电脑经常无故死机 bbs.ikaka.com

BearCatDog - 2007-7-18 21:22:00

电脑经常用着用着就卡住不动了。有时过几分钟就好了，有时一个小时都这样，重启都无法解决，杀毒并未查出任何病毒。是硬件的问题吗？

附件: 7156592007718211158.txt

秋日里的蓝天 - 2007-7-18 21:57:00

重启都无法解决，

还不至于这么严重吧!

日志看不出任何可疑的项.

火影忍者 - 2007-7-18 22:18:00

下载 System Repair Engineer，
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来，不要修改
日志一次发不完，请分次发上来(不要以附件形式上传)

BearCatDog - 2007-7-26 8:37:00

注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;

+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
RsCCenter
[A ] 1. c:\program files\rising\rav\ccenter.exe

RsRavMon
[A ] 2. c:\program files\rising\rav\ravmond.exe

WMPNetworkSvc
[A ] 3. c:\program files\windows media player\wmpnetwk.exe

WudfSvc
[A ] 4. c:\windows\system32\wudfsvc.dll

+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
BaseTDI
[A ] 5. c:\windows\system32\drivers\basetdi.sys

Cap7134
[A ] 6. c:\windows\system32\drivers\cap7134.sys

cmuda
[A ] 7. c:\windows\system32\drivers\cmuda.sys

EagleNT
[A ] 8. c:\windows\system32\drivers\eaglent.sys

ExpScaner
[A ] 9. c:\program files\rising\rav\expscan.sys

FETNDISB
[A ] 10. c:\windows\system32\drivers\fetnd5b.sys

HookCont
[A ] 11. c:\program files\rising\rav\hookcont.sys

HookReg
[A ] 12. c:\program files\rising\rav\hookreg.sys

HookSys
[A ] 13. c:\program files\rising\rav\hooksys.sys

ialm
[A ] 14. c:\windows\system32\drivers\ialmnt5.sys

kmsinput
[A ] 15. c:\windows\system32\drivers\kmsinput.sys

MEMSCAN
[A ] 16. c:\program files\rising\rav\memscan.sys

npkcrypt
[A ] 17. c:\documents and settings\administrator\my documents\qq\npkcrypt.sys

NTSIM
[A ] 18. c:\windows\system32\ntsim.sys

PhTVTune
[A ] 19. c:\windows\system32\drivers\phtvtune.sys

prodrv06
[A ] 20. c:\windows\system32\drivers\prodrv06.sys

prohlp02
[A ] 21. c:\windows\system32\drivers\prohlp02.sys

prosync1
[A ] 22. c:\windows\system32\drivers\prosync1.sys

QKeyService
[A ] 23. c:\windows\system32\keycrypt.sys

RsAntiSpyware
[A ] 24. c:\windows\system32\drivers\rsboot.sys

RsNTGDI
[A ] 25. c:\windows\system32\drivers\rsntgdi.sys

RSPPSYS
[A ] 26. c:\program files\rising\rav\rsppsys.sys

Secdrv
[A ] 27. c:\windows\system32\drivers\secdrv.sys

SetupNT
[A ] 28. c:\windows\system32\setupnt.sys

sfhlp01
[A ] 29. c:\windows\system32\drivers\sfhlp01.sys

WudfPf
[A ] 30. c:\windows\system32\drivers\wudfpf.sys

WudfRd
[A ] 31. c:\windows\system32\drivers\wudfrd.sys

xltgmy11
[A ] 32. c:\windows\system32\drivers\xltgmy11.sys

ZSMC301b
[A ] 33. c:\windows\system32\drivers\usbvm31b.sys

ztjrmu57
[A ] 34. c:\windows\system32\drivers\ztjrmu57.sys

+ 系统登陆自运行
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
igfxcui
[A ] 35. c:\windows\system32\igfxsrvc.dll

WgaLogon
[AM] 36. c:\windows\system32\wgalogon.dll

+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}
[A ] 37. c:\windows\system32\kakatool.dll

{43869BB3-22FD-4F15-9B46-238106BA2F4E}
[A ] 38. c:\program files\super rabbit\magicset\haokanbar.dll

+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3}
[A ] 38. c:\program files\super rabbit\magicset\haokanbar.dll

+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
Exec
[A ] 39. c:\program files\thunder network\thunder\thunder.exe

