瑞星卡卡电脑诊断日志 v1.30 (2008-1-11 2:17:19)  北京瑞星科技股份有限公司

注释:    [A]表示该文件存在自启动关联;
    [M]表示该文件在内存中;

+ 注册表自运行项目
  + 系统服务
    + HKLM\System\CurrentControlSet\Services
      aspnet_state
        [A ] 1. d:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe


      Ati HotKey Poller
        [AM] 2. d:\windows\system32\ati2evxx.exe


      ATI Smart
        [A ] 3. d:\windows\system32\ati2sgag.exe


      clr_optimization_v2.0.50727_32
        [A ] 4. d:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe


      WMConnectCDS
        [A ] 5. d:\program files\windows media connect 2\wmccds.exe


      WMPNetworkSvc
        [A ] 6. d:\program files\windows media player\wmpnetwk.exe


      WudfSvc
        [A ] 7. d:\windows\system32\wudfsvc.dll




  + 内核驱动
    + HKLM\System\CurrentControlSet\Services
      EagleNT
        [A ] 8. d:\windows\system32\drivers\eaglent.sys


      HDAudBus
        [A ] 9. d:\windows\system32\drivers\hdaudbus.sys


      IntcAzAudAddService
        [A ] 10. d:\windows\system32\drivers\rtkhdaud.sys


      RsAntiSpyware
        [A ] 11. d:\windows\system32\drivers\rsboot.sys


      RTL8023xp
        [A ] 12. d:\windows\system32\drivers\rtnicxp.sys


      Secdrv
        [A ] 13. d:\windows\system32\drivers\secdrv.sys


      WudfPf
        [A ] 14. d:\windows\system32\drivers\wudfpf.sys


      WudfRd
        [A ] 15. d:\windows\system32\drivers\wudfrd.sys




  + 系统登陆自运行
    + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
      AtiExtEvent
        [AM] 16. d:\windows\system32\ati2evxx.dll




  + 资源管理器加载模块
    + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
      application/octet-stream
        [A ] 17. d:\windows\system32\mscoree.dll


      application/x-complus
        [A ] 17. d:\windows\system32\mscoree.dll


      application/x-msdownload
        [A ] 17. d:\windows\system32\mscoree.dll



    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
      HyperTerminal Icon Ext
        [A ] 18. d:\windows\system32\hticons.dll


      Portable Media Devices
        [A ] 19. d:\windows\system32\audiodev.dll


      Portable Devices
        [A ] 20. d:\windows\system32\wpdshext.dll


      Portable Devices Menu
        [A ] 20. d:\windows\system32\wpdshext.dll


      ShellLink for Application References
        [A ] 21. d:\windows\system32\dfshim.dll


      Shell Icon Handler for Application References
        [A ] 21. d:\windows\system32\dfshim.dll


      Catalyst Context Menu extension
        [A ] 22. d:\program files\ati technologies\ati.ace\atiacmxx.dll


      WinRAR shell extension
        [A ] 23. d:\program files\winrar\rarext.dll


      Microsoft Outlook Custom Icon Handler
        [A ] 24. d:\program files\microsoft office\office\olkfstub.dll



    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
      {AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}
        [A ] 25. d:\windows\system32\shlhook.dll




  + 用户登陆自运行项目
    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
      KKDelay
        [A ] 26. d:\program files\rising\antispyware\runonce.exe




  + 开机执行
    + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
      BootExecute
        [A ] 27. d:\windows\system32\kknative.exe




  + 映像劫持
    + HKCR\.html
      htmlfile\Edit\Command
        [A ] 28. d:\program files\microsoft office\office\msohtmed.exe


      htmlfile\Print\Command
        [A ] 28. d:\program files\microsoft office\office\msohtmed.exe



    + HKCR\.htm
      htmlfile\Edit\Command
        [A ] 28. d:\program files\microsoft office\office\msohtmed.exe


      htmlfile\Print\Command
        [A ] 28. d:\program files\microsoft office\office\msohtmed.exe





