AM] 30. c:\windows\system32\ravext.dll
DllRegShlExt extension [A ] 31. c:\windows\system32\tudouupload.dll
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {32CD708B-60A7-4C00-9377-D73EAA495F0F} [AM] 30. c:\windows\system32\ravext.dll
+ 用户登陆自运行项目 + HKLM\Software\Microsoft\Windows\CurrentVersion\Run RavTask [A ] 32. c:\program files\rising\rav\ravtask.exe
runeip [AM] 33. c:\program files\rising\antispyware\runiep.exe
TkBellExe [AM] 34. c:\program files\common files\real\update_ob\realsched.exe
NeroFilterCheck [A ] 35. c:\windows\system32\nerocheck.exe
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce RavStub [AM] 36. c:\program files\rising\rav\ravstub.exe
KKDelay [A ] 37. c:\program files\rising\antispyware\runonce.exe
+ 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 38. c:\windows\system32\bsmain.exe
[A ] 39. c:\windows\system32\kknative.exe
+ 映像劫持 + HKCR\.html htmlfile\Edit\Command [A ] 40. c:\program files\microsoft office\office10\msohtmed.exe
htmlfile\Print\Command [A ] 40. c:\program files\microsoft office\office10\msohtmed.exe
+ HKCR\.htm htmlfile\Edit\Command [A ] 40. c:\program files\microsoft office\office10\msohtmed.exe
htmlfile\Print\Command [A ] 40. c:\program files\microsoft office\office10\msohtmed.exe
+ HKCR\.mp3 RealPlayer.MP3.6\open\Command [A ] 41. c:\program files\real\realplayer\realplay.exe
+ 正在运行的进程 + 000001b4(436) smss.exe
+ 000001f4(500) csrss.exe
+ 0000020c(524) winlogon.exe 72C80000[00008000] [ M] 42. c:\windows\system32\msacm32.drv
+ 00000238(568) services.exe
+ 00000244(580) lsass.exe
+ 000002d8(728) svchost.exe
+ 00000304(772) svchost.exe
+ 00000358(856) svchost.exe
+ 00000380(896) svchost.exe
+ 000003d0(976) alg.exe
+ 00000404(1028) svchost.exe
+ 000004c0(1216) Explorer.EXE 10000000[0001B000] [AM] 30. c:\windows\system32\ravext.dll
01440000[0001B000] [ M] 43. c:\program files\rising\antispyware\ieprot.dll
72C80000[00008000] [ M] 42. c:\windows\system32\msacm32.drv
00DC0000[0002B000] [AM] 26. c:\program files\winrar\rarext.dll
+ 00000554(1364) spoolsv.exe
+ 000005b0(1456) RavStub.exe 00400000[00018000] [AM] 36. c:\program files\rising\rav\ravstub.exe
10000000[0001B000] [ M] 44. c:\program files\rising\rav\rscommx.dll
23700000[0001A000] [ M] 45. c:\program files\rising\rav\rscommon.dll
+ 0000064c(1612) runiep.exe 00400000[00013000] [AM] 33. c:\program files\rising\antispyware\runiep.exe
00BF0000[0001B000] [ M] 43. c:\program files\rising\antispyware\ieprot.dll
+ 00000698(1688) realsched.exe 00400000[0002E000] [AM] 34. c:\program files\common files\real\update_ob\realsched.exe
10000000[0001B000] [ M] 43. c:\program files\rising\antispyware\ieprot.dll
+ 00000744(1860) svchost.exe
+ 000007c8(1992) ctfmon.exe 10000000[0001B000] [ M] 43. c:\program files\rising\antispyware\ieprot.dll
+ 000007cc(1996) QQ.exe 00400000[00187000] [ M] 46. d:\program files\tencent\qq\qq.exe
10000000[00236000] [ M] 47. d:\program files\tencent\qq\qqbaseclassindll.dll
616B0000[00099000] [ M] 48. d:\program files\tencent\qq\qqhelperdll.dll
60090000[00040000] [ M] 49. d:\program files\tencent\qq\basicctrldll.dll
60A10000[000F2000] [ M] 50. d:\program files\tencent\qq\mfc42.dll
620B0000[00005000] [ M] 51. d:\program files\tencent\qq\riched32.dll
62040000[00068000] [ M] 52. d:\program files\tencent\qq\riched20.dll
612E0000[00038000] [ M] 53. d:\program files\tencent\qq\qqapi.dll
00EF0000[00033000] [ M] 54. d:\program files\tencent\qq\loginctrl.dll
01750000[00044000] [ M] 55. d:\program files\tencent\qq\npkcntc.dll
00F30000[0000E000] [ M] 56. d:\program files\tencent\qq\npkpdb.dll
