UID571722性别保密经验 EP铁粒 粒回帖0主题精华在线时间 小时注册时间2022-8-10最后登录1970-1-1
| 本帖最后由 MaxLHy 于 2024-1-14 11:03 编辑
今天早上去学校机房收集了一些新信息,未来将会根据这些信息制作反控制方案添加进 CRCSN v3.0 中。如果下列列出的信息存在遗漏,或有不通用的条目,欢迎提出!
(注:PE 指可执行文件,REG 指注册表,SVR 指服务或驱动程序)
- PE:
- DispcapHelper.exe
- SpecialSet.exe
- VRCwPlayer.exe
- Error.exe
- InstHelpApp.exe
- TDOvrSet.exe
- REG:
- HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TopDomain
- HKEY_CLASSES_ROOT\Installer\Products\FDEE4BF597A63C540B94FE23C70AF3DC
- HKEY_CLASSES_ROOT\Installer\UpgradeCodes\6E86339719C04A04984912F95897F792
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FDEE4BF597A63C540B94FE23C70AF3DC
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\887ee324_0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam
- SVR:
- STUDSRV
- PE:
- vncviewer.exe
- tvnserver32.exe
- WFDeskShow.exe
- WfbsPnpInstall.exe
- WFBSMon.exe
- WFBSMlogon.exe
- refreship.exe
- LenovoLockScreen.exe
- Install64.exe
- Install32.exe
- DeploymentManager.exe
- DeploymentAgent.exe
- WFBSSvrLogShow.exe
- ResetIp.exe
- uninstallCnt.exe
- FuncForWIN64.exe
- CertMgr.exe
- Fireware.exe
- BCDBootCopy.exe
- REG:
- HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ADS
- HKEY_CLASSES_ROOT\WOW6432Node\TypeLib\{AC2111F0-CE68-4693-A392-0D0432429B1B}
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\tvnserver
- HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\WFBS
- HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\ADS
- HKEY_LOCAL_MACHINE\SOFTWARE\Lenovo
- HKEY_CLASSES_ROOT\TypeLib\{AC2111F0-CE68-4693-A392-0D0432429B1B}
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam
- SVR:
- BSAgentSvr
- WFBSMlogon
|
|
发表于 2024-1-14 11:01:00
提升卡
观察者
粤公网安备 44200002445329号 | 由 木韩网络 提供支持 | GMT+8, 2024-12-12 02:37