瑞星卡卡电脑诊断日志 v1.30 (2008-9-3 10:12:34) 北京瑞星信息技术有限公司 注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services aspnet_state [A ] 1. c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe clr_optimization_v2.0.50727_32 [A ] 2. c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe NVSvc [AM] 3. c:\windows\system32\nvsvc32.exe UMWdf [AM] 4. c:\windows\system32\wdfmgr.exe usnjsvc [A ] 5. c:\program files\windows live\messenger\usnsvc.exe WLSetupSvc [A ] 6. c:\program files\windows live\installer\wlsetupsvc.exe + 内核驱动 + HKLM\System\CurrentControlSet\Services Alidevice [A ] 7. c:\windows\system32\drivers\alidevice.sys E1000 [A ] 8. c:\windows\system32\drivers\e1000325.sys KAVBootC [A ] 9. c:\windows\system32\drivers\kavbootc.sys npkcrypt [A ] 10. c:\program files\tencent\qq\npkcrypt.sys npkcusb [A ] 11. c:\program files\tencent\qq\npkcusb.sys Secdrv [A ] 12. c:\windows\system32\drivers\secdrv.sys SinforVnic [A ] 13. c:\windows\system32\drivers\sinforvnic.sys smwdm [A ] 14. c:\windows\system32\drivers\smwdm.sys TesSafe [A ] 15. c:\windows\system32\tessafe.sys + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} [A ] 16. c:\program files\windows live toolbar\msntb.dll + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [AM] 17. c:\windows\system32\urlfilter.dll + 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter application/octet-stream [A ] 18. c:\windows\system32\mscoree.dll application/x-complus [A ] 18. c:\windows\system32\mscoree.dll application/x-msdownload [A ] 18. c:\windows\system32\mscoree.dll + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler livecall [A ] 19. c:\program files\windows live\messenger\msgrapp.8.5.1302.1018.dll msnim [A ] 19. c:\program files\windows live\messenger\msgrapp.8.5.1302.1018.dll wlmailhtml [A ] 20. c:\program files\windows live\mail\mailcomm.dll + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 21. c:\windows\system32\hticons.dll Web Folders [A ] 22. c:\program files\common files\microsoft shared\web folders\msonsext.dll Portable Media Devices [A ] 23. c:\windows\system32\audiodev.dll Portable Media Devices Menu [A ] 23. c:\windows\system32\audiodev.dll ShellLink for Application References [A ] 24. c:\windows\system32\dfshim.dll Shell Icon Handler for Application References [A ] 24. c:\windows\system32\dfshim.dll Messenger Sharing Folders [A ] 25. c:\program files\windows live\messenger\fsshext.8.5.1302.1018.dll WLMD Message Handler [A ] 20. c:\program files\windows live\mail\mailcomm.dll Windows Live Photo Gallery Viewer Drop Target Shim [A ] 26. c:\program files\windows live\photo gallery\photoviewershim.dll Windows Live Photo Gallery Editor Drop Target Shim [A ] 26. c:\program files\windows live\photo gallery\photoviewershim.dll Windows Live Photo Gallery Autoplay Drop Target Shim [A ] 26. c:\program files\windows live\photo gallery\photoviewershim.dll + 用户登陆自运行项目 + HKLM\Software\Microsoft\Windows\CurrentVersion\Run runeip [AM] 27. c:\program files\rising\antispyware\rstray.exe + 映像劫持 + HKCR\.html htmlfile\open\Command [A ] 28. c:\program files\tencent\tt\bin\ttraveler.exe htmlfile\TencentTraveler\Command [A ] 28. c:\program files\tencent\tt\bin\ttraveler.exe + HKCR\.htm htmlfile\open\Command [A ] 28. c:\program files\tencent\tt\bin\ttraveler.exe htmlfile\TencentTraveler\Command [A ] 28. c:\program