瑞星防火墙，监控器都无法打开有卡卡日志在线等 bbs.ikaka.com

一念之差 - 2007-7-11 14:46:00

瑞星卡卡电脑诊断日志 v1.20 (2007-7-11 14:27:9) 北京瑞星科技股份有限公司

注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;

+ 注册表自运行项目
+ Win32 Services
+ HKLM\System\CurrentControlSet\Services
RfwService
[A ] 1. d:\program files\rising\rfw\rfwsrv.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Service
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 70 AC 41 00 68 50 94 41 00 64
RsCCenter
[A ] 2. c:\program files\rising\rav\ccenter.exe
Beijing Rising Technology Co., Ltd.
CCenter
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 C8 26 41 00 68 D8 AB 40 00 64
+ Kernel Drivers
+ HKLM\System\CurrentControlSet\Services
ALCXWDM
[A ] 3. c:\windows\system32\drivers\alcxwdm.sys
Realtek Semiconductor Corp.
Realtek AC'97 Audio Driver (WDM)
.text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc,
A1 60 85 18 00 85 C0 B9 4E E6 40 BB 74 04 3B C1
BaseTDI
[A ] 4. c:\windows\system32\drivers\basetdi.sys
Beijing Rising Technology Co., Ltd.
basetdi
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 14 53 56 57 E8 13 04 00 00 8B 35
ExpScaner
[A ] 5. c:\program files\rising\rav\expscan.sys
HookCont
[A ] 6. c:\program files\rising\rav\hookcont.sys
HookReg
[A ] 7. c:\program files\rising\rav\hookreg.sys
HookSys
[A ] 8. c:\program files\rising\rav\hooksys.sys
kaljmfs
[A ] 9. c:\windows\system32\drivers\kaljmfs.sys
北京三七二一科技有限公司
sys 应用程序
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 18 C6 05 E8 22 02 00 31 C6 05 E9
kmsinput
[A ] 10. c:\windows\system32\drivers\kmsinput.sys
.text,.data,INIT,.reloc,
83 EC 60 B9 08 00 00 00 8D 44 24 10 53 56 57 BE
KRegEx
[A ] 11. c:\progra~1\kv2006\kregex.sys
KvMemon
[A ] 12. c:\progra~1\kv2006\kvmemon.sys
MEMSCAN
[A ] 13. c:\program files\rising\rav\memscan.sys
npkcrypt
[A ] 14. d:\program files\tencent\qq\npkcrypt.sys
INCA Internet Co., Ltd.
nProtect KeyCrypt Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
51 53 56 E8 6F 2C 00 00 A3 28 46 01 00 E8 EC 2B
PProtect
[A ] 15. c:\progra~1\kv2006\pprotect.sys
ScbkEx
[A ] 16. c:\windows\scdriver\scbkex.sys
.text,.rdata,.data,PAGE,INIT,.reloc,
53 56 57 68 80 7B 01 00 E8 9D AB FF FF 8B 74 24
Secdrv
[A ] 17. c:\windows\system32\drivers\secdrv.sys
.text,.data,INIT,.reloc,
55 8B EC 83 EC 10 53 56 57 E8 E4 A3 FF FF 89 45
SSFltPT
[A ] 18. c:\windows\scdriver\ssfltpt.sys
.text,.rdata,.data,PAGE,INIT,.reloc,
56 57 68 A0 1C 01 00 FF 15 78 16 01 00 8B 74 24
viagfx
[A ] 19. c:\windows\system32\drivers\vtmini.sys
Copyright (C) VIA/S3 Graphics Co, Ltd.
VIA/S3G Miniport Driver
.text,_TVBIOSD,_MISC,_FOCUSTV,.rdata,.data,PAGE,PAGE,INIT,.rsrc,.reloc,
55 8B EC 83 EC 54 56 6A 54 5E 56 8D 45 AC 50 C7
ZSMC302
[A ] 20. c:\windows\system32\drivers\usbvm302.sys
VM
Video streaming and Capture Device Driver
.text,.data,.data1,PAGECONS,INIT,.rsrc,.reloc,
68 C4 1B 01 00 6A 04 68 C0 06 00 00 FF 74 24 14

