瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 电脑开启没有桌面!瑞星开启自动关闭,高手请进!有日志。
blickFY - 2007-4-7 13:19:00
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <P2kAutostart><>  [N/A]
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe>  [(Verified)Google Inc]
    <mhrwk><C:\DOCUME~1\new\LOCALS~1\Temp\c0nime.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <333><C:\Syswm1i\svchost.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <igfxtray><C:\WINDOWS\system32\igfxtray.exe>  [Intel Corporation]
    <igfxhkcmd><C:\WINDOWS\system32\hkcmd.exe>  [Intel Corporation]
    <igfxpers><C:\WINDOWS\system32\igfxpers.exe>  [Intel Corporation]
    <BigDogPath><C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL)>  [N/A]
    <RemoteControl><D:\PowerDVD\PowerDVD\PDVDServ.exe>  [(Verified)CyberLink]
    <LanguageShortcut><D:\PowerDVD\PowerDVD\Language\Language.exe>  [(Verified)CyberLink]
    <hxgame-update><C:\Program Files\hxupdate\hxgame-update.exe>  [N/A]
    <mppsds><C:\WINDOWS\mppsds.exe>  []
    <cmdbcs><C:\WINDOWS\cmdbcs.exe>  []
    <msccrt><C:\WINDOWS\msccrt.exe>  []
    <wgs3><C:\WINDOWS\wgs3.exe>  []
    <winform><C:\WINDOWS\winform.exe>  []
    <mppds><C:\WINDOWS\mppds.exe>  []
    <UnlockerAssistant><"D:\My Documents\新建文件夹 (2)\Unlocker\UnlockerAssistant.exe">  [N/A]
    <upxdnd><C:\WINDOWS\TEMP\upxdnd.exe>  [N/A]
    <cmdbc><C:\WINDOWS\cmdbc.exe>  []
    <kav><"D:\kabasiji6.0\avp.exe">  [N/A]
    <RavScanBD><"D:\瑞星\Rising\Rfw\ScanBD.exe" /INST>  [Beijing Rising Technology Co., Ltd.]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002A><; >  [N/A]
    <PHIME2002ASync><; >  [N/A]
    <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <dcoh><C:\WINDOWS\dcoh.exe>  []
    <RavTask><"D:\瑞星\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <runeip><d:\My Documents\瑞星\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <upxdnda><C:\DOCUME~1\new\LOCALS~1\Temp\upxdnda.exe>  [N/A]
    <upxdnf><C:\WINDOWS\TEMP\upxdnf.exe>  []
    <upxmdnd><C:\DOCUME~1\new\LOCALS~1\Temp\upxmdnd.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><d:\My Documents\瑞星\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
    <wsttrs><C:\WINDOWS\wsttrs.exe>  []
    <fvjyyg72><%systemroot%\system32\Rundll32.exe %systemroot%\system32\fvjyyg72.dll,DllUnregisterServer>  [Microsoft Corporation]
    <hojwk><%systemroot%\system32\Rundll32.exe  %systemroot%\system32\hojwk.dll,DllUnregisterServer>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe crs.exe>  []
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [Microsoft Corporation]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [Microsoft Corporation]
    <UPnPMonitor><C:\WINDOWS\system32\upnpui.dll>  [Microsoft Corporation]
    <pats><C:\PROGRA~1\ossy\pats.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation]
    <{623D33B3-1E70-4705-88E9-649522AF6268}><C:\WINDOWS\system32\wbem\fhxpxppa.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\ssmarque.scr>  [Microsoft Corporation]

==================================
1
查看完整版本: 电脑开启没有桌面!瑞星开启自动关闭,高手请进!有日志。
© 2000 - 2026 Rising Corp. Ltd.