瑞星卡卡电脑诊断日志 v1.30 (2008-8-13 9:59:35) 北京瑞星信息技术有限公司 注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services WmdmPmSN [A ] 1. c:\winnt\system32\mspmsnsv.dll Microsoft Corporation Microsoft Media Device Service Provider .text,.data,.rsrc,.reloc, + 内核驱动 + HKLM\System\CurrentControlSet\Services BaseTDI [A ] 2. c:\winnt\system32\drivers\basetdi.sys Beijing Rising Technology Co., Ltd. basetdi .text,.rdata,.data,INIT,.rsrc,.reloc, Cdr4_2K [A ] 3. c:\winnt\system32\drivers\cdr4_2k.sys Roxio CDR4_2k CDR Helper .text,.rdata,.data,INIT,.rsrc,.reloc, Cdralw2k [A ] 4. c:\winnt\system32\drivers\cdralw2k.sys Roxio CDRAL for Windows 2000 Kernel Driver .text,.rdata,.data,INIT,.rsrc,.reloc, MPE [A ] 5. c:\winnt\system32\drivers\mpe.sys Microsoft Corporation Microsoft MPE to IP Filter .text,.rdata,.data,PAGECONS,INIT,.rsrc,.reloc, NABTSFEC [A ] 6. c:\winnt\system32\drivers\nabtsfec.sys Microsoft Corporation WDM NABTS/FEC VBI Codec .text,.rdata,.data,PAGECONS,INIT,.rsrc,.reloc, SLIP [A ] 7. c:\winnt\system32\drivers\slip.sys Microsoft Corporation Microsoft Slip Deframing Filter Minidriver .text,.rdata,.data,PAGECONS,INIT,.rsrc,.reloc, streamip [A ] 8. c:\winnt\system32\drivers\streamip.sys Microsoft Corporation Microsoft IP Driver .text,.rdata,.data,PAGECONS,INIT,.rsrc,.reloc, WSTCODEC [A ] 9. c:\winnt\system32\drivers\wstcodec.sys Microsoft Corporation WDM WST Codec Driver .text,.rdata,.data,INIT,.rsrc,.reloc, + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [A ] 10. c:\winnt\system32\urlfilter.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware UrlFilter Module .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Script [A ] 11. c:\winnt\web\related.htm + 资源管理器加载模块 + HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [A ] 12. c:\winnt\system32\setup\wmpocm.exe Microsoft Corporation Microsoft Windows Media Player 安装实用程序 .text,.rdata,.data,.rsrc, {9EF0045A-CDD9-438e-95E6-02B9AFEC8E11} [A ] 13. c:\winnt\system32\updcrl.exe Microsoft Corporation UPDCRL .text,.data,.rsrc, [A ] 14. c:\winnt\system32\verisignpub1.crl + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved Multimedia File Property Sheet [A ] 15. c:\winnt\system32\mmsys.cpl Microsoft Corporation Control Panel Drivers Applet .text,.data,.rsrc,.reloc, HyperTerminal Icon Ext [A ] 16. c:\winnt\system32\hticons.dll Hilgraeve, Inc. HyperTerminal Applet Library .text,.data,.rsrc,.reloc, Shell Application Manager [A ] 17. c:\winnt\system32\appwiz.cpl Microsoft Corporation Shell Application Manager .text,.data,.rsrc,.reloc, Installed Apps Enumerator [A ] 17. c:\winnt\system32\appwiz.cpl Microsoft Corporation Shell Application Manager .text,.data,.rsrc,.reloc, Darwin App Publisher [A ] 17. c:\winnt\system32\appwiz.cpl Microsoft Corporation Shell Application Manager .text,.data,.rsrc,.reloc, WinRAR shell extension [A ] 18. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, + 用户登陆自运行项目 + HKLM\Software\Microsoft\Windows\CurrentVersion\Run runeip [AM] 19. c:\program files\rising\kakatoolbar\rstray.exe Beijing Rising Information Technology Co., Ltd. RSTray .text,.rdata,.data,.rsrc, + 映像劫持 + HKCR\.mp3 mp3file\open\Command [A ] 20. c:\program files\windows media player\wmplayer.exe Microsoft Corporation Windows Media Player .text,.data,.rsrc, mp3file\play\Command [A ] 20. c:\program files\windows media player\wmplayer.exe Microsoft Corporation Windows Media Player .text,.data,.rsrc, + 程序初始化和已知动态连接库 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs [AM] 21. c:\winnt\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, + 正在运行的进程 + 0000008c(140) smss.exe + 000000a4(164) csrss.exe + 000000b8(184) winlogon.exe 77520000[00008000] [ M] 22. c:\winnt\system32\wdmaud.drv Microsoft Corporation WDM Audio driver mapper .text,.data,.rsrc,.reloc, 773C0000[00008000] [ M] 23. c:\winnt\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 000000d4(212) services.exe + 000000e0(224) lsass.exe + 00000190(400) svchost.exe + 000001a8(424) spoolsv.exe + 000001c8(456) svchost.exe 63B50000[00034000] [ M] 24. c:\winnt\system32\unimdm.tsp Microsoft Corporation Unimodem 5 Service Provider .text,.data,.rsrc,.reloc, 63BC0000[00008000] [ M] 25. c:\winnt\system32\kmddsp.tsp Microsoft Corporation TAPI Kernel-Mode Service Provider .text,.data,.rsrc,.reloc, 63BB0000[0000C000] [ M] 26. c:\winnt\system32\ndptsp.tsp Microsoft Corporation NDIS Proxy TAPI Service Provider .text,.data,.rsrc,.reloc, 63BD0000[00006000] [ M] 27. c:\winnt\system32\ipconf.tsp Microsoft Corporation Microsoft Multicast Conference TAPI Service Provider .text,.data,.rsrc,.reloc, 63BE0000[00044000] [ M] 28. c:\winnt\system32\h323.tsp Microsoft Corporation Microsoft H.323 TAPI Service Provider .text,.data,.rsrc,.reloc, + 000001f0(496) regsvc.exe + 00000208(520) MSTask.exe 60000000[00074000] [AM] 21. c:\winnt\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, + 00000240(576) WinMgmt.exe 60000000[00074000] [AM] 21. c:\winnt\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, + 0000026c(620) svchost.exe + 000002f4(756) Explorer.EXE 23000000[00056000] [ M] 29. c:\winnt\apppatch\aclayers.dll Microsoft Corporation Windows 2000 Shim Accessory DLL .text,.data,.CRT,.rsrc,.reloc, 