Exec
[A ] 40. c:\program files\herosoft\herov8\sthsdvd.exe

Exec
[A ] 41. c:\program files\messenger\msmsgs.exe

+ 资源管理器加载模块
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
cetihpz
[A ] 42. c:\program files\hp\hpcoretech\comp\hpuiprot.dll

KuGoo3
[A ] 43. c:\program files\kugoo3\inextend\kugoo3downxcontrol.ocx

+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 44. c:\windows\system32\hticons.dll

WinRAR shell extension
[AM] 45. c:\program files\winrar\rarext.dll

PicaView
[A ] 46. c:\program files\acdsee\picaview.dll

RISING
[AM] 47. c:\windows\system32\ravext.dll

Portable Media Devices
[A ] 48. c:\windows\system32\audiodev.dll

Portable Devices
[A ] 49. c:\windows\system32\wpdshext.dll

Portable Devices Menu
[A ] 49. c:\windows\system32\wpdshext.dll

+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
WPDShServiceObj
[AM] 50. c:\windows\system32\wpdshserviceobj.dll

+ 用户登陆自运行项目
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
IgfxTray
[A ] 51. c:\windows\system32\igfxtray.exe

HotKeysCmds
[A ] 52. c:\windows\system32\hkcmd.exe

RavTask
[A ] 53. c:\program files\rising\rav\ravtask.exe

BigDogPath
[AM] 54. c:\windows\vm_sti.exe

DeviceDiscovery
[AM] 55. c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe

HP Software Update
[AM] 56. c:\program files\hewlett-packard\hp software update\hpwuschd.exe

runeip
[AM] 57. c:\program files\rising\kakatoolbar\runiep.exe

+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
KKDelay
[A ] 58. c:\program files\rising\kakatoolbar\runonce.exe

+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 59. c:\windows\system32\bsmain.exe

[A ] 60. c:\windows\system32\kknative.exe

+ 映像劫持
+ HKCR\.html
htmlfile\Edit\Command
[A ] 61. c:\program files\microsoft office\office\msohtmed.exe

htmlfile\open\Command
[A ] 62. c:\program files\tencent\tt\ttraveler.exe

htmlfile\Print\Command
[A ] 61. c:\program files\microsoft office\office\msohtmed.exe

htmlfile\TencentTraveler\Command
[A ] 62. c:\program files\tencent\tt\ttraveler.exe

+ HKCR\.htm
htmlfile\Edit\Command
[A ] 61. c:\program files\microsoft office\office\msohtmed.exe

htmlfile\open\Command
[A ] 62. c:\program files\tencent\tt\ttraveler.exe

htmlfile\Print\Command
[A ] 61. c:\program files\microsoft office\office\msohtmed.exe

htmlfile\TencentTraveler\Command
[A ] 62. c:\program files\tencent\tt\ttraveler.exe

+ 打印机监控
+ HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
hpzsnt09
[AM] 63. c:\windows\system32\hpzsnt09.dll

+ 其他自启动项目
+ C:\Documents and Settings\Administrator\「开始」菜单\程序\启动
QQ游戏启动加速程序.lnk
[A ] 64. e:\qq\qqgame\accel.exe

腾讯QQ.lnk
[AM] 65. c:\documents and settings\administrator\my documents\qq\qq.exe

+ C:\Documents and Settings\All Users\「开始」菜单\程序\启动
Adobe Gamma Loader.lnk
[A ] 66. c:\program files\common files\adobe\calibration\adobe gamma loader.exe

+ 正在运行的进程
+ 000000e8(232) alg.exe

+ 0000022c(556) VM_STI.EXE
00400000[0000D000]
[AM] 54. c:\windows\vm_sti.exe

10000000[0001B000]
[ M] 67. c:\program files\rising\kakatoolbar\ieprot.dll

+ 00000234(564) smss.exe

+ 00000248(584) hpotdd01.exe
00400000[0003A000]
[AM] 55. c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe

10000000[00048000]
[ M] 68. c:\program files\hewlett-packard\digital imaging\bin\hpodvd08.dll

00CD0000[001D1000]
[ M] 69. c:\windows\system32\unispim5.ime

01190000[0001E000]
[ M] 70. c:\program files\hewlett-packard\digital imaging\bin\hpqcxm08.dll

