李澎 - 2007-7-29 23:48:00
瑞星卡卡电脑诊断日志 v1.30 (2007-7-29 23:31:46) 北京瑞星科技股份有限公司
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
NVSvc
[AM] 1. c:\windows\system32\nvsvc32.exe
NVIDIA Corporation
NVIDIA Driver Helper Service, Version 84.66
.text,.rdata,.data,.rsrc,
ose
[A ] 2. c:\program files\common files\microsoft shared\source engine\ose.exe
Microsoft Corporation
Office Source Engine
.text,.data,.rsrc,
RfwProxySrv
[A ] 3. d:\瑞星\rising\rfw\rfwproxy.exe
Beijing Rising Technology Co., Ltd.
Rising Personal Proxy Service
.text,.rdata,.data,.rsrc,
RfwService
[A ] 4. d:\瑞星\rising\rfw\rfwsrv.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Service
.text,.rdata,.data,.rsrc,
RsCCenter
[A ] 5. d:\瑞星\rising\rav\ccenter.exe
Beijing Rising Technology Co., Ltd.
CCenter
.text,.rdata,.data,.rsrc,
RsRavMon
[A ] 6. d:\瑞星\rising\rav\ravmond.exe
Beijing Rising Technology Co., Ltd.
RavMond
.text,.rdata,.data,.rsrc,
WMPNetworkSvc
[A ] 7. c:\program files\windows media player\wmpnetwk.exe
Microsoft Corporation
Windows Media Player 网络共享服务
.text,.data,.rsrc,.reloc,
WudfSvc
[A ] 8. c:\windows\system32\wudfsvc.dll
Microsoft Corporation
Windows Driver Foundation - User-mode Driver Framework Service
.text,.data,.rsrc,.reloc,
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
ALCXWDM
[A ] 9. c:\windows\system32\drivers\alcxwdm.sys
Realtek Semiconductor Corp.
Realtek AC'97 Audio Driver (WDM)
.text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc,
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
李澎 - 2007-7-29 23:49:00
BaseTDI
[A ] 10. c:\windows\system32\drivers\basetdi.sys
Beijing Rising Technology Co., Ltd.
basetdi
.text,.rdata,.data,INIT,.rsrc,.reloc,
clandt
[A ] 11. c:\windows\system32\drivers\clandt.sys
ExpScaner
[A ] 12. d:\瑞星\rising\rav\expscan.sys
ExpScan.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookCont
[A ] 13. d:\瑞星\rising\rav\hookcont.sys
Rising
HookCont
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookReg
[A ] 14. d:\瑞星\rising\rav\hookreg.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookSys
[A ] 15. d:\瑞星\rising\rav\hooksys.sys
Rising
Hooksys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookUrl
[A ] 16. d:\瑞星\rising\rfw\hookurl.sys
Beijing Rising Technology Co., Ltd.
HookUrl
.text,.rdata,.data,INIT,.rsrc,.reloc,
MEMSCAN
[A ] 17. d:\瑞星\rising\rav\memscan.sys
瑞星软件有限公司
MemScan Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
mProcRs
[A ] 18. d:\瑞星\rising\rfw\mprocrs.sys
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall mprocrs.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
npkcrypt
[A ] 19. e:\qq\npkcrypt.sys
INCA Internet Co., Ltd.
nProtect KeyCrypt Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
npkycryp
[A ] 20. e:\qq\npkycryp.sys
RsAntiSpyware
[A ] 21. c:\windows\system32\drivers\rsboot.sys
Beijing Rising Technology Co., Ltd.
Anti-RootKit Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsFwDrv
[A ] 22. d:\瑞星\rising\rfw\rsfwdrv.sys
Beijing Rising Technology Co., Ltd.
nt_fwdrv
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsNTGDI
[A ] 23. c:\windows\system32\drivers\rsntgdi.sys
Beijing Rising Technology Co., Ltd.
RsNTGDI
.text,.rdata,INIT,.rsrc,.reloc,
RSPPSYS
[A ] 24. d:\瑞星\rising\rav\rsppsys.sys
Rising
RSPPSYS.SYS
.text,.rdata,.data,INIT,.rsrc,.reloc,
Secdrv
[A ] 25. c:\windows\system32\drivers\secdrv.sys
.text,.data,INIT,.reloc,
SNP2STD
[A ] 26. c:\windows\system32\drivers\snp2sxp.sys
USB2.0 PC Camera driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
WudfPf
[A ] 27. c:\windows\system32\drivers\wudfpf.sys
Microsoft Corporation
Windows Driver Foundation - User-mode Driver Framework Platform Driver
.text,.rdata,.data,PAGE,.edata,INIT,.rsrc,.reloc,
WudfRd
[A ] 28. c:\windows\system32\drivers\wudfrd.sys
Microsoft Corporation
Windows Driver Foundation - User-mode Driver Framework Reflector
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
xvtiyg29
[A ] 29. c:\windows\system32\drivers\xvtiyg29.sys
+ 系统登陆自运行
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
WgaLogon
[AM] 30. c:\windows\system32\wgalogon.dll
Microsoft Corporation
Windows 正版增值计划通知
.text,.data,.rsrc,.reloc,
+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
Exec
[A ] 31. d:\迅雷\thunder.exe
Thunder Networking Technologies,LTD
.text,.rdata,.data,.rsrc,
Exec
[A ] 32. e:\浩方对战平台\gameclient.exe
上海浩方在线信息技术有限公司
浩方对战平台
.text,.rdata,.data,.rsrc,
Exec
[A ] 33. e:\qq\qq.exe
TENCENT
QQ
.text,.rdata,.data,.rsrc,
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
text/xml
[AM] 34. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
ms-itss
[A ] 35. c:\program files\common files\microsoft shared\information retrieval\msitss.dll
Microsoft Corporation
Microsoft? InfoTech Storage System Library
.text,.data,.rsrc,.reloc,
mso-offdap
[A ] 36. c:\program files\common files\microsoft shared\web components\10\owc10.dll
Microsoft Corporation
Microsoft Office XP Web Components
.text,.data,.rtext,.bootdat,msoconst,Shared,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 37. c:\windows\system32\hticons.dll
Hilgraeve, Inc.
HyperTerminal Applet Library
.text,.data,.rsrc,.reloc,
NvCpl DesktopContext Class
[AM] 38. c:\windows\system32\nvcpl.dll
NVIDIA Corporation
NVIDIA Display Properties Extension
.text,.rdata,.data,.rsrc,.reloc,
Play on my TV helper
[AM] 38. c:\windows\system32\nvcpl.dll
NVIDIA Corporation
NVIDIA Display Properties Extension
.text,.rdata,.data,.rsrc,.reloc,
Desktop Explorer
[AM] 39. c:\windows\system32\nvshell.dll
.text,.rdata,.data,.idata,.shared,.rsrc,.reloc,
Desktop Explorer Menu
[AM] 39. c:\windows\system32\nvshell.dll
.text,.rdata,.data,.idata,.shared,.rsrc,.reloc,
nView Desktop Context Menu
[AM] 39. c:\windows\system32\nvshell.dll
.text,.rdata,.data,.idata,.shared,.rsrc,.reloc,
RISING
[AM] 40. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
Shell Extensions for RealOne Player
[A ] 41. e:\realoneplayer\rpshell.dll
RealNetworks, Inc.
RealPlayer Shell Extensions
.text,.rdata,.data,.rsrc,.reloc,
Microsoft Office HTML Icon Handler
[AM] 42. e:\microsoft office2003\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
Web Folders
[A ] 43. c:\program files\common files\microsoft shared\web folders\msonsext.dll
Microsoft Corporation
Microsoft Web Folders
.text,.data,.rsrc,.reloc,
WinRAR shell extension
[AM] 44. e:\解压缩工具\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
Portable Media Devices
[AM] 45. c:\windows\system32\audiodev.dll
Microsoft Corporation
Portable Media Devices Shell Extension
.text,.data,.rsrc,.reloc,
Portable Media Devices Menu
[AM] 45. c:\windows\system32\audiodev.dll
Microsoft Corporation
Portable Media Devices Shell Extension
.text,.data,.rsrc,.reloc,
Portable Devices
[AM] 46. c:\windows\system32\wpdshext.dll
Microsoft Corporation
Portable Devices Shell Extension
.text,.data,.rsrc,.reloc,
Portable Devices Menu
[AM] 46. c:\windows\system32\wpdshext.dll
Microsoft Corporation
Portable Devices Shell Extension
.text,.data,.rsrc,.reloc,
+ 用户登陆自运行项目
+ HKCU\Software\Microsoft\Windows\CurrentVersion\Run
bgswitch
[A ] 47. c:\windows\system32\bgswitch.exe
.text,.data,.rsrc,
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SoundMan
[AM] 48. c:\windows\soundman.exe
Realtek Semiconductor Corp.
Realtek Sound Manager
.text,.rdata,.data,.sxdata,.rsrc,
nwiz
[A ] 49. c:\windows\system32\nwiz.exe
.text,.rdata,.data,.rsrc,
runeip
[AM] 50. c:\program files\rising\antispyware\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
RavTask
[A ] 51. d:\瑞星\rising\rav\ravtask.exe
Beijing Rising Technology Co., Ltd.
RavTimer
.text,.rdata,.data,.rsrc,
RfwMain
[AM] 52. d:\瑞星\rising\rfw\rfwmain.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Main Program
.text,.rdata,.data,.rsrc,
Super Rabbit SafeEdit
[A ] 53. d:\超级兔子\srfc.exe
Super Rabbit Soft
Super Rabbit Safe File Client
UPX0,UPX1,.rsrc,
FixCamera
[AM] 54. c:\windows\fixcamera.exe
CameraFixer MFC Application
.text,.rdata,.data,.rsrc,
tsnp2std
[AM] 55. c:\windows\tsnp2std.exe
tsnp2std Microsoft
.text,.rdata,.data,.rsrc,
snp2std
[AM] 56. c:\windows\vsnp2std.exe
Sonix
CameraMonitor Application
.text,.rdata,.data,.data1,.rsrc,
IMSCMIG40W
[A ] 57. c:\program files\common files\microsoft shared\ime\imsc40w\imscmig.exe
Microsoft Corporation
微软拼音输入法安装工具
.text,.rdata,.data,.rsrc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
KKDelay
[A ] 58. c:\program files\rising\antispyware\runonce.exe
Beijing Rising Technology Co., Ltd.
RunOnce Application
.text,.rdata,.data,.rsrc,
李澎 - 2007-7-29 23:50:00
+ 00000220(544) csrss.exe
+ 00000238(568) winlogon.exe
01390000[0003B000]
[AM] 30. c:\windows\system32\wgalogon.dll
Microsoft Corporation
Windows 正版增值计划通知
.text,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 68. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
+ 00000264(612) services.exe
+ 00000270(624) lsass.exe
+ 00000310(784) svchost.exe
+ 00000340(832) svchost.exe
+ 00000394(916) svchost.exe
50E60000[0000C000]
[ M] 69. c:\windows\system32\wups2.dll
Microsoft Corporation
Windows Update client proxy stub 2
.text,.orpc,.data,.rsrc,.reloc,
+ 000003c0(960) svchost.exe
+ 000003d0(976) Rundll32.exe
10000000[00007000]
[ M] 70. c:\windows\system32\systdsvr.dll
.text,.rdata,.data,.reloc,
00A50000[00007000]
[ M] 71. c:\windows\system32\cwebpage.dll
.text,.rdata,.data,Shared,.reloc,
00A60000[0001B000]
[ M] 66. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 0000043c(1084) ctfmon.exe
10000000[0001B000]
[ M] 66. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000004cc(1228) svchost.exe
+ 000004e0(1248) Explorer.EXE
017E0000[0001B000]
[ M] 66. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 68. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
01DA0000[0074B000]
[AM] 38. c:\windows\system32\nvcpl.dll
NVIDIA Corporation
NVIDIA Display Properties Extension
.text,.rdata,.data,.rsrc,.reloc,
02520000[00036000]
[ M] 65. c:\windows\system32\nvrszhc.dll
NVIDIA Corporation
NVIDIA Simplified Chinese language resource library
.rsrc,.reloc,
025A0000[00073000]
[AM] 39. c:\windows\system32\nvshell.dll
.text,.rdata,.data,.idata,.shared,.rsrc,.reloc,
23700000[0001A000]
[ M] 72. d:\瑞星\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
10930000[00049000]
[ M] 73. c:\windows\system32\portabledeviceapi.dll
Microsoft Corporation
Windows Portable Device API Components
.text,.orpc,.data,.rsrc,.reloc,
10000000[00022000]
[ M] 74. d:\迅雷\comdlls\tdatonce_now.dll
Thunder Networking Technologies,LTD
迅雷浏览器高级特性支持模块
.text,.rdata,.data,.rsrc,.reloc,
00B70000[00019000]
[ M] 75. d:\迅雷\comdlls\xunleibho_now.dll
Thunder Networking Technologies,LTD
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
223F0000[00009000]
[ M] 76. d:\迅雷\components\resworker\dsbho_00.dll
DsBho
.text,.rdata,.data,.rsrc,.reloc,
223C0000[0000C000]
[ M] 77. d:\迅雷\components\resworker\dataprocessor_00.dll
Thunder Networking Technologies,LTD
DataProcessor
.text,.rdata,.data,.rsrc,.reloc,
325C0000[00012000]
[AM] 42. e:\microsoft office2003\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
60DE0000[0001B000]
[ M] 78. e:\qq\qdshm.dll
QQDiskShellMenu Module
.text,.rdata,.data,.rsrc,.reloc,
035E0000[0002C000]
[AM] 44. e:\解压缩工具\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
03200000[0001B000]
[AM] 40. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
16210000[0027E000]
[AM] 46. c:\windows\system32\wpdshext.dll
Microsoft Corporation
Portable Devices Shell Extension
.text,.data,.rsrc,.reloc,
07160000[00046000]
[AM] 45. c:\windows\system32\audiodev.dll
Microsoft Corporation
Portable Media Devices Shell Extension
.text,.data,.rsrc,.reloc,
36D30000[0001A000]
[ M] 79. e:\microsoft office2003\office11\mcps.dll
Microsoft Corporation
Media Catalog Proxy/Stub
.text,.data,.cdata,.rsrc,.reloc,
+ 00000658(1624) RfwMain.exe
00400000[00073000]
[AM] 52. d:\瑞星\rising\rfw\rfwmain.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Main Program
.text,.rdata,.data,.rsrc,
26600000[0007D000]
[ M] 80. d:\瑞星\rising\rfw\rsguilib.dll
Beijing Rising Technology Co., Ltd.
Rising GUI Library Loader
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 81. d:\瑞星\rising\rfw\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
10000000[0000F000]
[ M] 82. d:\瑞星\rising\rfw\rfwctrl.dll
Beijing Rising Technology Co., Ltd.
RfwCtrl DLL
.text,.rdata,.data,.rsrc,.reloc,
23800000[0001A000]
[ M] 83. d:\瑞星\rising\rfw\rsxml.dll
Beijing Rising Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
23900000[00031000]
[ M] 84. d:\瑞星\rising\rfw\pngdll.dll
Beijing Rising Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
012F0000[0001B000]
[ M] 66. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 68. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
+ 00000710(1808) nvsvc32.exe
00400000[00027000]
[AM] 1. c:\windows\system32\nvsvc32.exe
NVIDIA Corporation
NVIDIA Driver Helper Service, Version 84.66
.text,.rdata,.data,.rsrc,
+ 00000770(1904) svchost.exe
+ 000007a0(1952) AgentSvr.exe
10000000[0001B000]
[ M] 66. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 68. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
+ 000007fc(2044) SOUNDMAN.EXE
00400000[0008F000]
[AM] 48. c:\windows\soundman.exe
Realtek Semiconductor Corp.
Realtek Sound Manager
.text,.rdata,.data,.sxdata,.rsrc,
李澎 - 2007-7-29 23:50:00
10000000[0001B000]
[ M] 66. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000890(2192) iexplore.exe
10000000[0001B000]
[ M] 66. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
325C0000[00012000]
[AM] 42. e:\microsoft office2003\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
024D0000[00019000]
[ M] 85. d:\瑞星\rising\rav\ravscrch.dll
Beijing Rising Technology Co., Ltd.
RavScrCh Module
.text,.rdata,.data,.rsrc,.reloc,
30000000[002EF000]
[ M] 86. c:\windows\system32\macromed\flash\flash9c.ocx
Adobe Systems, Inc.
Adobe Flash Player 9.0 r45
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 68. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
05B80000[00035000]
[ M] 87. c:\windows\system32\xpsp3res.dll
Microsoft Corporation
Service Pack 3 Messages
.rsrc,
+ 00000b84(2948) RsAgent.exe
00400000[0003A000]
[ M] 88. d:\瑞星\rising\rav\rsagent.exe
Beijing Rising Technology Co., Ltd.
RsAgent Application
.text,.rdata,.data,.rsrc,
10000000[0001B000]
[ M] 89. d:\瑞星\rising\rav\rscommx.dll
rising
RsCommX
.text,.rdata,.data,.rsrc,.reloc,
© 2000 - 2026 Rising Corp. Ltd.