瑞星卡卡安全论坛

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [Microsoft Corporation]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <联想标准功能键盘 Ver1.0.0.3><C:\Program Files\联想\联想标准功能键盘\SkDaemond.exe>  [联想]
    <StateChange><C:\Program Files\lenovo\StateChange\QuakeII.exe>  [联想]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [ ]
    <StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [Yahoo!]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <GrpConv><grpconv.exe -o>  [Microsoft Corporation]
    <C:\PROGRA~1\sina\UC\UCddt\ddtinit.dll><C:\WINDOWS\system32\regsvr32.exe -s "C:\PROGRA~1\sina\UC\UCddt\ddtinit.dll">  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
[VIA RAID TOOL]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\VIA RAID TOOL.lnk><N>
[Stardock ObjectDock]
  <C:\Documents and Settings\Owner\「开始」菜单\程序\启动\Stardock ObjectDock.lnk><N>
[Y'z ToolBar]
  <C:\Documents and Settings\Owner\「开始」菜单\程序\启动\Y'z ToolBar.lnk><N>
[腾讯QQ珊瑚虫版]
  <C:\Documents and Settings\Owner\「开始」菜单\程序\启动\腾讯QQ珊瑚虫版.lnk><N>
[新浪UC]
  <C:\Documents and Settings\Owner\「开始」菜单\程序\启动\新浪UC.lnk><N>

==================================
服务
[AMD PowerNow! (tm) Technology Service / GemServ]
  <C:\Program Files\AMD\Cool'n'Quiet\GemServ.exe><Advanced Micro Devices>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>