瑞星卡卡安全论坛

Logfile of Kaka v2. 0. 0. 9 Scan Module v2. 0. 0. 1
Scan saved at 09:17:59, on 2006-06-23
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


Running processes:
[smss.exe]
CommandLine =

[csrss.exe]
CommandLine = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

[winlogon.exe]
CommandLine = winlogon.exe

[SERVICES.EXE]
CommandLine = C:\WINDOWS\system32\services.exe

[LSASS.EXE]
CommandLine = C:\WINDOWS\system32\lsass.exe

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k DcomLaunch

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k rpcss

[CCenter.exe]
CommandLine = "C:\Program Files\Rising\Rav\CCenter.exe"

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k netsvcs

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost.exe -k NetworkService

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost.exe -k LocalService

[RavMonD.exe]
CommandLine = "C:\Program Files\Rising\Rav\Ravmond.exe"

[rfwsrv.exe]
CommandLine = "c:\program files\rising\rfw\rfwsrv.exe"

[spoolsv.exe]
CommandLine = C:\WINDOWS\system32\spoolsv.exe

[RavStub.exe]
CommandLine = "C:\Program Files\Rising\Rav\RavStub.exe" /RAVMOND

[CDAC11BA.EXE]
CommandLine = C:\WINDOWS\system32\drivers\CDAC11BA.EXE

[wdfmgr.exe]
CommandLine = C:\WINDOWS\system32\wdfmgr.exe

[uphclean.exe]
CommandLine = "C:\Program Files\UPHClean\uphclean.exe"

[alg.exe]
CommandLine = C:\WINDOWS\System32\alg.exe

[EXPLORER.EXE]
CommandLine = C:\WINDOWS\Explorer.EXE

[RfwMain.exe]
CommandLine =  -StartUp

[realsched.exe]
CommandLine = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot

[SOUNDMAN.EXE]
CommandLine = "C:\WINDOWS\SOUNDMAN.EXE"

[RavTask.exe]
CommandLine = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM

[RavMon.exe]
CommandLine = "C:\Program Files\Rising\Rav\Ravmon.exe" -SYSTEM

[SysExplr.exe]
CommandLine = "C:\Herosoft\HeroV8\SYSEXPLR.EXE"

[hpztsb10.exe]
CommandLine = "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe"

[hpcmpmgr.exe]
CommandLine = "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

[hpwuSchd2.exe]
CommandLine = "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"

[ctfmon.exe]
CommandLine = "C:\WINDOWS\system32\ctfmon.exe"

[RsAgent.exe]
CommandLine = "C:\Program Files\Rising\Rav\RsAgent.exe"

[AgentSvr.exe]
CommandLine = C:\WINDOWS\msagent\AgentSvr.exe -Embedding

[Rav.exe]
CommandLine = "C:\Program Files\Rising\Rav\Rav.exe"

[iexplore.exe]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding

[WINWORD.EXE]
CommandLine = "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE"  /n /dde

[KkScan.exe]
CommandLine = "C:\Program Files\Rising\KakaToolBar\KkScan.exe"

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.baidu.com/
R3 - Default URLSearchHook is missing
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v14.dll
O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DESKAD~1\deskipn.dll
O2 - BHO: ChajianHelper Class - {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} - C:\WINDOWS\system32\SYSREA~1.DLL
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS\system32\wmpdrm.dll (file missing)
O2 - BHO: MyIEHelper Class - {16A770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4607.dll
O2 - BHO: KmediaHelper Class - {42D25F15-CF07-4A72-B191-DB0792BF310C} - C:\WINDOWS\system32\Kmedia.dll
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar:  (file missing)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} -