files\tencent\tt\bin\ttraveler.exe + 程序初始化和已知动态连接库 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs [AM] 29. c:\windows\system32\kmon.dll + 打印机监控 + HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors Adobe PDF Port [AM] 30. c:\windows\system32\adobepdf.dll + 其他自启动项目 + C:\WINDOWS\Tasks 查看 Windows Live Toolbar 更新.job [A ] 31. c:\program files\windows live toolbar\msntbup.exe + 正在运行的进程 + 00000200(512) nvsvc32.exe 00400000[00013000] [AM] 3. c:\windows\system32\nvsvc32.exe + 00000294(660) svchost.exe + 000002b4(692) wdfmgr.exe 01000000[0000C000] [AM] 4. c:\windows\system32\wdfmgr.exe + 000002f8(760) smss.exe + 00000328(808) csrss.exe + 00000344(836) winlogon.exe + 00000370(880) services.exe + 0000037c(892) lsass.exe + 00000424(1060) svchost.exe + 00000474(1140) svchost.exe + 00000500(1280) svchost.exe 50E60000[0000C000] [ M] 32. c:\windows\system32\wups2.dll + 0000052c(1324) svchost.exe + 00000584(1412) svchost.exe + 00000658(1624) alg.exe + 000006c4(1732) spoolsv.exe 50400000[00009000] [AM] 30. c:\windows\system32\adobepdf.dll 65000000[00026000] [ M] 33. c:\program files\adobe\acrobat 6.0\distillr\adistres.dll 00FF0000[00008000] [ M] 34. c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll + 000006f4(1780) inetinfo.exe 60060000[00006000] [ M] 35. c:\windows\microsoft.net\framework\v2.0.50727\aspnet_filter.dll + 00000764(1892) Explorer.EXE + 000008f8(2296) Ras.exe 00400000[0000B000] [ M] 36. c:\program files\rising\antispyware\ras.exe 7C140000[00103000] [ M] 37. c:\program files\rising\antispyware\mfc71.dll 7C340000[00056000] [ M] 38. c:\program files\rising\antispyware\msvcr71.dll 60000000[00074000] [AM] 29. c:\windows\system32\kmon.dll 10000000[00047000] [ M] 39. c:\program files\rising\antispyware\kakamgr.dll 7C3A0000[0007B000] [ M] 40. c:\program files\rising\antispyware\msvcp71.dll 00B10000[00019000] [ M] 41. c:\program files\rising\antispyware\syslay.dll 00B70000[0002F000] [ M] 42. c:\program files\rising\antispyware\comx3.dll 00DD0000[00058000] [ M] 43. c:\program files\rising\antispyware\dbmgr.dll 23800000[00022000] [ M] 44. c:\program files\rising\antispyware\rsxml.dll 00F30000[0002D000] [ M] 45. c:\program files\rising\antispyware\pweb.dll 00F60000[000C1000] [ M] 46. c:\program files\rising\antispyware\pscan.dll 01030000[0002F000] [ M] 47. c:\program files\rising\antispyware\ncomm.dll 01080000[00070000] [ M] 48. c:\program files\rising\antispyware\pset.dll 01110000[0002A000] [ M] 49. c:\program files\rising\antispyware\pdefend.dll 01140000[000B6000] [ M] 50. c:\program files\rising\antispyware\ptools.dll 01300000[0008C000] [ M] 51. c:\program files\rising\antispyware\psysinfo.dll 23900000[00040000] [ M] 52. c:\program files\rising\antispyware\pngdll.dll 30000000[003AF000] [ M] 53. c:\windows\system32\macromed\flash\flash9f.ocx 05400000[00085000] [ M] 54. c:\program files\rising\antispyware\kengine.dll 05490000[00045000] [ M] 55. c:\program files\rising\antispyware\posttrt.dll 056E0000[00010000] [ M] 56. c:\program files\rising\antispyware\kscanex.dll 05700000[0002F000] [ M] 57. c:\program files\rising\antispyware\engine.dll 05740000[00033000] [ M] 58. c:\program files\rising\antispyware\rsdialog.dll + 00000918(2328) knownsvr.exe 00400000[00072000] [ M] 59. c:\program files\rising\antispyware\knownsvr.exe 10000000[0002F000] [ M] 47. c:\program files\rising\antispyware\ncomm.dll 