011C0000[0001B000]
[ M] 67. c:\program files\rising\kakatoolbar\ieprot.dll

+ 00000284(644) csrss.exe

+ 0000029c(668) winlogon.exe
01300000[0003B000]
[AM] 36. c:\windows\system32\wgalogon.dll

10000000[001D1000]
[ M] 69. c:\windows\system32\unispim5.ime

72C80000[00008000]
[ M] 71. c:\windows\system32\msacm32.drv

+ 000002c8(712) services.exe

+ 000002d4(724) lsass.exe

+ 0000033c(828) HPWuSchd.exe
00400000[0000C000]
[AM] 56. c:\program files\hewlett-packard\hp software update\hpwuschd.exe

10000000[001D1000]
[ M] 69. c:\windows\system32\unispim5.ime

00D60000[0001B000]
[ M] 67. c:\program files\rising\kakatoolbar\ieprot.dll

+ 0000036c(876) svchost.exe

+ 00000380(896) runiep.exe
00400000[00012000]
[AM] 57. c:\program files\rising\kakatoolbar\runiep.exe

10000000[001D1000]
[ M] 69. c:\windows\system32\unispim5.ime

00F10000[0001B000]
[ M] 67. c:\program files\rising\kakatoolbar\ieprot.dll

BearCatDog - 2007-7-26 8:41:00

+ 000003ac(940) svchost.exe

+ 00000414(1044) svchost.exe

+ 00000440(1088) svchost.exe

+ 0000044c(1100) ctfmon.exe
10000000[001D1000]
[ M] 69. c:\windows\system32\unispim5.ime

00D50000[0001B000]
[ M] 67. c:\program files\rising\kakatoolbar\ieprot.dll

+ 000004b4(1204) svchost.exe

+ 0000054c(1356) WgaTray.exe
01000000[00052000]
[ M] 72. c:\windows\system32\wgatray.exe

10000000[001D1000]
[ M] 69. c:\windows\system32\unispim5.ime

018F0000[0001B000]
[ M] 67. c:\program files\rising\kakatoolbar\ieprot.dll

+ 00000558(1368) Explorer.EXE
10000000[001D1000]
[ M] 69. c:\windows\system32\unispim5.ime

021C0000[00010000]
[AM] 50. c:\windows\system32\wpdshserviceobj.dll

023E0000[0002D000]
[ M] 73. c:\windows\system32\portabledevicetypes.dll

02450000[00058000]
[ M] 74. c:\windows\system32\portabledeviceapi.dll

02600000[0001B000]
[ M] 67. c:\program files\rising\kakatoolbar\ieprot.dll

72C80000[00008000]
[ M] 71. c:\windows\system32\msacm32.drv

035A0000[0002B000]
[AM] 45. c:\program files\winrar\rarext.dll

035D0000[0001B000]
[AM] 47. c:\windows\system32\ravext.dll

+ 000005bc(1468) spoolsv.exe
10000000[00030000]
[AM] 63. c:\windows\system32\hpzsnt09.dll

+ 000006cc(1740) svchost.exe

+ 000008bc(2236) QQ.exe
00400000[001B3000]
[AM] 65. c:\documents and settings\administrator\my documents\qq\qq.exe

10000000[00255000]
[ M] 75. c:\documents and settings\administrator\my documents\qq\qqbaseclassindll.dll

005C0000[0009D000]
[ M] 76. c:\documents and settings\administrator\my documents\qq\qqhelperdll.dll

60090000[00071000]
[ M] 77. c:\documents and settings\administrator\my documents\qq\basicctrldll.dll

60A80000[000F2000]
[ M] 78. c:\documents and settings\administrator\my documents\qq\mfc42.dll

00D90000[001D1000]
[ M] 69. c:\windows\system32\unispim5.ime

621E0000[00005000]
[ M] 79. c:\documents and settings\administrator\my documents\qq\riched32.dll

62170000[00068000]
[ M] 80. c:\documents and settings\administrator\my documents\qq\riched20.dll

612D0000[00039000]
[ M] 81. c:\documents and settings\administrator\my documents\qq\qqapi.dll

622E0000[00007000]
[ M] 82. c:\documents and settings\administrator\my documents\qq\timproxy.dll

018B0000[0001B000]
[ M] 67. c:\program files\rising\kakatoolbar\ieprot.dll

60880000[00038000]
[ M] 83. c:\documents and settings\administrator\my documents\qq\loginctrl.dll

