有谁知道ffzoxu33.dll .sys 是什么东西啊

tinyhe · 发表于 2006-11-6 15:47:45

我附上我在注册表中找到的相关内容，省略了一些相似的内容

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ffzoxu33]
"Type"=dword:00000001
"Start"=dword:00000000
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
  52,00,49,00,56,00,45,00,52,00,53,00,5c,00,66,00,66,00,7a,00,6f,00,78,00,75,\
  00,33,00,33,00,2e,00,73,00,79,00,73,00,00,00                                                          （左边的ASCII内容: System32\DRIVERS\ffzoxu33.sys)
"DisplayName"="ffzoxu33"
"Group"="System Bus Extender"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ffzoxu33\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
  05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
  20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
  00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
  00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ffzoxu33\Enum]
"0"="Root\\LEGACY_FFZOXU33\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFZOXU33]
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFZOXU33\0000]
"Service"="ffzoxu33"
"Legacy"=dword:00000001
"ConfigFlags"=dword:00000000
"Class"="LegacyDriver"
"ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
"DeviceDesc"="ffzoxu33"
"Capabilities"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFZOXU33\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FFZOXU33\0000\Control]
"ActiveService"="ffzoxu33"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ffzoxu33"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\
  74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,52,\
  00,75,00,6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,00,20,00,\
  25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,74,00,25,00,5c,\
  00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,66,00,66,00,7a,00,\
  6f,00,78,00,75,00,33,00,33,00,2e,00,64,00,6c,00,6c,00,2c,00,44,00,6c,00,6c,\
  00,55,00,6e,00,72,00,65,00,67,00,69,00,73,00,74,00,65,00,72,00,53,00,65,00,\
  72,00,76,00,65,00,72,00,00,00
（上面的ASCII内容：%systemroot%\system32\Rundll32.exe %systemroot%\system32\ffzoxu33.dll,DllUnregisterServer）

[ 本帖最后由 tinyhe 于 2006-11-6 03:54 PM 编辑 ]

zgzxp · 发表于 2006-11-6 15:59:22

服务级别的

在系统服务中关闭该项，看有没有问题

没有的话，就开始删除吧

我还没有见过这样的服务项

应该是什么插件（个人意见）

tinyhe · 发表于 2006-11-6 16:29:37

服务项里看不到，查看文件信息还是microsoft的，一个dll在system32\下，一个sys在system32\drivers\下

zgzxp · 发表于 2006-11-6 20:29:21

下来看了

好像是内核调试器

不一定是服务

也有可能是以驱动的形式加载的

zgzxp · 发表于 2006-11-6 20:32:32

可以反注册以下DLL文件

tinyhe · 发表于 2006-11-7 08:31:00

谢谢，你真热心，我试试

zgzxp · 发表于 2006-11-7 13:11:07

http://bbs.wuyou.net/forum.php?m ... &extra=page%3D1

在这个帖子中的5楼去下个附件看看

tinyhe · 发表于 2006-11-8 08:30:05

谢谢，我删除了注册表中的相关项，它会自己添加，在网上也搜不到相关资料，奇怪。

zgzxp · 发表于 2006-11-8 21:29:38

不用担心

我看上面连接的帖子中的那位兄弟也有这个启动项

是RunOnce下的

自动添加，有点流氓了

反注册一下，然后再删除相关项目看看

mfkwgij · 发表于 2006-11-9 13:30:53

可以注册的吗

		自动登录	找回密码
密码			注册