| 引用: |
【BlackStone的贴子】用Autoruns保存一个日志发上来
日志保存方法:选择File->Save菜单项保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮)
工具的下载、使用参考
........................... |
是不是这些啊,呵呵,菜鸟一个啊我
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ BIE i:\windows\downloaded program files\bdplugin.dll
+ BigDogPath Still Image (STI) Driver VM. i:\windows\vm_sti.exe
+ CdnCtr File not found: I:\Program Files\CNNIC\Cdn\cdnup.exe
+ DataLayer DataLayer 2.0 Module Nokia Mobile Phones Ltd. i:\program files\common files\pcsuite\datalayer\datalayer.exe
+ NeroCheck NeroCheck Ahead Software Gmbh i:\windows\system32\\nerocheck.exe
+ NvCplDaemon NVIDIA Display Properties Extension NVIDIA Corporation i:\windows\system32\nvcpl.dll
+ NvMediaCenter NVIDIA Media Center Library NVIDIA Corporation i:\windows\system32\nvmctray.dll
+ nwiz NVIDIA nView Wizard, Version 105.13 NVIDIA Corporation i:\windows\system32\nwiz.exe
+ PCSuiteTrayApplication Nokia Tray Application i:\program files\nokia\nokia pc suite 6\trayapplication.exe
+ RavTask RavTimer Beijing Rising Technology Co., Ltd. i:\program files\rising\rav\ravtask.exe
+ SKYNET Personal FireWall 天网防火墙个人版 天网 i:\program files\skynet\firewall\pfw.exe
+ SoundMan Realtek Sound Manager Realtek Semiconductor Corp. i:\windows\soundman.exe
+ StormCodec_Helper i:\program files\ringz studio\storm codec\stormset.exe
+ TkBellExe RealNetworks Scheduler RealNetworks, Inc. i:\program files\common files\real\update_ob\realsched.exe
+ Update i:\program files\common files\update\update.exe
I:\Documents and Settings\All Users\「开始」菜单\程序\启动
+ Adobe Reader Speed Launch.lnk Adobe Acrobat SpeedLauncher Adobe Systems Incorporated i:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ BD Plugin Interceptor i:\windows\downloaded program files\bdplugin.dll
+ Rising Execute File Exts hook Rising Shell Ext Module Beijing Rising Technology Co., Ltd. i:\windows\system32\ravext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ RISING Rising Shell Ext Module Beijing Rising Technology Co., Ltd. i:\windows\system32\ravext.dll
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ PDF Shell Extension PDF Shell Extension Adobe Systems, Inc. i:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
HKLM\System\CurrentControlSet\Services
+ ACDService c:\program files\easy file & folder protector\efpap.exe
+ NVSvc Provides system and desktop level support to the NVIDIA display driver NVIDIA Corporation i:\windows\system32\nvsvc32.exe
+ RsCCenter CCenter Beijing Rising Technology Co., Ltd. i:\program files\rising\rav\ccenter.exe
+ RsRavMon RavMond Beijing Rising Technology Co., Ltd. i:\program files\rising\rav\ravmond.exe
+ Universal Disk Manager 提供网络地址转换、名称解析和/或入侵保护服务。如果此服务被禁用,任何依赖它的服务将无法启动。 COMENET TECHNOLOGY i:\program files\common files\comm\network.exe
HKLM\System\CurrentControlSet\Services
+ ALCXSENS Sensaura WDM 3D Audio Driver Sensaura i:\windows\system32\drivers\alcxsens.sys
+ ALCXWDM Realtek AC'97 Audio Driver (WDM) Realtek Semiconductor Corp. i:\windows\system32\drivers\alcxwdm.sys
+ BaseTDI basetdi Beijing Rising Technology Co., Ltd. i:\windows\system32\drivers\basetdi.sys
+ cdnprot File not found: system32\drivers\cdnprot.sys
+ cdntran cdntran CNNIC i:\windows\system32\drivers\cdntran.sys
+ d347bus PnP BIOS Extension i:\windows\system32\drivers\d347bus.sys
+ d347prt SCSI miniport i:\windows\system32\drivers\d347prt.sys
+ ExpScaner ExpScan.sys i:\program files\rising\rav\expscan.sys
+ FDCBNT i:\windows\system32\drivers\fdcbnt.sys
+ FETNDIS NDIS 5.0 miniport driver VIA Technologies, Inc. i:\windows\system32\drivers\fetnd5.sys
+ HookCont TDI HOOK Driver Rising tech Co. ltd i:\program files\rising\rav\hookcont.sys
+ HookReg i:\program files\rising\rav\hookreg.sys
+ HookSys Hooksys Rising i:\program files\rising\rav\hooksys.sys
+ MEMSCAN MemScan Driver 瑞星软件有限公司 i:\program files\rising\rav\memscan.sys
+ Nokia USB Generic Nokia USB Phone Generic Client Nokia i:\windows\system32\drivers\nmwcdc.sys
+ Nokia USB Modem Nokia USB Phone Modem Client Nokia i:\windows\system32\drivers\nmwcdcm.sys
+ Nokia USB Phone Parent Nokia USB Phone Bus Driver Nokia i:\windows\system32\drivers\nmwcd.sys
+ npkcrypt nProtect KeyCrypt Driver INCA Internet Co., Ltd. i:\program files\tencent\qq\npkcrypt.sys
+ nv NVIDIA Compatible Windows 2000 Miniport Driver, Version 76.44 NVIDIA Corporation i:\windows\system32\drivers\nv4_mini.sys
+ prodrv06 StarForce Protection Environment Driver StarForce Technologies, Inc. i:\windows\system32\drivers\prodrv06.sys
+ prohlp02 StarForce Protection Helper Driver StarForce Technologies, Inc. i:\windows\system32\drivers\prohlp02.sys
+ prosync1 StarForce Protection Synchronization Driver StarForce Technologies, Inc. i:\windows\system32\drivers\prosync1.sys
+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. i:\windows\system32\drivers\ptilink.sys
+ Secdrv SafeDisc driver i:\windows\system32\drivers\secdrv.sys
+ sfhlp01 StarForce Protection Helper Driver StarForce Technologies, Inc. i:\windows\system32\drivers\sfhlp01.sys
+ SKNFW i:\windows\system32\drivers\sknfw.sys
+ viamraid VIA RAID DRIVER FOR WIN 2000/XP/2003IA32 VIA Technologies inc,.ltd i:\windows\system32\drivers\viamraid.sys
+ ZSMC301b Video streaming and Capture Device Driver VM i:\windows\system32\drivers\usbvm31b.sys
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ Canon BJ Language Monitor PIXMA iP1000 BJ Language Monitor CANON INC. i:\windows\system32\cnmlm6e.dll