一念之差 - 2007-7-11 14:52:00

+ File System Drivers
+ HKLM\System\CurrentControlSet\Services
jrbcagex
[A ] 21. c:\windows\system32\drivers\jrbcagex.sys
Yahoo! China Corporation
.text,.rdata,.data,INIT,.rsrc,.reloc,
ScCchMgr
[A ] 22. c:\windows\scdriver\sccchmgr.sys
.text,.rdata,.data,PAGE,INIT,.reloc,
55 8B EC 83 EC 48 53 56 57 E8 6C FE FF FF E8 3B
SSCFLT
[A ] 23. c:\windows\scdriver\sscflt.sys
Windows (R) 2000 DDK provider
File System Filter Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 54 53 56 8B 75 08 57 8D 45 FC 50
+ Internet Explorer
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
[AM] 24. c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
Adobe Systems Incorporated
Adobe Acrobat IE Helper Version 7.0 for ActiveX
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 28 89 00 10 E8 62 FC FF FF 33 C0 40 89
{889D2FEB-5411-4565-8998-1DD2C5261283}
[AM] 25. c:\program files\thunder network\thunder\comdlls\xunleibho_002.dll
Thunder Networking Technologies,LTD
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
+ Explorer
+ HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers
{F9DB5320-233E-11D1-9F84-707F02C10627}
[A ] 26. c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
Adobe Systems, Inc.
PDF Shell Extension
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 E8 DD 00 10 E8 F5 EF FF FF 33 C0 40 89
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 27. c:\windows\system32\hticons.dll
Hilgraeve, Inc.
HyperTerminal Applet Library
.text,.data,.rsrc,.reloc,
Shell Extensions for RealOne Player
[A ] 28. c:\program files\real\realplayer\rpshell.dll
RealNetworks, Inc.
RealPlayer Shell Extensions
.text,.rdata,.data,.rsrc,.reloc,
53 55 56 8B 74 24 14 85 F6 57 B8 01 00 00 00 75
WinRAR shell extension
[AM] 29. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
+ Logon
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SoundMan
[AM] 30. c:\windows\soundman.exe
Realtek Semiconductor Corp.
Realtek Sound Manager
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 90 A2 40 00 68 38 83 40 00 64
VTTimer
[AM] 31. c:\windows\system32\vttimer.exe
S3 Graphics, Inc.
.text,.rdata,.data,.rsrc,
6A 60 68 50 95 40 00 E8 41 19 00 00 BF 94 00 00
VTTrayp
[AM] 32. c:\windows\system32\vttrayp.exe
S3 Graphics Co., Ltd.
s3contrl (32-bit)
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 50 6B 41 00 68 F0 30 41 00 64
jmekey
[AM] 33. c:\program files\jmesoft\hotkey.exe