60000000[00074000] [AM] 21. c:\winnt\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 77520000[00008000] [ M] 22. c:\winnt\system32\wdmaud.drv Microsoft Corporation WDM Audio driver mapper .text,.data,.rsrc,.reloc, 773C0000[00008000] [ M] 23. c:\winnt\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 00000350(848) Ras.exe 00400000[0000B000] [ M] 30. c:\program files\rising\kakatoolbar\ras.exe Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 31. c:\program files\rising\kakatoolbar\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 32. c:\program files\rising\kakatoolbar\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [AM] 21. c:\winnt\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[00047000] [ M] 33. c:\program files\rising\kakatoolbar\kakamgr.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 34. c:\program files\rising\kakatoolbar\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00980000[00019000] [ M] 35. c:\program files\rising\kakatoolbar\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 009B0000[0002E000] [ M] 36. c:\program files\rising\kakatoolbar\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01040000[00058000] [ M] 37. c:\program files\rising\kakatoolbar\dbmgr.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 23800000[00022000] [ M] 38. c:\program files\rising\kakatoolbar\rsxml.dll Beijing Rising Information Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 011A0000[0002D000] [ M] 39. c:\program files\rising\kakatoolbar\pweb.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 011D0000[000C1000] [ M] 40. c:\program files\rising\kakatoolbar\pscan.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 012A0000[0002F000] [ M] 41. c:\program files\rising\kakatoolbar\ncomm.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 012F0000[00070000] [ M] 42. c:\program files\rising\kakatoolbar\pset.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01360000[0002A000] [ M] 43. c:\program files\rising\kakatoolbar\pdefend.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01390000[000B6000] [ M] 44. c:\program files\rising\kakatoolbar\ptools.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01450000[0008C000] [ M] 45. c:\program files\rising\kakatoolbar\psysinfo.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 46. c:\program files\rising\kakatoolbar\pngdll.dll Beijing Rising Information Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 30000000[003AF000] [ M] 47. c:\winnt\system32\macromed\flash\flash9f.ocx Adobe Systems, Inc. Adobe Flash Player 9.0 r124 .text,.rdata,.data,.rodata,.rsrc,.reloc, 77520000[00008000] [ M] 22. c:\winnt\system32\wdmaud.drv Microsoft Corporation WDM Audio driver mapper .text,.data,.rsrc,.reloc, 773C0000[00008000] [ M] 23. c:\winnt\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 00000374(884) rstray.exe 00400000[00023000] [AM] 19. c:\program files\rising\kakatoolbar\rstray.exe Beijing Rising Information Technology Co., Ltd. RSTray .text,.rdata,.data,.rsrc, 60000000[00074000] [AM] 21. c:\winnt\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[0003C000] [ M] 48. c:\program files\rising\kakatoolbar\rsmginfo.dll Beijing Rising Information Technology Co., Ltd. rsmginfo .text,.rdata,.data,.rsrc,.reloc, 23800000[00022000] [ M] 38. c:\program files\rising\kakatoolbar\rsxml.dll Beijing Rising Information Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 34. c:\program files\rising\kakatoolbar\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 32. c:\program files\rising\kakatoolbar\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00E20000[00024000] [ M] 49. c:\program files\rising\kakatoolbar\comserv.dll Beijing Rising Information Technology Co., Ltd. .text,.rdata,.data,.rsrc,.reloc, 00E50000[00019000] [ M] 35. c:\program files\rising\kakatoolbar\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 23700000[00026000] [ M] 50. c:\program files\rising\kakatoolbar\rscommon.dll Beijing Rising Information Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00E90000[0002E000] [ M] 36. c:\program files\rising\kakatoolbar\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 46. c:\program files\rising\kakatoolbar\pngdll.dll Beijing Rising Information Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 011B0000[0005C000] [ M] 51. c:\program files\rising\kakatoolbar\runiep.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware tray .text,.rdata,.data,.rsrc,.reloc, + 0000037c(892) internat.exe 60000000[00074000] [AM] 21. c:\winnt\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, + 000003e4(996) knownsvr.exe 00400000[00072000] [ M] 52. c:\program files\rising\kakatoolbar\knownsvr.exe Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 10000000[0002F000] [ M] 41. c:\program files\rising\kakatoolbar\ncomm.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [AM] 21. c:\winnt\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 00D60000[0002E000] [ M] 36. c:\program files\rising\kakatoolbar\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00D90000[00019000] [ M] 35. c:\program files\rising\kakatoolbar\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc,