瑞星卡卡电脑诊断日志 v1.30 (2007-8-6 17:33:32)  北京瑞星科技股份有限公司

注释:    [A]表示该文件存在自启动关联;
    [M]表示该文件在内存中;

+ 注册表自运行项目
  + 系统服务
    + HKLM\System\CurrentControlSet\Services
      ACS
        [A ] 1. c:\windows\system32\acs.exe

        [AM] 2. c:\windows\system32\athgina.dll


      Ati HotKey Poller
        [AM] 3. c:\windows\system32\ati2evxx.exe


      O2Flash
        [AM] 4. c:\windows\system32\o2flash.exe


      RfwProxySrv
        [A ] 5. c:\program files\rising\rfw\rfwproxy.exe


      RfwService
        [A ] 6. c:\program files\rising\rfw\rfwsrv.exe


      RsCCenter
        [A ] 7. c:\program files\rising\rav\ccenter.exe


      RsRavMon
        [A ] 8. c:\program files\rising\rav\ravmond.exe




  + 内核驱动
    + HKLM\System\CurrentControlSet\Services
      AegisP
        [A ] 9. c:\windows\system32\drivers\aegisp.sys


      AgereSoftModem
        [A ] 10. c:\windows\system32\drivers\agrsm.sys


      AmdK8
        [A ] 11. c:\windows\system32\drivers\amdk8.sys


      ApfiltrService
        [A ] 12. c:\windows\system32\drivers\apfiltr.sys


      AR5211
        [A ] 13. c:\windows\system32\drivers\ar5211.sys


      BaseTDI
        [A ] 14. c:\windows\system32\drivers\basetdi.sys


      bcm4sbxp
        [A ] 15. c:\windows\system32\drivers\bcm4sbxp.sys


      BtnHnd
        [A ] 16. c:\program files\fujitsu\btnhnd\btnhnd.sys


      ExpScaner
        [A ] 17. c:\program files\rising\rav\expscan.sys


      FUJ02B1
        [A ] 18. c:\windows\system32\drivers\fuj02b1.sys


      FUJ02E3
        [A ] 19. c:\windows\system32\drivers\fuj02e3.sys


      HookCont
        [A ] 20. c:\program files\rising\rav\hookcont.sys


      HookReg
        [A ] 21. c:\program files\rising\rav\hookreg.sys


      HookSys
        [A ] 22. c:\program files\rising\rav\hooksys.sys


      HookUrl
        [A ] 23. c:\program files\rising\rfw\hookurl.sys


      MEMSCAN
        [A ] 24. c:\program files\rising\rav\memscan.sys


      mProcRs
        [A ] 25. c:\program files\rising\rfw\mprocrs.sys


      O2MDRDR
        [A ] 26. c:\windows\system32\drivers\o2media.sys


      O2SDRDR
        [A ] 27. c:\windows\system32\drivers\o2sd.sys


      RsAntiSpyware
        [A ] 28. c:\windows\system32\drivers\rsboot.sys


      RsFwDrv
        [A ] 29. c:\program files\rising\rfw\rsfwdrv.sys


      RsNTGDI
        [A ] 30. c:\windows\system32\drivers\rsntgdi.sys


      RSPPSYS
        [A ] 31. c:\program files\rising\rav\rsppsys.sys


      Secdrv
        [A ] 32. c:\windows\system32\drivers\secdrv.sys


      STAC97
        [A ] 33. c:\windows\system32\drivers\stac97.sys




  + 系统登陆自运行
    + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
      AtiExtEvent
        [AM] 34. c:\windows\system32\ati2evxx.dll




  + IE浏览器加载模块
    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
      {2F364306-AA45-47B5-9F9D-39A8B94E7EF7}
        [A ] 35. d:\flashget\jccatch.dll


      {F156768E-81EF-470C-9057-481BA8380DBA}
        [A ] 36. d:\flashget\getflash.dll



    + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
      Exec
        [A ] 37. d:\flashget\flashget.exe


      Exec
        [A ] 38. c:\program files\messenger\msmsgs.exe




  + 资源管理器加载模块
    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
      HyperTerminal Icon Ext
        [A ] 39. c:\windows\system32\hticons.dll


      RISING
        [AM] 40. c:\windows\system32\ravext.dll


      WinRAR shell extension
        [AM] 41. c:\program files\winrar\rarext.dll


      Web Folders
        [A ] 42. c:\program files\common files\microsoft shared\web folders\msonsext.dll