608B0000[00054000] [ M] 57. d:\program files\tencent\qq\loginctrlres.dll
01870000[0041A000] [ M] 58. d:\program files\tencent\qq\qqres.dll
61780000[0008A000] [ M] 59. d:\program files\tencent\qq\qqmainframe.dll
024A0000[0001B000] [ M] 43. c:\program files\rising\antispyware\ieprot.dll
601A0000[00119000] [ M] 60. d:\program files\tencent\qq\cqqapplication.dll
60BB0000[0005D000] [ M] 61. d:\program files\tencent\qq\newskin.dll
60680000[000B0000] [ M] 62. d:\program files\tencent\qq\hostingmgr.dll
600F0000[00022000] [ M] 63. d:\program files\tencent\qq\cameradll.dll
609E0000[0002F000] [ M] 64. d:\program files\tencent\qq\mailsummary.dll
61750000[00015000] [ M] 65. d:\program files\tencent\qq\qqknowledgesearch.dll
61100000[001D3000] [ M] 66. d:\program files\tencent\qq\qqallinone.dll
60640000[00034000] [ M] 67. d:\program files\tencent\qq\grouplive.dll
620D0000[0002A000] [ M] 68. d:\program files\tencent\qq\sccore.dll
60350000[001A3000] [ M] 69. d:\program files\tencent\qq\gdiplus.dll
61EF0000[0001E000] [ M] 70. d:\program files\tencent\qq\qqspace.dll
62240000[00071000] [ M] 71. d:\program files\tencent\qq\vbscript.dll
61640000[0006B000] [ M] 72. d:\program files\tencent\qq\qqgroupmng.dll
72C80000[00008000] [ M] 42. c:\windows\system32\msacm32.drv
034C0000[00041000] [ M] 73. d:\program files\tencent\qq\qqsysmsgmng.dll
62220000[00017000] [ M] 74. d:\program files\tencent\qq\userdefinedhead.dll
61950000[000CE000] [ M] 75. d:\program files\tencent\qq\qqplugin.dll
615A0000[0000C000] [ M] 76. d:\program files\tencent\qq\qqconfigplugin.dll
30000000[002EF000] [ M] 77. c:\windows\system32\macromed\flash\flash9c.ocx
62020000[00016000] [ M] 78. d:\program files\tencent\qq\qringmng.dll
02380000[000A6000] [ M] 79. d:\program files\tencent\qq\longconnection.dll
02430000[0002A000] [ M] 80. d:\program files\tencent\qq\qqfiletransfer.dll
61320000[00032000] [ M] 81. d:\program files\tencent\qq\qqavatar.dll
60310000[0003E000] [ M] 82. d:\program files\tencent\qq\flashavatardll.dll
60D10000[00026000] [ M] 83. d:\program files\tencent\qq\phoneapi.dll
602C0000[0000D000] [ M] 84. d:\program files\tencent\qq\dialerallinone.dll
61910000[0002A000] [ M] 85. d:\program files\tencent\qq\qqpet.dll
615B0000[00032000] [ M] 86. d:\program files\tencent\qq\qqcustomface.dll
60610000[00024000] [ M] 87. d:\program files\tencent\qq\groupconnection.dll
600D0000[0001F000] [ M] 88. d:\program files\tencent\qq\bqqapplication.dll
72C60000[00007000] [ M] 89. c:\windows\system32\msadp32.acm
60730000[0001A000] [ M] 90. d:\program files\tencent\qq\imageole.dll
05A00000[00019000] [ M] 91. c:\program files\rising\rav\ravscrch.dll
61770000[0000E000] [ M] 92. d:\program files\tencent\qq\qqmagicface.dll
61E40000[0002D000] [ M] 93. d:\program files\tencent\qq\qqscenemng.dll
06E40000[0004F000] [ M] 94. d:\program files\tencent\qq\commercesmng.dll
60C90000[0000F000] [ M] 95. d:\program files\tencent\qq\personaldesktop.dll
07530000[0028B000] [ M] 96. d:\program files\tencent\qq\qqaddr.dll
00F80000[0002B000] [ M] 97. d:\program files\tencent\qq\qqphonehelper.dll
+ 00000dd8(3544) Ras.exe 00400000[0013F000] [ M] 98. c:\program files\rising\antispyware\ras.exe
10000000[000A3000] [ M] 99. c:\program files\rising\antispyware\rasgui.dll
01360000[0001B000] [AM] 30. c:\windows\system32\ravext.dll
01750000[0001B000] [ M] 43. c:\program files\rising\antispyware\ieprot.dll
02700000[0002F000] [ M] 100. c:\program files\rising\antispyware\engine.dll
02730000[00012000] [ M] 101. c:\program files\rising\antispyware\zip.dll
|
|