60000000[00074000] [AM] 29. c:\windows\system32\kmon.dll 00A90000[0002F000] [ M] 42. c:\program files\rising\antispyware\comx3.dll 00AC0000[00019000] [ M] 41. c:\program files\rising\antispyware\syslay.dll + 00000ac8(2760) rstray.exe 00400000[00023000] [AM] 27. c:\program files\rising\antispyware\rstray.exe 60000000[00074000] [AM] 29. c:\windows\system32\kmon.dll 10000000[0003C000] [ M] 60. c:\program files\rising\antispyware\rsmginfo.dll 23800000[00022000] [ M] 44. c:\program files\rising\antispyware\rsxml.dll 7C3A0000[0007B000] [ M] 40. c:\program files\rising\antispyware\msvcp71.dll 7C340000[00056000] [ M] 38. c:\program files\rising\antispyware\msvcr71.dll 00BD0000[00024000] [ M] 61. c:\program files\rising\antispyware\comserv.dll 00C00000[00019000] [ M] 41. c:\program files\rising\antispyware\syslay.dll 23700000[00026000] [ M] 62. c:\program files\rising\antispyware\rscommon.dll 00C40000[0002F000] [ M] 42. c:\program files\rising\antispyware\comx3.dll 23900000[00040000] [ M] 52. c:\program files\rising\antispyware\pngdll.dll 01050000[0005C000] [ M] 63. c:\program files\rising\antispyware\runiep.dll + 00000b40(2880) conime.exe + 00000b88(2952) iexplore.exe 60000000[00074000] [AM] 29. c:\windows\system32\kmon.dll 10000000[0002F000] [ M] 42. c:\program files\rising\antispyware\comx3.dll 00A10000[00019000] [ M] 41. c:\program files\rising\antispyware\syslay.dll 010E0000[00018000] [AM] 17. c:\windows\system32\urlfilter.dll 01100000[00011000] [ M] 64. c:\program files\rising\antispyware\urlrule.dll 30000000[003AF000] [ M] 53. c:\windows\system32\macromed\flash\flash9f.ocx 035B0000[000D2000] [ M] 65. c:\windows\system32\googlepinyin.ime 08110000[00004000] [ M] 66. c:\program files\windows live toolbar\zh-cn\mtbres.dll.mui 08150000[0000A000] [ M] 67. c:\program files\windows live toolbar\mtbres.dll 47190000[00071000] [ M] 68. c:\program files\windows live toolbar\tem.dll 08A70000[00002000] [ M] 69. c:\program files\windows live toolbar\zh-cn\searchboxres.dll.mui 08A80000[0000A000] [ M] 70. c:\program files\windows live toolbar\searchboxres.dll 08A90000[00011000] [ M] 71. c:\program files\windows live toolbar\components\zh-cn\hvres.dll.mui 08AB0000[0000A000] [ M] 72. c:\program files\windows live toolbar\components\hvres.dll 08C90000[00057000] [ M] 73. c:\program files\windows live toolbar\zh-cn\cmres.dll.mui 08CF0000[00004000] [ M] 74. c:\program files\windows live toolbar\cmres.dll 46CE0000[00055000] [ M] 75. c:\program files\windows live favorites\wlfext.dll 08D10000[00002000] [ M] 76. c:\program files\windows live toolbar\zh-cn\msn_slrs.dll.mui 473A0000[00003000] [ M] 77. c:\program files\windows live toolbar\msn_slrs.dll 08D20000[00002000] [ M] 78. c:\program files\windows live toolbar\components\zh-cn\msnextensionres.dll.mui 08D30000[00004000] [ M] 79. c:\program files\windows live toolbar\components\msnextensionres.dll 08D40000[00002000] [ M] 80. c:\program files\windows live toolbar\components\zh-cn\smamenres.dll.mui 09C30000[00002000] [ M] 81. c:\program files\windows live toolbar\components\smamenres.dll 09C40000[00002000] [ M] 82. c:\program files\windows live toolbar\zh-cn\cbres.dll.mui 09C50000[00003000] [ M] 83. c:\program files\windows live toolbar\cbres.dll 47490000[0006B000] [ M] 84. c:\program files\windows live toolbar\components\msnhiliteviewer.dll