  + 用户登陆自运行项目
    + HKLM\Software\Microsoft\Windows\CurrentVersion\Run
      AGRSMMSG
        [AM] 43. c:\windows\agrsmmsg.exe


      LtMoh
        [AM] 44. c:\program files\ltmoh\ltmoh.exe


      Apoint
        [AM] 45. c:\program files\apoint2k\apoint.exe


      ATIPTA
        [AM] 46. c:\program files\ati technologies\ati control panel\atiptaxx.exe


      ACU
        [AM] 47. c:\program files\atheros\acu.exe


      IndicatorUtility
        [AM] 48. c:\program files\fujitsu\fujitsu hotkey utility\indicatoruty.exe


      LoadFujitsuQuickTouch
        [AM] 49. c:\program files\fujitsu\application panel\quicktouch.exe


      LoadBtnHnd
        [AM] 50. c:\program files\fujitsu\btnhnd\btnhnd.exe


      LoadFUJ02E3
        [AM] 51. c:\program files\fujitsu\fuj02e3\fuj02e3.exe


      RavTask
        [A ] 52. c:\program files\rising\rav\ravtask.exe


      RfwMain
        [A ] 53. c:\program files\rising\rfw\rfwmain.exe


      StormCodec_Helper
        [A ] 54. d:\storm codec\stormset.exe



    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
      KKDelay
        [A ] 55. c:\program files\rising\antispyware\runonce.exe




  + 开机执行
    + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
      BootExecute
        [A ] 56. c:\windows\system32\bsmain.exe

        [A ] 57. c:\windows\system32\kknative.exe





+ 正在运行的进程
  + 000000e4(228) RavStub.exe
    00400000[00018000]
      [ M] 58. c:\program files\rising\rav\ravstub.exe


    10000000[0001B000]
      [ M] 59. c:\program files\rising\rav\rscommx.dll


    23700000[0001A000]
      [ M] 60. c:\program files\rising\rav\rscommon.dll



  + 00000140(320) hypwise.exe
    00400000[0002B000]
      [ M] 61. d:\dzh\internet\hypwise.exe


    5F400000[000F2000]
      [ M] 62. d:\dzh\internet\mfc42.dll



  + 000001a4(420) smss.exe

  + 00000210(528) Apoint.exe
    00400000[0002A000]
      [AM] 45. c:\program files\apoint2k\apoint.exe


    10000000[00010000]
      [ M] 63. c:\windows\system32\vxdif.dll


    00AF0000[0009A000]
      [ M] 64. c:\program files\apoint2k\apoint.dll


    00BB0000[00011000]
      [ M] 65. c:\program files\apoint2k\ezauto.dll


    00BE0000[0000E000]
      [ M] 66. c:\program files\apoint2k\aprotion.dll


    00CB0000[00034000]
      [ M] 67. c:\program files\apoint2k\ezlaunch.dll



  + 000002e4(740) csrss.exe

  + 00000300(768) winlogon.exe
    10000000[00019000]
      [AM] 34. c:\windows\system32\ati2evxx.dll


    72C80000[00008000]
      [ M] 68. c:\windows\system32\msacm32.drv


    01200000[0000C000]
      [AM] 2. c:\windows\system32\athgina.dll


    01AE0000[00059000]
      [ M] 69. c:\windows\system32\athcfg11.dll


    01530000[00012000]
      [ M] 70. c:\windows\system32\athcfg11res.dll



  + 0000032c(812) services.exe

  + 00000338(824) lsass.exe

  + 000003d0(976) Ati2evxx.exe
    00400000[0006E000]
      [AM] 3. c:\windows\system32\ati2evxx.exe


    003E0000[0000C000]
      [ M] 71. c:\windows\system32\ati2edxx.dll



  + 000003dc(988) svchost.exe

  + 00000438(1080) svchost.exe

  + 000004d8(1240) svchost.exe

  + 0000050c(1292) svchost.exe

  + 000005a4(1444) o2flash.exe
    00400000[0000A000]
      [AM] 4. c:\windows\system32\o2flash.exe



  + 0000060c(1548) svchost.exe

  + 00000794(1940) spoolsv.exe
    00E20000[00008000]
      [ M] 72. c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll



  + 000007d0(2000) Ltmoh.exe
    00400000[0002E000]
      [AM] 44. c:\program files\ltmoh\ltmoh.exe