608C0000[0007D000]
[ M] 84. c:\documents and settings\administrator\my documents\qq\loginctrlres.dll

026C0000[0049B000]
[ M] 85. c:\documents and settings\administrator\my documents\qq\qqres.dll

01E70000[00032000]
[ M] 86. c:\documents and settings\administrator\my documents\qq\mailsummary.dll

617C0000[00092000]
[ M] 87. c:\documents and settings\administrator\my documents\qq\qqmainframe.dll

603B0000[001A3000]
[ M] 88. c:\documents and settings\administrator\my documents\qq\gdiplus.dll

03470000[00121000]
[ M] 89. c:\documents and settings\administrator\my documents\qq\cqqapplication.dll

60370000[0003E000]
[ M] 90. c:\documents and settings\administrator\my documents\qq\flashavatardll.dll

60BF0000[0005E000]
[ M] 91. c:\documents and settings\administrator\my documents\qq\newskin.dll

606A0000[000B7000]
[ M] 92. c:\documents and settings\administrator\my documents\qq\hostingmgr.dll

036D0000[00034000]
[ M] 93. c:\documents and settings\administrator\my documents\qq\cameradll.dll

61770000[00016000]
[ M] 94. c:\documents and settings\administrator\my documents\qq\qqknowledgesearch.dll

039C0000[001EF000]
[ M] 95. c:\documents and settings\administrator\my documents\qq\qqallinone.dll

03BB0000[0002B000]
[ M] 96. c:\documents and settings\administrator\my documents\qq\sccore.dll

61FD0000[00022000]
[ M] 97. c:\documents and settings\administrator\my documents\qq\qqspace.dll

62380000[00071000]
[ M] 98. c:\documents and settings\administrator\my documents\qq\vbscript.dll

61650000[00071000]
[ M] 99. c:\documents and settings\administrator\my documents\qq\qqgroupmng.dll

72C80000[00008000]
[ M] 71. c:\windows\system32\msacm32.drv

03360000[0003B000]
[ M] 100. c:\documents and settings\administrator\my documents\qq\qqavatar.dll

033F0000[0003D000]
[ M] 101. c:\documents and settings\administrator\my documents\qq\qqsysmsgmng.dll

62310000[00017000]
[ M] 102. c:\documents and settings\administrator\my documents\qq\userdefinedhead.dll

619A0000[000D1000]
[ M] 103. c:\documents and settings\administrator\my documents\qq\qqplugin.dll

615B0000[0000C000]
[ M] 104. c:\documents and settings\administrator\my documents\qq\qqconfigplugin.dll

62100000[00016000]
[ M] 105. c:\documents and settings\administrator\my documents\qq\qringmng.dll

615C0000[00032000]
[ M] 106. c:\documents and settings\administrator\my documents\qq\qqcustomface.dll

61960000[00028000]
[ M] 107. c:\documents and settings\administrator\my documents\qq\qqpet.dll

60940000[000A8000]
[ M] 108. c:\documents and settings\administrator\my documents\qq\longconnection.dll

60670000[00024000]
[ M] 109. c:\documents and settings\administrator\my documents\qq\groupconnection.dll

60CF0000[00026000]
[ M] 110. c:\documents and settings\administrator\my documents\qq\phoneapi.dll

60320000[0000D000]
[ M] 111. c:\documents and settings\administrator\my documents\qq\dialerallinone.dll

60110000[0001F000]
[ M] 112. c:\documents and settings\administrator\my documents\qq\bqqapplication.dll

72C60000[00007000]
[ M] 113. c:\windows\system32\msadp32.acm

60170000[0004F000]
[ M] 114. c:\documents and settings\administrator\my documents\qq\commercesmng.dll

60C70000[0000F000]
[ M] 115. c:\documents and settings\administrator\my documents\qq\personaldesktop.dll

056E0000[00286000]
[ M] 116. c:\documents and settings\administrator\my documents\qq\qqaddr.dll

61F20000[0002C000]
[ M] 117. c:\documents and settings\administrator\my documents\qq\qqscenemng.dll

014B0000[0002A000]
[ M] 118. c:\documents and settings\administrator\my documents\qq\qqphonehelper.dll

60760000[0001A000]
[ M] 119. c:\documents and settings\administrator\my documents\qq\imageole.dll

61790000[00015000]
[ M] 120. c:\documents and settings\administrator\my documents\qq\qqliveqmng.dll

03670000[00019000]
[ M] 121. c:\program files\rising\rav\ravscrch.dll

03FE0000[00066000]
[ M] 122. c:\documents and settings\administrator\my documents\qq\qqsettingctrl.dll

01A20000[0000B000]
[ M] 123. e:\qq\qqgame\gamepublic.dll

01A30000[0002A000]
[ M] 124. e:\qq\qqgame\common\utility.dll

01A60000[00009000]
[ M] 125. e:\qq\qqgame\factory.dll

01A70000[0001C000]
[ M] 126. e:\qq\qqgame\logic\uistyle.dll

01A90000[00009000]
[ M] 127. e:\qq\qqgame\prothand\qqprot.dll

01AA0000[0000D000]
[ M] 128. e:\qq\qqgame\socket\netmod.dll

05A70000[00058000]
[ M] 129. c:\documents and settings\administrator\my documents\qq\qqmsgfriendmng.dll

620A0000[0005B000]
[ M] 130. c:\documents and settings\administrator\my documents\qq\qqzip.dll

61610000[0002A000]
[ M] 131. c:\documents and settings\administrator\my documents\qq\qqfiletransfer.dll

617B0000[0000E000]
[ M] 132. c:\documents and settings\administrator\my documents\qq\qqmagicface.dll

62040000[0002F000]
[ M] 133. c:\documents and settings\administrator\my documents\qq\qqtproxy.dll

627E0000[00012000]
[ M] 134. c:\documents and settings\administrator\my documents\qq\zlib1.dll

30000000[002EE000]
[ M] 135. c:\windows\system32\macromed\flash\flash9b.ocx

626C0000[0007C000]
[ M] 136. c:\documents and settings\administrator\my documents\qq\vqqallinone.dll

60790000[000DD000]
[ M] 137. c:\documents and settings\administrator\my documents\qq\inplus.dll

622B0000[00012000]
[ M] 138. c:\documents and settings\administrator\my documents\qq\tencent-proto1.dll

62280000[00024000]
[ M] 139. c:\documents and settings\administrator\my documents\qq\tencent-comlib.dll

622D0000[0000D000]
[ M] 140. c:\documents and settings\administrator\my documents\qq\tencent-proto2.dll

62770000[00029000]
[ M] 141. c:\documents and settings\administrator\my documents\qq\vqqset.dll

+ 00000980(2432) TIMPlatform.exe
00400000[00013000]
[ M] 142. c:\documents and settings\administrator\my documents\qq\timplatform.exe

10000000[0001B000]
[ M] 67. c:\program files\rising\kakatoolbar\ieprot.dll

622E0000[00007000]
[ M] 82. c:\documents and settings\administrator\my documents\qq\timproxy.dll

+ 00000c4c(3148) Ras.exe
00400000[0013F000]
[ M] 143. c:\program files\rising\kakatoolbar\ras.exe

10000000[000A3000]
[ M] 144. c:\program files\rising\kakatoolbar\rasgui.dll

01320000[001D1000]
[ M] 69. c:\windows\system32\unispim5.ime

01E60000[0001B000]
[ M] 67. c:\program files\rising\kakatoolbar\ieprot.dll

72C80000[00008000]
[ M] 71. c:\windows\system32\msacm32.drv

01CA0000[0002F000]
[ M] 145. c:\program files\rising\kakatoolbar\engine.dll

02050000[00012000]
[ M] 146. c:\program files\rising\kakatoolbar\zip.dll

030D0000[00019000]
[ M] 121. c:\program files\rising\rav\ravscrch.dll

+ 00000c7c(3196) RavStub.exe
00400000[00018000]
[ M] 147. c:\program files\rising\rav\ravstub.exe

10000000[0001B000]
[ M] 148. c:\program files\rising\rav\rscommx.dll

23700000[0001A000]
[ M] 149. c:\program files\rising\rav\rscommon.dll

流星陨落 - 2007-7-26 18:12:00

c:\windows\system32\drivers\xltgmy11.sys
c:\windows\system32\ntsim.sys
c:\windows\system32\drivers\ztjrmu57.sys

以上文件压缩发送到http://up.rising.com.cn/webmail/uploadnew.htm
等待可疑文件回复，使用卡卡助手清理系统，并升级瑞星到最新版本，安全模式全盘杀毒

瑞星卡卡安全论坛