1   1  /  1  页   跳转

大家帮忙看下日志

收藏
caopansnow
头像
初生襁褓狮
  • 帖子:12
  • 注册: 2007-02-17
  • 来自:
发表于: 2007-02-18 22:06 | 显示全部 短消息 资料
字号: 1楼

大家帮忙看下日志

系统活动进程
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\PROGRAM FILES\LENOVO\联想键盘驱动\KBDRIVER.EXE
C:\PROGRAM FILES\LENOVO\联想键盘驱动\TGEKB.DLL
C:\PROGRAM FILES\LENOVO\联想键盘驱动\LXKEYLED.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\PROGRAM FILES\LENOVO\REMOTECONTROLCENTER\CONTROLCENTER.EXE
C:\PROGRAM FILES\LENOVO\REMOTECONTROLCENTER\SK_OSD.DLL
C:\PROGRAM FILES\LENOVO\REMOTECONTROLCENTER\VOLUMEOSD.DLL
C:\PROGRAM FILES\LENOVO\REMOTECONTROLCENTER\SCROSD32.DLL
C:\WINDOWS\SYSTEM32\WDMAUD.DRV
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\PROGRAM FILES\联想(北京)有限公司\幸福飞梭\SHUTTLE.EXE
C:\PROGRAM FILES\联想(北京)有限公司\幸福飞梭\SK_OSD.DLL
C:\PROGRAM FILES\联想(北京)有限公司\幸福飞梭\VOLUMEOSD.DLL
C:\PROGRAM FILES\联想(北京)有限公司\幸福飞梭\SCROSD32.DLL
C:\WINDOWS\SYSTEM32\WDMAUD.DRV
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\WDMAUD.DRV
C:\WINDOWS\SYSTEM32\MSACM32.DRV

C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\PROGRAM FILES\NEWREMOTECONTROL\NEWRMTSERVICE.EXE
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\COMMON FILES\LENOVO\HAPPYHOME\COMMONDLL\MYDEVICE.EXE
C:\PROGRAM FILES\COMMON FILES\LENOVO\HAPPYHOME\COMMONDLL\BURN.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\WUPS.DLL
C:\WINDOWS\SYSTEM32\WUPS2.DLL

C:\PROGRAM FILES\LENOVO\TIMERSERVICE\TIMERCLIENT.EXE
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEP_CTRL.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE
C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL
C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE
C:\PROGRAM FILES\RISING\RAV\BWLIST.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL
C:\PROGRAM FILES\RISING\RAV\RFWCTRL.DLL
C:\PROGRAM FILES\RISING\RAV\RSPPSYS.DLL
C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL
C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\RAV\RSLOG.DLL
C:\PROGRAM FILES\RISING\RAV\HOOKSYS.DLL
C:\PROGRAM FILES\RISING\RAV\SCANNER.DLL
C:\PROGRAM FILES\RISING\RAV\LIBLOAD.DLL
C:\PROGRAM FILES\RISING\RAV\VIRUSLIB.DLL
C:\PROGRAM FILES\RISING\RAV\REGMON.DLL
C:\PROGRAM FILES\RISING\RAV\PSAPI.DLL
C:\PROGRAM FILES\RISING\RAV\HOOKWEB.DLL
C:\PROGRAM FILES\RISING\RAV\MEMMON.DLL
C:\PROGRAM FILES\RISING\RAV\EXPSCAN.DLL
C:\PROGRAM FILES\RISING\RAV\MPORTS.DLL
C:\PROGRAM FILES\RISING\RAV\HOOKCONT.DLL
C:\PROGRAM FILES\RISING\RAV\SPAMENG.DLL
C:\PROGRAM FILES\RISING\RAV\ENGINE.DLL
C:\PROGRAM FILES\RISING\RAV\POSTTRT.DLL
C:\PROGRAM FILES\RISING\RAV\UNEXE.DLL
C:\PROGRAM FILES\RISING\RAV\SCANEXEC.DLL
C:\PROGRAM FILES\RISING\RAV\SCANEX.DLL
C:\PROGRAM FILES\RISING\RAV\EXTFILE.DLL
C:\PROGRAM FILES\RISING\RAV\NVFILE.DLL
C:\PROGRAM FILES\RISING\RAV\SCANMAC.DLL
C:\PROGRAM FILES\RISING\RAV\SCANSCT.DLL
C:\PROGRAM FILES\RISING\RAV\UNPACKER.DLL
C:\PROGRAM FILES\RISING\RAV\SCANPACK.DLL
C:\PROGRAM FILES\RISING\RAV\RSVM.DLL
C:\PROGRAM FILES\RISING\RAV\UROUTINE.DLL
C:\PROGRAM FILES\RISING\RAV\EXTOLE.DLL
C:\PROGRAM FILES\RISING\RAV\SCANNET.DLL

C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE
C:\PROGRAM FILES\RISING\RFW\RFWRULE.DLL
C:\PROGRAM FILES\RISING\RFW\RFWLOG.DLL
C:\PROGRAM FILES\RISING\RFW\RFWDRV.DLL
C:\PROGRAM FILES\RISING\RFW\PSAPI.DLL
C:\PROGRAM FILES\RISING\RFW\MONDRV.DLL
C:\PROGRAM FILES\RISING\RFW\PROCLIB.DLL
C:\PROGRAM FILES\RISING\RFW\MPORTS.DLL

C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE
C:\PROGRAM FILES\RISING\RAV\RSGUILIB.DLL
C:\PROGRAM FILES\RISING\RAV\BWLIST.DLL
C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL
C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL
C:\PROGRAM FILES\RISING\RAV\RSXML.DLL
C:\PROGRAM FILES\RISING\RAV\PNGDLL.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\WINDOWS\SYSTEM32\CTFMON.EXE
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\NVMCTRAY.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\PROGRAM FILES\RISING\RAV\RAVSTUB.EXE
C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL

C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\RAVEXT.DLL
C:\WINDOWS\SYSTEM32\WDMAUD.DRV
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\ALG.EXE
C:\PROGRAM FILES\LENOVO\TIMERSERVICE\LENOVOTIMER.EXE
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE
C:\PROGRAM FILES\RISING\RFW\RSGUILIB.DLL
C:\PROGRAM FILES\RISING\RFW\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\RFW\RFWCTRL.DLL
C:\PROGRAM FILES\RISING\RFW\RSXML.DLL
C:\PROGRAM FILES\RISING\RFW\PNGDLL.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

D:\Q\QQ.EXE
D:\Q\QQBASECLASSINDLL.DLL
D:\Q\QQHELPERDLL.DLL
D:\Q\BASICCTRLDLL.DLL
D:\Q\MFC42.DLL
D:\Q\RICHED32.DLL
D:\Q\RICHED20.DLL
D:\Q\QQAPI.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL
D:\Q\TIMPROXY.DLL
D:\Q\LOGINCTRL.DLL
D:\Q\NPKCNTC.DLL
D:\Q\NPKPDB.DLL
D:\Q\QQRES.DLL
D:\Q\WIZARDCTRL.DLL
D:\Q\QQMAINFRAME.DLL
C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH9.OCX
C:\WINDOWS\SYSTEM32\WDMAUD.DRV
C:\WINDOWS\SYSTEM32\MSACM32.DRV
D:\Q\CQQAPPLICATION.DLL
D:\Q\NEWSKIN.DLL
D:\Q\HOSTINGMGR.DLL
D:\Q\CAMERADLL.DLL
D:\Q\MAILSUMMARY.DLL
D:\Q\QQKNOWLEDGESEARCH.DLL
D:\Q\QQALLINONE.DLL
D:\Q\GROUPLIVE.DLL
D:\Q\SCCORE.DLL
D:\Q\GDIPLUS.DLL
D:\Q\QQSPACE.DLL
D:\Q\VBSCRIPT.DLL
D:\Q\QQGROUPMNG.DLL
D:\Q\LONGCONNECTION.DLL
D:\Q\QQPLUGIN.DLL
D:\Q\USERDEFINEDHEAD.DLL
D:\Q\QQCONFIGPLUGIN.DLL
D:\Q\QQCUSTOMFACE.DLL
D:\Q\QRINGMNG.DLL
D:\Q\QQPET.DLL
D:\Q\QQAVATAR.DLL
D:\Q\FLASHAVATARDLL.DLL
D:\Q\PHONEAPI.DLL
D:\Q\DIALERALLINONE.DLL
D:\Q\QQSYSMSGMNG.DLL
D:\Q\QQFILETRANSFER.DLL
D:\Q\BQQAPPLICATION.DLL
D:\Q\GROUPCONNECTION.DLL
D:\Q\COMMERCESMNG.DLL
D:\Q\PERSONALDESKTOP.DLL
D:\Q\QQADDR.DLL
D:\Q\QQONECLICK.DLL
D:\Q\QQSCENEMNG.DLL
D:\Q\QQPHONEHELPER.DLL
C:\WINDOWS\SYSTEM32\RAVEXT.DLL