    10000000[0001B000]
      [ M] 73. c:\program files\ltmoh\mohapi.dll



  + 00000830(2096) IndicatorUty.exe
    00400000[00015000]
      [AM] 48. c:\program files\fujitsu\fujitsu hotkey utility\indicatoruty.exe


    72C80000[00008000]
      [ M] 68. c:\windows\system32\msacm32.drv


    10000000[00007000]
      [ M] 74. c:\program files\fujitsu\fujitsu hotkey utility\vfuj02b1.dll


    00CC0000[00017000]
      [ M] 75. c:\program files\fujitsu\fujitsu hotkey utility\brightmgr.dll



  + 00000884(2180) conime.exe

  + 00000940(2368) atiptaxx.exe
    00400000[00056000]
      [AM] 46. c:\program files\ati technologies\ati control panel\atiptaxx.exe


    10000000[00040000]
      [ M] 76. c:\program files\ati technologies\ati control panel\atipdsxx.dll


    00B30000[0001A000]
      [ M] 77. c:\program files\ati technologies\ati control panel\atrpuixx.chs


    00D60000[00013000]
      [ M] 78. c:\program files\ati technologies\ati control panel\atipdxxx.dll



  + 00000984(2436) ctfmon.exe

  + 000009b8(2488) AGRSMMSG.exe
    00400000[0001B000]
      [AM] 43. c:\windows\agrsmmsg.exe



  + 00000a58(2648) Ati2evxx.exe
    00400000[0006E000]
      [AM] 3. c:\windows\system32\ati2evxx.exe


    003E0000[0000C000]
      [ M] 71. c:\windows\system32\ati2edxx.dll



  + 00000aac(2732) dwwin.exe

  + 00000b24(2852) Explorer.EXE
    72C80000[00008000]
      [ M] 68. c:\windows\system32\msacm32.drv


    10000000[00007000]
      [ M] 74. c:\program files\fujitsu\fujitsu hotkey utility\vfuj02b1.dll


    23700000[0001A000]
      [ M] 60. c:\program files\rising\rav\rscommon.dll


    02AB0000[0002B000]
      [AM] 41. c:\program files\winrar\rarext.dll


    01FA0000[0001B000]
      [AM] 40. c:\windows\system32\ravext.dll



  + 00000b5c(2908) HidFind.exe
    00400000[0000B000]
      [ M] 79. c:\program files\apoint2k\hidfind.exe



  + 00000ba8(2984) alg.exe

  + 00000c58(3160) FUJ02E3.exe
    00400000[00012000]
      [AM] 51. c:\program files\fujitsu\fuj02e3\fuj02e3.exe



  + 00000ca0(3232) BtnHnd.exe
    00400000[0000F000]
      [AM] 50. c:\program files\fujitsu\btnhnd\btnhnd.exe


    10000000[0001D000]
      [ M] 80. c:\program files\fujitsu\btnhnd\btnhnd.dll



  + 00000d88(3464) ACU.exe
    00400000[00046000]
      [AM] 47. c:\program files\atheros\acu.exe


    10000000[00038000]
      [ M] 81. c:\windows\system32\wcapi.dll


    00380000[00059000]
      [ M] 69. c:\windows\system32\athcfg11.dll


    00450000[00012000]
      [ M] 70. c:\windows\system32\athcfg11res.dll


    00470000[00037000]
      [ M] 82. c:\windows\system32\wgapi.dll


    00D80000[00016000]
      [ M] 83. c:\program files\atheros\oemres.dll



  + 00000f20(3872) QuickTouch.exe
    00400000[00040000]
      [AM] 49. c:\program files\fujitsu\application panel\quicktouch.exe


    10000000[00038000]
      [ M] 84. c:\program files\fujitsu\application panel\quickmail.dll


    01020000[00013000]
      [ M] 85. c:\program files\fujitsu\application panel\cdplayer.dll


    01050000[0001E000]
      [ M] 86. c:\program files\fujitsu\application panel\scrollbutton.dll


    72C80000[00008000]
      [ M] 68. c:\windows\system32\msacm32.drv



  + 00000f60(3936) Apntex.exe
    00400000[0000B000]
      [ M] 87. c:\program files\apoint2k\apntex.exe


    10000000[00010000]
      [ M] 63. c:\windows\system32\vxdif.dll



  + 00000f6c(3948) Ras.exe
    00400000[0013F000]
      [ M] 88. c:\program files\rising\antispyware\ras.exe


    10000000[000A3000]
      [ M] 89. c:\program files\rising\antispyware\rasgui.dll