JME Co., Ltd.
HotKey
CODE,DATA,BSS,.idata,.tls,.rdata,.reloc,.rsrc,
55 8B EC 83 C4 F4 B8 68 36 46 00 E8 C0 28 FA FF
ThunderMini
[A ] 34. c:\program files\thunder network\thundermini\thunderminishell.exe
.text,.rdata,.data,
55 8B EC 6A FF 68 70 20 40 00 68 A0 14 40 00 64
StarCenter
[A ] 35. c:\program files\starsoftcomm\starcenter\starcenter.exe
.text,.rdata,.data,.rsrc,
6A 70 68 48 42 40 00 E8 E4 01 00 00 33 DB 53 8B
Alert
[A ] 36. c:\program files\starsoftcomm\starcenter\alert.exe
Alert Microsoft 基础类应用程序
.text,.rdata,.data,.rsrc,
6A 70 68 68 CF 41 00 E8 E4 01 00 00 33 DB 53 8B
AutoUpd
[AM] 37. c:\program files\starsoftcomm\starcenter\updtray.exe
UpdTray Microsoft 基础类应用程序
.text,.rdata,.data,.rsrc,
6A 70 68 F0 34 40 00 E8 E4 01 00 00 33 DB 53 8B
+ Image Hijacks
+ HKCR\.html
htmlfile\Edit\Command
[A ] 38. d:\program files\microsoft office\office\msohtmed.exe
Microsoft Corporation
Microsoft Office 2000 component
.text,.data,.idata,.rsrc,
E9 BF 10 00 00 E9 CA 44 00 00 E9 2F 23 00 00 E9
htmlfile\Print\Command
[A ] 38. d:\program files\microsoft office\office\msohtmed.exe
Microsoft Corporation
Microsoft Office 2000 component
.text,.data,.idata,.rsrc,
E9 BF 10 00 00 E9 CA 44 00 00 E9 2F 23 00 00 E9
+ HKCR\.htm
htmlfile\Edit\Command
[A ] 38. d:\program files\microsoft office\office\msohtmed.exe
Microsoft Corporation
Microsoft Office 2000 component
.text,.data,.idata,.rsrc,
E9 BF 10 00 00 E9 CA 44 00 00 E9 2F 23 00 00 E9
htmlfile\Print\Command
[A ] 38. d:\program files\microsoft office\office\msohtmed.exe
Microsoft Corporation
Microsoft Office 2000 component
.text,.data,.idata,.rsrc,
E9 BF 10 00 00 E9 CA 44 00 00 E9 2F 23 00 00 E9
+ HKCR\.mp3
RealPlayer.MP3.6\open\Command
[A ] 39. c:\program files\real\realplayer\realplay.exe
RealNetworks, Inc.
RealPlayer
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 E8 EC 40 00 68 60 D1 40 00 64
+ Print Monitor
+ HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
EPSON V3 2KMonitor407
[A ] 40. c:\windows\system32\e_sl2407.dll
SEIKO EPSON CORPORATION
EPSON Bidirectional Monitor
.text,.data,.rsrc,.reloc,
8B 44 24 08 83 E8 00 74 23 48 75 3C 56 8B 74 24
+ 其他自启动项目
+ C:\Documents and Settings\All Users\「开始」菜单\程序\启动
Adobe Reader Speed Launch.lnk
[A ] 41. c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
Adobe Systems Incorporated
Adobe Acrobat SpeedLauncher
.text,.rdata,.data,.rsrc,
6A 74 68 E0 66 40 00 E8 08 02 00 00 33 DB 89 5D