D:\Q\TIMPLATFORM.EXE
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL
D:\Q\TIMPROXY.DLL

D:\Q\TTRAVELER.EXE
D:\Q\PLUGINS\TWEATHER\TWEATHER.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL
D:\Q\PERSONALDESKTOP.DLL
C:\WINDOWS\SYSTEM32\WDMAUD.DRV
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL
C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH9.OCX

C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
C:\WINDOWS\SYSTEM32\WUAUCPL.CPL
C:\WINDOWS\SYSTEM32\WUPS.DLL

C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
C:\DOCUMENTS AND SETTINGS\LX\桌面\RSDETECT.EXE
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL

C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
C:\WINDOWS\SYSTEM32\WUAUCPL.CPL
C:\WINDOWS\SYSTEM32\WUPS.DLL
C:\WINDOWS\SYSTEM32\WUPS2.DLL
C:\WINDOWS\SYSTEM32\MUCLTUI.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\IEPROT.DLL


普通自启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
IMJPMIG8.1 = "C:\WINDOWS\IME\IMJP8_1\IMJPMIG.EXE" /SPOIL /REMADVDEF /MIGRATION32
PHIME2002ASync = C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A = C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /IMENAME
SoundMan = SOUNDMAN.EXE
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\SYSTEM32\NVCPL.DLL,NVSTARTUP
nwiz = NWIZ.EXE /INSTALL
Lskbdrv = C:\PROGRAM FILES\LENOVO\联想键盘驱动\KBDRIVER.EXE
Shuttle.exe = C:\PROGRAM FILES\联想(北京)有限公司\幸福飞梭\SHUTTLE.EXE
ControlCenter.exe = "C:\PROGRAM FILES\LENOVO\REMOTECONTROLCENTER\CONTROLCENTER.EXE"
NewRmtService = C:\PROGRAM FILES\NEWREMOTECONTROL\NEWRMTSERVICE.EXE
MyDevice.exe = "C:\PROGRAM FILES\COMMON FILES\LENOVO\HAPPYHOME\COMMONDLL\MYDEVICE.EXE"
TimerClient.exe = "C:\PROGRAM FILES\LENOVO\TIMERSERVICE\TIMERCLIENT.EXE"
TkBellExe = "C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE" -OSBOOT
runeip = C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE
RfwMain = "C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE" -STARTUP
RavTask = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM
mss3 = C:\WINDOWS\MSS3.EXE
wgs3 = C:\WINDOWS\WGS3.EXE
wms3 = C:\WINDOWS\WMS3.EXE
rxs3 = C:\WINDOWS\RXS3.EXE
mhs3 = C:\WINDOWS\MHS3.EXE
wls3 = C:\WINDOWS\WLS3.EXE
mys3 = C:\WINDOWS\MYS3.EXE
jts3 = C:\WINDOWS\JTS3.EXE
zts3 = C:\WINDOWS\ZTS3.EXE
wos3 = C:\WINDOWS\WOS3.EXE

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe = C:\WINDOWS\SYSTEM32\CTFMON.EXE
NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\SYSTEM32\NVMCTRAY.DLL,NVTASKBARINIT


AppInit_DLLs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs =

最后编辑2007-02-19 20:40:36
分享到:
gototop
 
caopansnow
头像
初生襁褓狮
  • 帖子:12
  • 注册: 2007-02-17
  • 来自:
发表于: 2007-02-18 22:08 | 显示全部 短消息 资料
字号: 2楼


系统文件关联
.exe ==> exefile = "%1" %*
.com ==> comfile = "%1" %*
.cmd ==> cmdfile = "%1" %*
.bat ==> batfile = "%1" %*
.txt ==> txtfile = %SystemRoot%\system32\NOTEPAD.EXE %1
.scr ==> scrfile = "%1" /S
.reg ==> regfile = regedit.exe "%1"
.doc ==> Word.Document.8 = "D:\office\OFFICE11\WINWORD.EXE" /n /dde

其它启动项
WIN.INI
无信息

SYSTEM.INI
SHELL = Explorer.exe
SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr


Winlogon 启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
crypt32chain = CRYPT32.DLL
cryptnet = CRYPTNET.DLL
cscdll = CSCDLL.DLL
ScCertProp = WLNOTIFY.DLL
Schedule = WLNOTIFY.DLL
sclgntfy = SCLGNTFY.DLL
SensLogn = WLNOTIFY.DLL
termsrv = WLNOTIFY.DLL
wlballoon = WLNOTIFY.DLL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit = C:\WINDOWS\SYSTEM32\USERINIT.EXE,
shell = EXPLORER.EXE


IE - BHO

Winsock SPI
MSAFD Tcpip [TCP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [UDP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [RAW/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
RSVP UDP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL
RSVP TCP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3D343FD2-3B48-4AFC-B2EF-CEABB6FC7B3F}] SEQPACKET 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3D343FD2-3B48-4AFC-B2EF-CEABB6FC7B3F}] DATAGRAM 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{C01D00FB-2D04-4592-9FCC-A47EC70C2D00}] SEQPACKET 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{C01D00FB-2D04-4592-9FCC-A47EC70C2D00}] DATAGRAM 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{889D0170-D286-4DFC-8423-C6D301293D5B}] SEQPACKET 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{889D0170-D286-4DFC-8423-C6D301293D5B}] DATAGRAM 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{05DC56C5-A50D-496A-B641-6FDA96ED2412}] SEQPACKET 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{05DC56C5-A50D-496A-B641-6FDA96ED2412}] DATAGRAM 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{E1BFFFD7-6527-41E6-B0BE-D04FADF64E43}] SEQPACKET 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{E1BFFFD7-6527-41E6-B0BE-D04FADF64E43}] DATAGRAM 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{747868E7-8E74-4890-9C78-8649D7EB7B7E}] SEQPACKET 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{747868E7-8E74-4890-9C78-8649D7EB7B7E}] DATAGRAM 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{04375DF5-59FC-44E8-9E92-C0996D508F35}] SEQPACKET 6 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{04375DF5-59FC-44E8-9E92-C0996D508F35}] DATAGRAM 6 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
gototop
 
caopansnow
头像
初生襁褓狮
  • 帖子:12
  • 注册: 2007-02-17
  • 来自:
发表于: 2007-02-18 22:09 | 显示全部 短消息 资料
字号: 3楼

系统服务项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
Alerter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
ALG = C:\WINDOWS\SYSTEM32\ALG.EXE
AppMgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
AudioSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
BITS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Browser = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
CiSvc = C:\WINDOWS\SYSTEM32\CISVC.EXE
ClipSrv = C:\WINDOWS\SYSTEM32\CLIPSRV.EXE
COMSysApp = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
CryptSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Dhcp = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
dmadmin = C:\WINDOWS\SYSTEM32\DMADMIN.EXE /COM
dmserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Dnscache = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE
ERSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Eventlog = C:\WINDOWS\SYSTEM32\SERVICES.EXE
EventSystem = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
FastUserSwitchingCompatibility = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
helpsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
HidServ = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ImapiService = C:\WINDOWS\SYSTEM32\IMAPI.EXE
lanmanserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
lanmanworkstation = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
LenovoTimerService = C:\PROGRAM FILES\LENOVO\TIMERSERVICE\LENOVOTIMER.EXE
LmHosts = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
Messenger = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
mnmsrvc = C:\WINDOWS\SYSTEM32\MNMSRVC.EXE
MSDTC = C:\WINDOWS\SYSTEM32\MSDTC.EXE
MSIServer = C:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V
NetDDE = C:\WINDOWS\SYSTEM32\NETDDE.EXE
NetDDEdsdm = C:\WINDOWS\SYSTEM32\NETDDE.EXE
Netlogon = C:\WINDOWS\SYSTEM32\LSASS.EXE
Netman = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Nla = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
NtLmSsp = C:\WINDOWS\SYSTEM32\LSASS.EXE
NtmsSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
NVSvc = C:\WINDOWS\SYSTEM32\NVSVC32.EXE
ose = C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\SOURCE ENGINE\OSE.EXE
PlugPlay = C:\WINDOWS\SYSTEM32\SERVICES.EXE
PolicyAgent = C:\WINDOWS\SYSTEM32\LSASS.EXE
ProtectedStorage = C:\WINDOWS\SYSTEM32\LSASS.EXE
RasAuto = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RasMan = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RDSessMgr = C:\WINDOWS\SYSTEM32\SESSMGR.EXE
RemoteAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RfwProxySrv = C:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE
RfwService = C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE
RpcLocator = C:\WINDOWS\SYSTEM32\LOCATOR.EXE
RpcSs = C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS
RsCCenter = "C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE"
RsRavMon = "C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE"
RSVP = C:\WINDOWS\SYSTEM32\RSVP.EXE
SamSs = C:\WINDOWS\SYSTEM32\LSASS.EXE
SCardDrv = C:\WINDOWS\SYSTEM32\SCARDSVR.EXE
SCardSvr = C:\WINDOWS\SYSTEM32\SCARDSVR.EXE
Schedule = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
seclogon = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SENS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SharedAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ShellHWDetection = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Spooler = C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
srservice = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SSDPSRV = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
stisvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC
SwPrv = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{A90126B8-9DB5-403D-A18D-F5ACF66B7995}
SysmonLog = C:\WINDOWS\SYSTEM32\SMLOGSVC.EXE
TapiSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
TermService = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Themes = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
TrkWks = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
uploadmgr = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
upnphost = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
UPS = C:\WINDOWS\SYSTEM32\UPS.EXE
VSS = C:\WINDOWS\SYSTEM32\VSSVC.EXE
W32Time = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WebClient = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
winmgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmdmPmSN = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmiApSrv = C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
wuauserv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WZCSVC = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS


文件驱动
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
MRxDAV = C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS
MRxSmb = C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
NetBIOS = C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
Rdbss = C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
sisidex = C:\WINDOWS\SYSTEM32\DRIVERS\SISIDEX.SYS
sr = C:\WINDOWS\SYSTEM32\DRIVERS\SR.SYS
Srv = C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS
gototop
 
caopansnow
头像
初生襁褓狮
  • 帖子:12
  • 注册: 2007-02-17
  • 来自:
发表于: 2007-02-18 22:09 | 显示全部 短消息 资料
字号: 4楼

系统驱动项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
ACPI = C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS
aec = C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS
AFD = C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
ALCXSENS = C:\WINDOWS\SYSTEM32\DRIVERS\ALCXSENS.SYS
ALCXWDM = C:\WINDOWS\SYSTEM32\DRIVERS\ALCXWDM.SYS
Arp1394 = C:\WINDOWS\SYSTEM32\DRIVERS\ARP1394.SYS
AsyncMac = C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS
atapi = C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS
Atmarpc = C:\WINDOWS\SYSTEM32\DRIVERS\ATMARPC.SYS
audstub = C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS
BaseTDI = C:\WINDOWS\SYSTEM32\DRIVERS\BASETDI.SYS
basic2 = C:\WINDOWS\SYSTEM32\DRIVERS\HSF_BSC2.SYS
BT848 = C:\WINDOWS\SYSTEM32\DRIVERS\CXVCAP.SYS
CALLKEY_IO = C:\HAPPYHOME\智能维护\CALLKEY.SYS
CCDECODE = C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.SYS
Cdrom = C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
CXTUNER = C:\WINDOWS\SYSTEM32\DRIVERS\CXTUNER.SYS
CXXBAR = C:\WINDOWS\SYSTEM32\DRIVERS\CXXBAR.SYS
Disk = C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS
dmboot = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS
dmio = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS
dmload = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS
DMusic = C:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS
drmkaud = C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS
ExpScaner = C:\PROGRAM FILES\RISING\RAV\EXPSCAN.SYS
Fdc = C:\WINDOWS\SYSTEM32\DRIVERS\FDC.SYS
Flpydisk = C:\WINDOWS\SYSTEM32\DRIVERS\FLPYDISK.SYS
FsVga = C:\WINDOWS\SYSTEM32\DRIVERS\FSVGA.SYS
Ftdisk = C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS
gameenum = C:\WINDOWS\SYSTEM32\DRIVERS\GAMEENUM.SYS
Gpc = C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS
hidusb = C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS
HookCont = C:\PROGRAM FILES\RISING\RAV\HOOKCONT.SYS
HookReg = C:\PROGRAM FILES\RISING\RAV\HOOKREG.SYS
HookSys = C:\PROGRAM FILES\RISING\RAV\HOOKSYS.SYS
HookUrl = C:\PROGRAM FILES\RISING\RFW\HOOKURL.SYS
HSFHWBS2 = C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.SYS
HSF_DP = C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.SYS
hsf_msft = C:\WINDOWS\SYSTEM32\DRIVERS\HSF_MSFT.SYS
i8042prt = C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS
Imapi = C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS
IpFilterDriver = C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS
IpInIp = C:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS
IpNat = C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS
IPSec = C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS
IRENUM = C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS
isapnp = C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS
Kbdclass = C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
kmixer = C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS
mdmxsdk = C:\WINDOWS\SYSTEM32\DRIVERS\MDMXSDK.SYS
MEMSCAN = C:\PROGRAM FILES\RISING\RAV\MEMSCAN.SYS
Mouclass = C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
mouhid = C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS
mProcRs = C:\PROGRAM FILES\RISING\RFW\MPROCRS.SYS
MSJDrvr = C:\WINDOWS\SYSTEM32\DRIVERS\MSJDRVR.SYS
