半头牛 - 2007-8-27 19:37:00
瑞星卡卡电脑诊断日志 v1.30 (2007-8-27 19:17:11) 北京瑞星科技股份有限公司
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
AVG Anti-Spyware Guard
[A ] 1. d:\avg_anti_spyware_v75\avg anti-spyware 7.5\guard.exe
NVSvc
[AM] 2. c:\windows\system32\nvsvc32.exe
PnpWMmng
[AM] 3. d:\完美卸载2007完整版 26.04 build 76\完美卸载v2007 完整版\pnpwmmng.exe
Qvod Terminal
[AM] 4. f:\qvodplayer\qvodterminal.exe
RsCCenter
[A ] 5. d:\rising\rav\ccenter.exe
RsRavMon
[A ] 6. d:\rising\rav\ravmond.exe
UMWdf
[AM] 7. c:\windows\system32\wdfmgr.exe
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
ALCXWDM
[A ] 8. c:\windows\system32\drivers\alcxwdm.sys
AVG Anti-Spyware Driver
[A ] 9. d:\avg_anti_spyware_v75\avg anti-spyware 7.5\guard.sys
AvgAsCln
[A ] 10. c:\windows\system32\drivers\avgascln.sys
BaseTDI
[A ] 11. c:\windows\system32\drivers\basetdi.sys
cda1000
[A ] 12. c:\windows\system32\drivers\cda1000.sys
ExpScaner
[A ] 13. d:\rising\rav\expscan.sys
HookCont
[A ] 14. d:\rising\rav\hookcont.sys
HookReg
[A ] 15. d:\rising\rav\hookreg.sys
HookSys
[A ] 16. d:\rising\rav\hooksys.sys
MEMSCAN
[A ] 17. d:\rising\rav\memscan.sys
oreans32
[A ] 18. c:\windows\system32\drivers\oreans32.sys
PnpWmkDrv
[A ] 19. c:\windows\system32\drivers\pnpwmkdrv.sys
QKeyService
[A ] 20. c:\windows\system32\keycrypt.sys
QuakeDRV
[A ] 21. c:\windows\system32\drivers\quakedrv.sys
RsAntiSpyware
[A ] 22. c:\windows\system32\drivers\rsboot.sys
RsNTGDI
[A ] 23. c:\windows\system32\drivers\rsntgdi.sys
RSPPSYS
[A ] 24. d:\rising\rav\rsppsys.sys
Secdrv
[A ] 25. c:\windows\system32\drivers\secdrv.sys
SISNICXP
[A ] 26. c:\windows\system32\drivers\sisnicxp.sys
sisraid
[A ] 27. c:\windows\system32\drivers\sisraid.sys
WmNdisDrv
[A ] 28. c:\windows\system32\drivers\wmndisdrv.sys
ZSMC302
[A ] 29. c:\windows\system32\drivers\usbvm31b.sys
+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{00000AAA-A363-466E-BEF5-9BB68697AA7F}
[A ] 30. d:\web迅雷\webthunderbho_now.dll
{B69F34DD-F0F9-42DC-9EDD-957187DA688D}
[AM] 31. d:\360安全卫士\safemon\safemon.dll
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 32. c:\windows\system32\hticons.dll
Portable Media Devices
[A ] 33. c:\windows\system32\audiodev.dll
Portable Media Devices Menu
[A ] 33. c:\windows\system32\audiodev.dll
NvCpl DesktopContext Class
[AM] 34. c:\windows\system32\nvcpl.dll
Play on my TV helper
[AM] 34. c:\windows\system32\nvcpl.dll
Desktop Explorer
[AM] 35. c:\windows\system32\nvshell.dll
Desktop Explorer Menu
[AM] 35. c:\windows\system32\nvshell.dll
nView Desktop Context Menu
[AM] 35. c:\windows\system32\nvshell.dll
WinRAR shell extension
[AM] 36. c:\program files\winrar\rarext.dll
Shell Extensions for RealOne Player
[A ] 37. c:\program files\real\realplayer\rpshell.dll
UnlockerShellExtension
[AM] 38. e:\unlocker1.85\unlockercom.dll
RISING
[AM] 39. c:\windows\system32\ravext.dll
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{32CD708B-60A7-4C00-9377-D73EAA495F0F}
[AM] 39. c:\windows\system32\ravext.dll
+ 用户登陆自运行项目
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
nwiz
[A ] 40. c:\windows\system32\nwiz.exe
SoundMan
[AM] 41. c:\windows\soundman.exe
TkBellExe
[AM] 42. c:\program files\common files\real\update_ob\realsched.exe
runeip
[AM] 43. d:\瑞星卡卡\runiep.exe
RavTask
[A ] 44. d:\rising\rav\ravtask.exe
360Safetray
[AM] 45. d:\360安全卫士\safemon\360tray.exe
+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 46. c:\windows\system32\bsmain.exe
+ 映像劫持
+ HKCR\.mp3
qvodplayer.mp3\open\Command
[A ] 47. f:\qvodplayer\qvodplayer.exe
+ 其他自启动项目
+
Temp.dll
[A ] 48. c:\temp.dll
+
Temp.dll
[A ] 48. c:\temp.dll
+ 正在运行的进程
+ 000000ec(236) alg.exe
+ 00000108(264) wdfmgr.exe
01000000[0000C000]
[AM] 7. c:\windows\system32\wdfmgr.exe
+ 000001d8(472) smss.exe
+ 00000214(532) csrss.exe
+ 0000022c(556) winlogon.exe
72C80000[00008000]
[ M] 49. c:\windows\system32\msacm32.drv
+ 0000026c(620) services.exe
+ 00000278(632) lsass.exe
+ 00000308(776) svchost.exe
+ 0000034c(844) svchost.exe
+ 000003ac(940) svchost.exe
+ 000003d8(984) PnpWMmng.exe
00400000[0000C000]
[AM] 3. d:\完美卸载2007完整版 26.04 build 76\完美卸载v2007 完整版\pnpwmmng.exe
+ 000003f0(1008) svchost.exe
+ 0000044c(1100) svchost.exe
+ 00000538(1336) Explorer.EXE
72C80000[00008000]
[ M] 49. c:\windows\system32\msacm32.drv
015A0000[0076D000]
[AM] 34. c:\windows\system32\nvcpl.dll
01D10000[00036000]
[ M] 50. c:\windows\system32\nvrszhc.dll
01D90000[00036000]
[ M] 51. c:\windows\system32\nvapi.dll
01DD0000[00073000]
[AM] 35. c:\windows\system32\nvshell.dll
01E70000[0001B000]
[ M] 52. d:\瑞星卡卡\ieprot.dll
10000000[0001C000]
[AM] 31. d:\360安全卫士\safemon\safemon.dll
02110000[0002D000]
[AM] 36. c:\program files\winrar\rarext.dll
00CE0000[00006000]
[AM] 38. e:\unlocker1.85\unlockercom.dll
021B0000[0001B000]
[AM] 39. c:\windows\system32\ravext.dll
23700000[0001A000]
[ M] 53. d:\rising\rav\rscommon.dll
02080000[0002A000]
[ M] 54. d:\avg_anti_spyware_v75\avg anti-spyware 7.5\context.dll
+ 000005b4(1460) spoolsv.exe
+ 000006f8(1784) nvsvc32.exe
00400000[0002C000]
[AM] 2. c:\windows\system32\nvsvc32.exe
009F0000[00036000]
[ M] 51. c:\windows\system32\nvapi.dll
+ 00000710(1808) QvodTerminal.exe
00400000[00063000]
[AM] 4. f:\qvodplayer\qvodterminal.exe
+ 00000728(1832) svchost.exe
+ 000008cc(2252) RUNDLL32.EXE
10000000[00017000]
[ M] 55. c:\windows\system32\nvmctray.dll
00AE0000[00036000]
[ M] 51. c:\windows\system32\nvapi.dll
00B40000[00036000]
[ M] 50. c:\windows\system32\nvrszhc.dll
00A60000[0001B000]
[ M] 52. d:\瑞星卡卡\ieprot.dll
+ 000008e0(2272) SOUNDMAN.EXE
00400000[0008F000]
[AM] 41. c:\windows\soundman.exe
10000000[0001B000]
[ M] 52. d:\瑞星卡卡\ieprot.dll
+ 00000930(2352) realsched.exe
00400000[0002E000]
[AM] 42. c:\program files\common files\real\update_ob\realsched.exe
10000000[0001B000]
[ M] 52. d:\瑞星卡卡\ieprot.dll
+ 0000095c(2396) runiep.exe
00400000[00012000]
[AM] 43. d:\瑞星卡卡\runiep.exe
00C00000[0001B000]
[ M] 52. d:\瑞星卡卡\ieprot.dll
+ 00000988(2440) 360Tray.exe
00400000[00029000]
[AM] 45. d:\360安全卫士\safemon\360tray.exe
10000000[0001C000]
[AM] 31. d:\360安全卫士\safemon\safemon.dll
00A10000[0000C000]
[ M] 56. d:\360安全卫士\safemon\safekrnl.dll
00B00000[00022000]
[ M] 57. d:\360安全卫士\antiadwa.dll
01540000[0001B000]
[ M] 52. d:\瑞星卡卡\ieprot.dll
+ 000009b4(2484) ctfmon.exe
10000000[0001B000]
[ M] 52. d:\瑞星卡卡\ieprot.dll
+ 00000f50(3920) Ras.exe
00400000[0013F000]
[ M] 58. d:\瑞星卡卡\ras.exe
10000000[0001C000]
[AM] 31. d:\360安全卫士\safemon\safemon.dll
00EA0000[000A3000]
[ M] 59. d:\瑞星卡卡\rasgui.dll
016A0000[0001B000]
[ M] 52. d:\瑞星卡卡\ieprot.dll
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
© 2000 - 2026 Rising Corp. Ltd.