瑞星卡卡安全论坛

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <caishowmanage><C:\Program Files\CaiShow Tech\CaiShow\UpdateManager.EXE>  []
    <ClientQyule><C:\Program Files\Qyule\Qyule.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RfwMain><"E:\Rising（瑞星杀毒）\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
    <NWEReboot><>  []
    <RavTask><"E:\Rising（瑞星杀毒）\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <Thunder><"C:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s>  []
    <stup.exe><C:\PROGRA~1\TENCENT\Adplus\stup.exe>  [Tencent]
    <spoolsv><>  []
    <supdate2.dll><RUNDLL32.EXE C:\WINDOWS\system32\supdate2.dll,Run>  []
    <CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe>  []
    <pbmini><"C:\Program Files\pcast\PodcastbarMini\PodcastBarMini.exe" -hide>  []
    <ClientQyule><C:\Program Files\Qyule\Qyule.exe>  []
    <IdnMail><C:\WINDOWS\system32\IdnMail.exe>  [CNNIC]
    <CApp><C:\WINDOWS\system32\capp.exe>  []
    <Windir><C:\WINDOWS\system32\Windir.exe>  []
    <BDPK><C:\Program Files\Internet Explorer\Mui\>  []
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"E:\Rising（瑞星杀毒）\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\Userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{9E031DA5-4480-4E8D-8257-5EE0823F85C9}><C:\WINDOWS\system32\Sbsy.dll>  []
    <{8A1D8B94-19D3-48DB-ABA9-BE0160DB4C5E}><C:\WINDOWS\system32\Mnvzlc.dll>  []
    <{9C6ABE66-937A-4C62-AFDA-0BBE8F44EEE4}><C:\WINDOWS\system32\Utge.dll>  []
    <{20431182-20D5-4BE4-B0B2-00762A9C0DC4}><C:\WINDOWS\system32\Wdojsv.dll>  []
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{669D62D8-CB75-4BCE-93B2-71C9FC9DA3CC}><C:\WINDOWS\system32\Wsfbba.dll>  []
    <{22E1D9B0-B9E0-4741-8236-9FDB21F1C175}><C:\WINDOWS\system32\Asfqd.dll>  []
    <{E0C75A12-FCEC-41B5-95C4-D5BB96F3FA93}><C:\WINDOWS\system32\Ipuz.dll>  []
    <{C2D325D4-2B60-44A4-9F38-8AFF6E683C0C}><C:\WINDOWS\system32\Qirk.dll>  []
    <{2BEBD202-F9F8-4493-A564-20D0D234C3E4}><C:\WINDOWS\system32\Fardv.dll>  []
    <{E9E4C365-7A76-4384-8DF9-32D557279851}><C:\WINDOWS\system32\Mirtw.dll>  []
    <{10B3255D-83F2-46D7-840A-54D639CAE16D}><C:\WINDOWS\system32\Wkjvr.dll>  []
    <{C40F5374-2A97-47E9-9584-DBC34609F3BD}><C:\WINDOWS\system32\Diown.dll>  []
    <{B24089EA-3C7F-4932-B44A-241BF0DF7BEB}><C:\WINDOWS\system32\Leot.dll>  []
    <{6680346E-BADC-4ADF-BF0B-ECF2F49DC24B}><C:\WINDOWS\system32\Igpe.dll>  []
    <{946F175E-D939-4306-B363-5BACFD0587E2}><C:\WINDOWS\system32\Kfuf.dll>  []
    <{8A437E53-6E0A-4A17-BCA7-464CCCB75CFD}><C:\WINDOWS\system32\Rsgmvi.dll>  []
    <{A5CF371D-D68A-447B-84BC-4240786BD1E2}><C:\WINDOWS\system32\Pffcs.dll>  []
    <{1F9DD3B1-F6F5-4B3E-85A1-B2E6FDCF5D5E}><C:\WINDOWS\system32\Mxoxd.dll>  []
    <{CCD65F86-154A-4752-B306-F8249DB4DFB1}><C:\WINDOWS\system32\Qucix.dll>  []
    <{D0B69830-FCCB-4C37-846C-C6CF0FF5CE81}><C:\WINDOWS\system32\Eiaf.dll>  []
    <{51A768CD-A77B-42E1-B142-EE5B95649AFC}><C:\WINDOWS\system32\Vnxxi.dll>  []
    <{CAE6304F-09D2-418D-A7B8-EC8A45085A20}><C:\WINDOWS\system32\Ipjg.dll>  []