一念之差 - 2007-7-11 14:52:00

+ 系统活动模块
+ 0000057c(1404) Explorer.EXE
72C80000[00008000]
[ M] 42. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
8B 44 24 08 83 E8 00 74 30 48 75 3A 56 8B 74 24
00BC0000[0002B000]
[AM] 29. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
015B0000[0000C000]
[AM] 25. c:\program files\thunder network\thunder\comdlls\xunleibho_002.dll
Thunder Networking Technologies,LTD
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
+ 000005ec(1516) SOUNDMAN.EXE
00400000[00014000]
[AM] 30. c:\windows\soundman.exe
Realtek Semiconductor Corp.
Realtek Sound Manager
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 90 A2 40 00 68 38 83 40 00 64
+ 000005f4(1524) VTTimer.exe
00400000[0000D000]
[AM] 31. c:\windows\system32\vttimer.exe
S3 Graphics, Inc.
.text,.rdata,.data,.rsrc,
6A 60 68 50 95 40 00 E8 41 19 00 00 BF 94 00 00
+ 00000604(1540) VTtrayp.exe
00400000[00027000]
[AM] 32. c:\windows\system32\vttrayp.exe
S3 Graphics Co., Ltd.
s3contrl (32-bit)
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 50 6B 41 00 68 F0 30 41 00 64
6BB00000[00091000]
[ M] 43. c:\windows\system32\vtdisply.dll
S3 Graphics Co., Ltd.
S3 multi-chip display switch utility (32-bit)
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
6BE00000[0005A000]
[ M] 44. c:\windows\system32\vtgamma2.dll
S3 Graphics Co., Ltd.
S3Gamma Plus (32-bit)
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
6C000000[00043000]
[ M] 45. c:\windows\system32\vtinfo2.dll
S3 Graphics Co., Ltd.
S3 Graphics Display Adapter Information Utility (32-bit)
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
6C200000[00065000]
[ M] 46. c:\windows\system32\vtovrlay.dll
S3 Graphics Co., Ltd.
S3ColorPus/S3Overlay Utility
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
+ 0000060c(1548) hotkey.exe
00400000[00086000]
[AM] 33. c:\program files\jmesoft\hotkey.exe
JME Co., Ltd.
HotKey
CODE,DATA,BSS,.idata,.tls,.rdata,.reloc,.rsrc,
55 8B EC 83 C4 F4 B8 68 36 46 00 E8 C0 28 FA FF
72C80000[00008000]
[ M] 42. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
8B 44 24 08 83 E8 00 74 30 48 75 3A 56 8B 74 24
10000000[0000D000]
[ M] 47. c:\program files\jmesoft\keyhook.dll
.text,.rdata,.data,mydata,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
+ 0000062c(1580) UpdTray.exe
00400000[00006000]
[AM] 37. c:\program files\starsoftcomm\starcenter\updtray.exe
UpdTray Microsoft 基础类应用程序
.text,.rdata,.data,.rsrc,
6A 70 68 F0 34 40 00 E8 E4 01 00 00 33 DB 53 8B
6BC40000[000FB000]
[ M] 48. c:\program files\starsoftcomm\starcenter\mfc42.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
+ 00000634(1588) ctfmon.exe
+ 000006b0(1712) ThunderMini.exe
00400000[00018000]
[ M] 49. c:\program files\thunder network\thundermini\program\thundermini.exe
Thunder Networking Technologies,LTD
Mini Module
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 10 F4 40 00 68 A8 EA 40 00 64
10000000[00111000]
[ M] 50. c:\program files\thunder network\thundermini\program\download_interface.dll
.text,.rdata,.data,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
00BE0000[0000C000]
[ M] 51. c:\program files\thunder network\thundermini\program\updatedownload.dll
Thunder Networking Technologies,LTD
UpdateDownload
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
00BF0000[00016000]
[ M] 52. c:\program files\thunder network\thundermini\components\inmedia\iembedshell.dll
　
iEmbedShell
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
01480000[00059000]
[ M] 53. c:\program files\thunder network\thunder\components\inmedia\iembed03.dll
　
iEmbed
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
+ 000006c4(1732) iexplore.exe
10000000[0000E000]
[AM] 24. c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
Adobe Systems Incorporated
Adobe Acrobat IE Helper Version 7.0 for ActiveX
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 28 89 00 10 E8 62 FC FF FF 33 C0 40 89
7C340000[00056000]
[ M] 54. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 8B 45 0C 83 F8 01 56 57 0F 84 50 FB FF
01390000[0000C000]
[AM] 25. c:\program files\thunder network\thunder\comdlls\xunleibho_002.dll
Thunder Networking Technologies,LTD
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
72C80000[00008000]
[ M] 42. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
8B 44 24 08 83 E8 00 74 30 48 75 3A 56 8B 74 24
30000000[002DE000]
[ M] 55. c:\windows\system32\macromed\flash\flash9.ocx
Adobe Systems, Inc.
Adobe Flash Player 9.0 r16
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 56 8B 75 0C 83 FE 01 74 05 83 FE 02 75
+ 00000b5c(2908) Ras.exe
00400000[0013E000]
[ M] 56. c:\program files\rising\antispyware\ras.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 B8 3A 4C 00 68 10 B9 4A 00 64
10000000[000A3000]
[ M] 57. c:\program files\rising\antispyware\rasgui.dll
Beijing Rising Technology Co., Ltd.
RasGUI
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85

一念之差 - 2007-7-12 8:46:00

怎么没人回复啊有没有人告诉我该怎么办啊

瑞星卡卡安全论坛