MSKSSRV = C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS
MSPCLOCK = C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS
MSPQM = C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS
MSTEE = C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.SYS
ms_mpu401 = C:\WINDOWS\SYSTEM32\DRIVERS\MSMPU401.SYS
NABTSFEC = C:\WINDOWS\SYSTEM32\DRIVERS\NABTSFEC.SYS
NdisIP = C:\WINDOWS\SYSTEM32\DRIVERS\NDISIP.SYS
NdisTapi = C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
Ndisuio = C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS
NdisWan = C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS
NetBT = C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
NIC1394 = C:\WINDOWS\SYSTEM32\DRIVERS\NIC1394.SYS
npkcrypt = D:\Q\NPKCRYPT.SYS
nv = C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS
NwlnkFlt = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS
NwlnkFwd = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS
ohci1394 = C:\WINDOWS\SYSTEM32\DRIVERS\OHCI1394.SYS
Parport = C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
PCI = C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS
PCIIde = C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS
PptpMiniport = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS
Processor = C:\WINDOWS\SYSTEM32\DRIVERS\PROCESSR.SYS
PSched = C:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS
Ptilink = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS
RasAcd = C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
Rasl2tp = C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS
RasPppoe = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS
Raspti = C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS
RDPCDD = C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
redbook = C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS
Rksample = C:\WINDOWS\SYSTEM32\DRIVERS\HSF_SAMP.SYS
RsAntiSpyware = C:\WINDOWS\SYSTEM32\DRIVERS\RSBOOT.SYS
RsFwDrv = C:\PROGRAM FILES\RISING\RFW\RSFWDRV.SYS
RsNTGDI = C:\WINDOWS\SYSTEM32\DRIVERS\RSNTGDI.SYS
RSPPSYS = C:\PROGRAM FILES\RISING\RAV\RSPPSYS.SYS
rtl8139 = C:\WINDOWS\SYSTEM32\DRIVERS\R8139N51.SYS
Secdrv = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS
serenum = C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS
Serial = C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS
SISAGP = C:\WINDOWS\SYSTEM32\DRIVERS\SISAGPX.SYS
SiSide = C:\WINDOWS\SYSTEM32\DRIVERS\SISIDE.SYS
sisperf = C:\WINDOWS\SYSTEM32\DRIVERS\SISPERF.SYS
SLIP = C:\WINDOWS\SYSTEM32\DRIVERS\SLIP.SYS
splitter = C:\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS
streamip = C:\WINDOWS\SYSTEM32\DRIVERS\STREAMIP.SYS
swenum = C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
swmidi = C:\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS
sysaudio = C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS
Tcpip = C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
TermDD = C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
UIUSys = C:\WINDOWS\SYSTEM32\DRIVERS\UIUSYS.SYS
Update = C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS
usbehci = C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
usbhub = C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
usbohci = C:\WINDOWS\SYSTEM32\DRIVERS\USBOHCI.SYS
usbprint = C:\WINDOWS\SYSTEM32\DRIVERS\USBPRINT.SYS
usbstor = C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
VgaSave = C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
Wanarp = C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
wdmaud = C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS
winachsf = C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.SYS
WSTCODEC = C:\WINDOWS\SYSTEM32\DRIVERS\WSTCODEC.SYS
gototop
 
caopansnow
头像
初生襁褓狮
  • 帖子:12
  • 注册: 2007-02-17
  • 来自:
发表于: 2007-02-19 20:50 | 显示全部 短消息 资料
字号: 5楼

帮忙
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT