瑞星卡卡电脑诊断日志 v1.20 (2007-7-11 10:45:4) 北京瑞星科技股份有限公司
注释:[A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ Win32 Services
+ HKLM\System\CurrentControlSet\Services
C-DillaCdaC11BA
[AM] 1. c:\windows\system32\drivers\cdac11ba.exe
ose
[AM] 2. c:\program files\common files\microsoft shared\source engine\ose.exe
RfwProxySrv
[A ] 3. d:\program files\rising\rfw\rfwproxy.exe
RfwService
[A ] 4. d:\program files\rising\rfw\rfwsrv.exe
RsCCenter
[A ] 5. d:\program files\rising\rav\ccenter.exe
RsRavMon
[A ] 6. d:\program files\rising\rav\ravmond.exe
+ Kernel Drivers
+ HKLM\System\CurrentControlSet\Services
BaseTDI
[A ] 7. c:\windows\system32\drivers\basetdi.sys
CdaC15BA
[A ] 8. c:\windows\system32\drivers\cdac15ba.sys
ExpScaner
[A ] 9. d:\program files\rising\rav\expscan.sys
HookCont
[A ] 10. d:\program files\rising\rav\hookcont.sys
HookReg
[A ] 11. d:\program files\rising\rav\hookreg.sys
HookSys
[A ] 12. d:\program files\rising\rav\hooksys.sys
HookUrl
[A ] 13. d:\program files\rising\rfw\hookurl.sys
IdeBusDr
[A ] 14. c:\windows\system32\drivers\idebusdr.sys
IdeChnDr
[A ] 15. c:\windows\system32\drivers\idechndr.sys
MEMSCAN
[A ] 16. d:\program files\rising\rav\memscan.sys
mProcRs
[A ] 17. d:\program files\rising\rfw\mprocrs.sys
npkcrypt
[A ] 18. d:\program files\qq\npkcrypt.sys
RsAntiSpyware
[A ] 19. c:\windows\system32\drivers\rsboot.sys
RsFwDrv
[A ] 20. d:\program files\rising\rfw\rsfwdrv.sys
RsNTGDI
[A ] 21. c:\windows\system32\drivers\rsntgdi.sys
RSPPSYS
[A ] 22. d:\program files\rising\rav\rsppsys.sys
Secdrv
[A ] 23. c:\windows\system32\drivers\secdrv.sys
ZSMC303
[A ] 24. c:\windows\system32\drivers\usbvm303.sys
+ File System Drivers
+ HKLM\System\CurrentControlSet\Services
vcdrom
[A ] 25. d:\program files\虚拟光驱\vcdrom.sys
+ Explorer
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
text/xml
[A ] 26. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
mso-offdap
[A ] 27. c:\program files\common files\microsoft shared\web components\10\owc10.dll
mso-offdap11
[A ] 28. c:\program files\common files\microsoft shared\web components\11\owc11.dll
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 29. c:\windows\system32\hticons.dll
RISING
[AM] 30. c:\windows\system32\ravext.dll
WinRAR shell extension
[A ] 31. d:\program files\winrar\rarext.dll
AutoCAD 数字签名图标覆盖处理程序
[AM] 32. c:\windows\system32\acsignicon.dll
Autodesk Drawing Preview
[A ] 33. c:\program files\common files\autodesk shared\thumbnail\acthumbnail16.dll
Web Folders
[A ] 34. c:\program files\common files\microsoft shared\web folders\msonsext.dll
Microsoft Office Outlook Desktop Icon Handler
[A ] 35. d:\program files\microsoft office\office11\mlshext.dll
Microsoft Office Outlook Custom Icon Handler
[A ] 36. d:\program files\microsoft office\office11\olkfstub.dll
Microsoft Office HTML Icon Handler
[A ] 37. d:\program files\microsoft office\office11\msohev.dll
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{32CD708B-60A7-4C00-9377-D73EAA495F0F}
[AM] 30. c:\windows\system32\ravext.dll
+ Logon
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
RavTask
[A ] 38. d:\program files\rising\rav\ravtask.exe
RfwMain
[AM] 39. d:\program files\rising\rfw\rfwmain.exe
IMSCMig
[A ] 40. c:\program files\common files\microsoft shared\ime\imsc40a\imscmig.exe
runeip
[AM] 41. d:\program files\rising\antispyware\runiep.exe
+ Boot Execute
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 42. c:\windows\system32\bsmain.exe
+ Image Hijacks
+ HKCR\.exe
exefile\启用/禁用数字签名图标\Command
[A ] 43. c:\windows\system32\acsignopt.exe
+ HKCR\.html
htmlfile\Edit\Command
[A ] 44. d:\program files\microsoft office\office11\msohtmed.exe
htmlfile\Print\Command
[A ] 44. d:\program files\microsoft office\office11\msohtmed.exe
+ HKCR\.htm
htmlfile\Edit\Command
[A ] 44. d:\program files\microsoft office\office11\msohtmed.exe
htmlfile\Print\Command
[A ] 44. d:\program files\microsoft office\office11\msohtmed.exe
+ HKCR\.mp3
mplayerc.mp3\open\Command
[A ] 45. d:\program files\ringz studio\storm codec\mplayerc.exe
mplayerc.mp3\play_enqueue\Command
[A ] 45. d:\program files\ringz studio\storm codec\mplayerc.exe
+ Print Monitor
+ HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
Microsoft Document Imaging Writer Monitor
[AM] 46. c:\windows\system32\mdimon.dll
+ 系统活动模块
+ 000000ac(172) alg.exe
+ 000000f4(244) wscntfy.exe
10000000[0001B000]
[ M] 47. d:\program files\rising\antispyware\ieprot.dll
+ 00000218(536) smss.exe
+ 00000268(616) csrss.exe
+ 00000280(640) winlogon.exe
72C80000[00008000]
[ M] 48. c:\windows\system32\msacm32.drv
+ 000002ac(684) services.exe
+ 000002b0(688) runiep.exe
00400000[00012000]
[AM] 41. d:\program files\rising\antispyware\runiep.exe
00BF0000[0001B000]
[ M] 47. d:\program files\rising\antispyware\ieprot.dll
+ 000002b8(696) lsass.exe
+ 000002fc(764) CDAC11BA.EXE
00400000[00012000]
[AM] 1. c:\windows\system32\drivers\cdac11ba.exe
+ 00000350(848) svchost.exe
+ 000003a0(928) svchost.exe
+ 000003d0(976) svchost.exe
+ 00000410(1040) svchost.exe
+ 00000448(1096) svchost.exe
+ 00000504(1284) svchost.exe
+ 00000588(1416) Explorer.EXE
62830000[00026000]
[AM] 32. c:\windows\system32\acsignicon.dll
10000000[0001B000]
[AM] 30. c:\windows\system32\ravext.dll
628E0000[00039000]
[ M] 49. c:\program files\common files\autodesk shared\acsigncore16.dll
01680000[0001B000]
[ M] 47. d:\program files\rising\antispyware\ieprot.dll
72C80000[00008000]
[ M] 48. c:\windows\system32\msacm32.drv
+ 000005a0(1440) ctfmon.exe
10000000[0001B000]
[ M] 47. d:\program files\rising\antispyware\ieprot.dll
+ 000005a8(1448) mmc.exe
10000000[0001B000]
[ M] 47. d:\program files\rising\antispyware\ieprot.dll
+ 00000690(1680) spoolsv.exe
009D0000[00008000]
[AM] 46. c:\windows\system32\mdimon.dll
009E0000[00008000]
[ M] 50. c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
+ 00000754(1876) RfwMain.exe
00400000[00073000]
[AM] 39. d:\program files\rising\rfw\rfwmain.exe
26600000[0007D000]
[ M] 51. d:\program files\rising\rfw\rsguilib.dll
23700000[0001A000]
[ M] 52. d:\program files\rising\rfw\rscommon.dll
10000000[0000F000]
[ M] 53. d:\program files\rising\rfw\rfwctrl.dll
23800000[0001A000]
[ M] 54. d:\program files\rising\rfw\rsxml.dll
23900000[00031000]
[ M] 55. d:\program files\rising\rfw\pngdll.dll
012C0000[0001B000]
[ M] 47. d:\program files\rising\antispyware\ieprot.dll
+ 00000848(2120) DfrgNtfs.exe
10000000[0001B000]
[ M] 47. d:\program files\rising\antispyware\ieprot.dll
+ 00000950(2384) xfd3dp3dd.exe
00400000[0007B000]
[ M] 56. d:\program files\小飞刀3d-p3定胆专家\xfd3dp3dd.exe
73390000[00154000]
[ M] 57. c:\windows\system32\msvbvm60.dll
66630000[0001C000]
[ M] 58. c:\windows\system32\vb6chs.dll
10000000[0001B000]
[ M] 47. d:\program files\rising\antispyware\ieprot.dll
20DA0000[0003D000]
[ M] 59. c:\windows\system32\msflxgrd.ocx
212F0000[00033000]
[ M] 60. c:\windows\system32\tabctl32.ocx
217A0000[00023000]
[ M] 61. c:\windows\system32\comdlg32.ocx
+ 00000e04(3588) Ras.exe
00400000[0013D000]
[ M] 62. d:\program files\rising\antispyware\ras.exe
10000000[000A0000]
[ M] 63. d:\program files\rising\antispyware\rasgui.dll
01240000[0001B000]
[ M] 47. d:\program files\rising\antispyware\ieprot.dll
+ 00000f8c(3980) OSE.EXE
30000000[00017000]
[AM] 2. c:\program files\common files\microsoft shared\source engine\ose.exe