+ 正在运行的进程
  + 00000290(656) smss.exe

  + 000002c8(712) csrss.exe

  + 000002e4(740) winlogon.exe
    10000000[0001D000]
      [AM] 16. d:\windows\system32\ati2evxx.dll


    72C80000[00008000]
      [ M] 29. d:\windows\system32\msacm32.drv



  + 00000310(784) services.exe

  + 0000031c(796) lsass.exe

  + 000003d0(976) Ati2evxx.exe
    00400000[00070000]
      [AM] 2. d:\windows\system32\ati2evxx.exe


    00CA0000[00010000]
      [ M] 30. d:\windows\system32\ati2edxx.dll


    10000000[0001F000]
      [ M] 31. d:\windows\system32\atipdlxx.dll



  + 000003e4(996) svchost.exe

  + 00000424(1060) svchost.exe

  + 00000488(1160) svchost.exe

  + 000004e8(1256) svchost.exe

  + 00000528(1320) svchost.exe

  + 0000056c(1388) Ati2evxx.exe
    00400000[00070000]
      [AM] 2. d:\windows\system32\ati2evxx.exe


    00CF0000[00010000]
      [ M] 30. d:\windows\system32\ati2edxx.dll


    10000000[0001F000]
      [ M] 31. d:\windows\system32\atipdlxx.dll


    00D20000[0001D000]
      [AM] 16. d:\windows\system32\ati2evxx.dll



  + 000005a4(1444) alg.exe

  + 00000628(1576) spoolsv.exe

  + 00000724(1828) Explorer.EXE
    72C80000[00008000]
      [ M] 29. d:\windows\system32\msacm32.drv



  + 00000b54(2900) iexplore.exe
    72C80000[00008000]
      [ M] 29. d:\windows\system32\msacm32.drv


    30000000[003AE000]
      [ M] 32. d:\windows\system32\macromed\flash\flash9e.ocx



  + 00000b94(2964) Ras.exe
    00400000[00170000]
      [ M] 33. d:\program files\rising\antispyware\ras.exe


    780C0000[00061000]
      [ M] 34. d:\program files\rising\antispyware\msvcp60.dll


    10000000[00013000]
      [ M] 35. d:\program files\rising\antispyware\topsoft.dll


    7C140000[00103000]
      [ M] 36. d:\program files\rising\antispyware\mfc71.dll


    7C340000[00056000]
      [ M] 37. d:\program files\rising\antispyware\msvcr71.dll


    7C3A0000[0007B000]
      [ M] 38. d:\program files\rising\antispyware\msvcp71.dll


    00DD0000[000BD000]
      [ M] 39. d:\program files\rising\antispyware\rasgui.dll


    72C80000[00008000]
      [ M] 29. d:\windows\system32\msacm32.drv



  + 00000c4c(3148) QQ.exe
    00400000[001C5000]
      [ M] 40. d:\program files\tencent\qq\qq.exe


    10000000[0027A000]
      [ M] 41. d:\program files\tencent\qq\qqbaseclassindll.dll


    005D0000[000C0000]
      [ M] 42. d:\program files\tencent\qq\qqhelperdll.dll


    00380000[00074000]
      [ M] 43. d:\program files\tencent\qq\basicctrldll.dll


    60A80000[000F2000]
      [ M] 44. d:\program files\tencent\qq\mfc42.dll


    623B0000[00005000]
      [ M] 45. d:\program files\tencent\qq\riched32.dll


    62340000[00068000]
      [ M] 46. d:\program files\tencent\qq\riched20.dll


    61340000[0003A000]
      [ M] 47. d:\program files\tencent\qq\qqapi.dll


    62500000[00007000]
      [ M] 48. d:\program files\tencent\qq\timproxy.dll


    01460000[0003C000]
      [ M] 49. d:\program files\tencent\qq\loginctrl.dll


    608D0000[0009A000]
      [ M] 50. d:\program files\tencent\qq\loginctrlres.dll


    01940000[00562000]
      [ M] 51. d:\program files\tencent\qq\qqres.dll


    61890000[0009A000]
      [ M] 52. d:\program files\tencent\qq\qqmainframe.dll


    60400000[001A3000]
      [ M] 53. d:\program files\tencent\qq\gdiplus.dll


    01500000[00020000]
      [ M] 54. d:\program files\tencent\qq\unreadmsgmgr.dll


    028C0000[00138000]
      [ M] 55. d:\program files\tencent\qq\cqqapplication.dll


    603C0000[0003F000]
      [ M] 56. d:\program files\tencent\qq\flashavatardll.dll


    60C20000[0005F000]
      [ M] 57. d:\program files\tencent\qq\newskin.dll


    02B40000[00032000]
      [ M] 58. d:\program files\tencent\qq\mailsummary.dll


    61840000[00017000]
      [ M] 59. d:\program files\tencent\qq\qqknowledgesearch.dll


    03170000[0022C000]
      [ M] 60. d:\program files\tencent\qq\qqallinone.dll


    623E0000[0002B000]
      [ M] 61. d:\program files\tencent\qq\sccore.dll


    60140000[00034000]
      [ M] 62. d:\program files\tencent\qq\cameradll.dll


    621F0000[00025000]
      [ M] 63. d:\program files\tencent\qq\qqspace.dll


    62570000[00071000]
      [ M] 64. d:\program files\tencent\qq\vbscript.dll


    61700000[00071000]
      [ M] 65. d:\program files\tencent\qq\qqgroupmng.dll


    03DD0000[0003E000]
      [ M] 66. d:\program files\tencent\qq\qqsysmsgmng.dll


    62550000[00017000]
      [ M] 67. d:\program files\tencent\qq\userdefinedhead.dll


    03E10000[00115000]
      [ M] 68. d:\program files\tencent\qq\qqplugin.dll


    03F30000[00079000]
      [ M] 69. d:\program files\tencent\qq\qqsettingctrl.dll


    61A30000[0002B000]
      [ M] 70. d:\program files\tencent\qq\qqpet.dll


    01FB0000[0000E000]
      [ M] 71. d:\program files\tencent\qq\qqconfigplugin.dll


    61380000[0003D000]
      [ M] 72. d:\program files\tencent\qq\qqavatar.dll


    04100000[00055000]
      [ M] 73. d:\program files\tencent\qq\qqcustomface.dll


    62320000[00016000]
      [ M] 74. d:\program files\tencent\qq\qringmng.dll


    72C80000[00008000]
      [ M] 29. d:\windows\system32\msacm32.drv


    05260000[000A8000]
      [ M] 75. d:\program files\tencent\qq\longconnection.dll


    60D20000[00026000]
      [ M] 76. d:\program files\tencent\qq\phoneapi.dll


    60370000[0000D000]
      [ M] 77. d:\program files\tencent\qq\dialerallinone.dll


    60120000[0001F000]
      [ M] 78. d:\program files\tencent\qq\bqqapplication.dll


    60180000[0004F000]
      [ M] 79. d:\program files\tencent\qq\commercesmng.dll


    03CD0000[0000F000]
      [ M] 80. d:\program files\tencent\qq\personaldesktop.dll


    056A0000[00286000]
      [ M] 81. d:\program files\tencent\qq\qqaddr.dll


    62130000[0002D000]
      [ M] 82. d:\program files\tencent\qq\qqscenemng.dll



  + 00000c80(3200) TIMPlatform.exe
    00400000[00013000]
      [ M] 83. d:\program files\tencent\qq\timplatform.exe


    62500000[00007000]
      [ M] 48. d:\program files\tencent\qq\timproxy.dll
www.nrbq120.com.cn
www.gxy021.cn
2个广告程序网址

有能帮上忙的没！！  求助啊！！

怎么就没高手来指点一下呢！！