C:\PROGRAM FILES\LENOVO\TIMERSERVICE\LENOVOTIMER.EXE
C:\WINDOWS\SYSTEM32\CTFMON.EXE
C:\WINDOWS\SYSTEM32\UNISPIM5.IME
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL
C:\WINDOWS\SYSTEM32\WDFMGR.EXE
C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE
C:\PROGRAM FILES\RISING\RFW\RSGUILIB.DLL
C:\PROGRAM FILES\RISING\RFW\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\RFW\RFWCTRL.DLL
C:\PROGRAM FILES\RISING\RFW\RSXML.DLL
C:\PROGRAM FILES\RISING\RFW\PNGDLL.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\SYSTEM32\UNISPIM5.IME
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\MSAGENT\AGENTSVR.EXE
C:\WINDOWS\SYSTEM32\UNISPIM5.IME
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\DOCUMENTS AND SETTINGS\NEW\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\V5FIBNR6\RSDETECT[1].EXE
C:\WINDOWS\SYSTEM32\UNISPIM5.IME
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM32\UNISPIM5.IME
C:\WINDOWS\SYSTEM32\KAKATOOL.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\MSOHEV.DLL
C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL
C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH9B.OCX
C:\WINDOWS\SYSTEM32\MSACM32.DRV
普通自启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
IMJPMIG8.1 = "C:\WINDOWS\IME\IMJP8_1\IMJPMIG.EXE" /SPOIL /REMADVDEF /MIGRATION32
PHIME2002ASync = C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A = C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /IMENAME
SoundMan = SOUNDMAN.EXE
HotKeysCmds = C:\WINDOWS\SYSTEM32\HKCMD.EXE
NewRmtService = C:\PROGRAM FILES\NEWREMOTECONTROL\NEWRMTSERVICE.EXE
ControlCenter.exe = "C:\PROGRAM FILES\LENOVO\REMOTECONTROLCENTER\CONTROLCENTER.EXE"
SKDaemon = C:\PROGRAM FILES\LENOVO\LEGEND STANDARD KEYBOARD\SKDAEMON.EXE
MyDevice.exe = "C:\PROGRAM FILES\COMMON FILES\LENOVO\HAPPYHOME\COMMONDLL\MYDEVICE.EXE"
TimerClient.exe = "C:\PROGRAM FILES\LENOVO\TIMERSERVICE\TIMERCLIENT.EXE"
NeroFilterCheck = C:\WINDOWS\SYSTEM32\NEROCHECK.EXE
KernelFaultCheck = C:\WINDOWS\SYSTEM32\DUMPREP 0 -K
RavTask = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM
RfwMain = "C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE" -STARTUP
runeip = C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE
财智小快记 = D:\财智家庭MONEYHOME4\PROGRAM\ACCOUNTPIG.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
RavStub = "C:\PROGRAM FILES\RISING\RAV\RAVSTUB.EXE" /RUNONCE
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe = C:\WINDOWS\SYSTEM32\CTFMON.EXE
AppInit_DLLs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs =
系统文件关联
.exe ==> exefile = "%1" %*
.com ==> comfile = "%1" %*
.cmd ==> cmdfile = "%1" %*
.bat ==> batfile = "%1" %*
.txt ==> txtfile = %SystemRoot%\system32\NOTEPAD.EXE %1
.scr ==> scrfile = "%1" /S
.reg ==> regfile = regedit.exe "%1"
.doc ==> Word.Document.8 = "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde
其它启动项
WIN.INI
无信息
SYSTEM.INI
SHELL = Explorer.exe
SCRNSAVE.EXE = C:\WINDOWS\system32\BLISS.SCR