    <{9A8A79BF-43D9-43D0-BA7E-44BEE2B168D6}><C:\WINDOWS\system32\Qyupm.dll>  []
    <{2DC47752-47CF-417D-AD7C-45729BCAA71E}><C:\WINDOWS\system32\Aqsh.dll>  []
    <{AF8AA264-2441-4896-AC49-E4E94A322A96}><C:\WINDOWS\system32\Ugik.dll>  []
    <{5AB06955-8EEA-41B7-9DCA-2BCDCBC14353}><C:\WINDOWS\system32\Fjlgsi.dll>  []
    <{80854B24-D296-486C-A3F7-6E143E400C6C}><C:\WINDOWS\system32\Kxhedp.dll>  []
    <{FC98524E-C0A0-4531-8352-6FC5CE538054}><C:\WINDOWS\system32\Uvkdp.dll>  []
    <{1BE29672-5DC5-4840-9CE1-94213140E89C}><C:\WINDOWS\system32\Tfvaj.dll>  []
    <{FF983E19-947A-466C-A029-F18A4FE07F6D}><C:\WINDOWS\system32\Xjwbl.dll>  []
    <{E630FE28-B0F4-4CE3-82F2-36C79DD2FD49}><C:\WINDOWS\system32\Bout.dll>  []
    <{664724BA-A450-4247-B441-83603ED974B8}><C:\WINDOWS\system32\Zhpjca.dll>  []
    <{2EF4A0B8-6022-4B1A-8C14-A3B17A987352}><C:\WINDOWS\system32\Teafia.dll>  []
    <{8C203E2C-3667-4F0A-920D-9BF07A24DA94}><C:\WINDOWS\system32\Ppkbhz.dll>  []
    <{B285D396-2A44-4B7C-AECA-80EE7C88D16F}><C:\WINDOWS\system32\Mtnavw.dll>  []
    <{C4347E47-56A4-4411-AD3F-C25FC36A4636}><C:\WINDOWS\system32\Avsls.dll>  []
    <{DBDB2231-C50D-483D-A674-0DF31AEE385C}><C:\WINDOWS\system32\Apgbl.dll>  []
    <{761F34E4-6896-4F32-8663-DDC36B5C2EB4}><C:\WINDOWS\system32\Opdfo.dll>  []
    <{F073199F-0822-4C92-A447-3684584C688E}><C:\WINDOWS\system32\Kvanlj.dll>  []
    <{F7DF029F-794A-4A60-8191-84447ECF276E}><C:\WINDOWS\system32\Cifit.dll>  []
    <{BC23C9D9-3518-4393-BA90-2A68EB892526}><C:\WINDOWS\system32\Rcrr.dll>  []
    <{B939036D-C937-468B-A8CC-A7B86F7FA4E7}><C:\WINDOWS\system32\Kddb.dll>  []
    <{F54D4F3B-B9F4-4BDA-8D9D-C77F7BC50431}><C:\WINDOWS\system32\Isnehk.dll>  []
    <{4325D64F-2CB0-4A0E-9DCF-79F4C2A8019A}><C:\WINDOWS\system32\Fzdbme.dll>  []
    <{FDAB4B42-7084-46A0-9A86-22C83409CE0D}><C:\WINDOWS\system32\Xbphbl.dll>  []
    <{CC377F44-07B7-43E3-BE46-8F2931B89194}><C:\WINDOWS\system32\Unxaq.dll>  []
    <{3AC29548-ACF5-42CB-AE3A-02073B2D80BA}><C:\WINDOWS\system32\Frdugb.dll>  []
    <{CA234D93-7315-44CB-B891-EA28C62D4ACC}><C:\WINDOWS\system32\Tbutpt.dll>  []
    <{A3601284-EABD-4F90-94F7-A3F4F137D37F}><C:\WINDOWS\system32\Aqjp.dll>  []
    <{D196BCFE-4526-47AD-B399-067787298316}><C:\WINDOWS\system32\Rmehtk.dll>  []
    <{0DF08360-5E2F-4983-BC13-59301E5D4706}><C:\WINDOWS\system32\Xgkts.dll>  []
    <{5D1F78CC-06D0-4453-9274-3D182826F256}><C:\WINDOWS\system32\Wcpqh.dll>  []
    <{D303C264-2461-4585-A91C-33C6313B122D}><C:\WINDOWS\system32\Qbqlz.dll>  []
    <{4B190B66-685C-4E39-9846-BF22D7934C5C}><C:\WINDOWS\system32\Tpxq.dll>  []
    <{F6B74661-A52A-425F-99EF-7D05F4CC476D}><C:\WINDOWS\system32\Ariwzr.dll>  []

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[Rising Proxy  Service / RfwProxySrv]
  <e:\rising（瑞星杀毒）\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <e:\rising（瑞星杀毒）\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"E:\Rising（瑞星杀毒）\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"E:\Rising（瑞星杀毒）\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>