神马品牌网编程猫盈利模式:------电脑安全分析大师hijikethis 1.0 report----------(上集)
来源:百度文库 编辑:神马品牌网 时间:2024/04/30 03:14:47
列出EXPLORER进程挂接模块...
E:\杀手\SPYBOT~1\SDHelper.dll
C:\WINDOWS\system32\CBShell.dll
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll
C:\WINDOWS\system32\nvshell.dll
C:\WINDOWS\system32\NVRSZHC.DLL
C:\WINDOWS\system32\nvcpl.dll
列出自运行
{AEB6717E-7E19-11d0-97EE-00C04FD91972} shell32.dll hkey_local_machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
KAVPersonal50 "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize hkey_local_machine\software\microsoft\windows\currentversion\run
NvCplDaemon RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup hkey_local_machine\software\microsoft\windows\currentversion\run
桌面图标文字自动透明 E:\Program Files\优化大师\WinMem.exe XP hkey_local_machine\software\microsoft\windows\currentversion\run
WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} hkey_local_machine\software\microsoft\windows\currentversion\ShellServiceObjectDelayLoad
SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} hkey_local_machine\software\microsoft\windows\currentversion\ShellServiceObjectDelayLoad
userinit C:\WINDOWS\system32\Userinit.exe, hkey_local_machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
shell Explorer.exe hkey_local_machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
stubpath C:\WINDOWS\inf\unregmp2.exe /ShowWMP hkey_local_machine\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
appinit_dlls hkey_local_machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
bgswitch C:\WINDOWS\system32\bgswitch.exe hkey_current_user\software\microsoft\windows\currentversion\run
eMuleAutoStart E:\eMule\eMule.exe -AutoStart hkey_current_user\software\microsoft\windows\currentversion\run
shell Explorer.exe C:\WINDOWS\system.ini|boot
scrnsave.exe C:\WINDOWS\system32\ssmypics.scr C:\WINDOWS\system.ini|boot
desktop.ini C:\Documents and Settings\All Users\「开始」菜单\程序\启动\desktop.ini C:\Documents and Settings\All Users\「开始」菜单\程序\启动\
卡巴斯基反黑客.lnk C:\Documents and Settings\All Users\「开始」菜单\程序\启动\卡巴斯基反黑客.lnk C:\Documents and Settings\All Users\「开始」菜单\程序\启动\
desktop.ini C:\Documents and Settings\user\「开始」菜单\程序\启动\desktop.ini C:\Documents and Settings\user\「开始」菜单\程序\启动\
{53707962-6F74-2D53-2644-206D7942484F} E:\杀手\SPYBOT~1\SDHelper.dll hkey_local_machine\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
000000000001 %SystemRoot%\System32\mswsock.dll hkey_lo
E:\杀手\SPYBOT~1\SDHelper.dll
C:\WINDOWS\system32\CBShell.dll
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll
C:\WINDOWS\system32\nvshell.dll
C:\WINDOWS\system32\NVRSZHC.DLL
C:\WINDOWS\system32\nvcpl.dll
列出自运行
{AEB6717E-7E19-11d0-97EE-00C04FD91972} shell32.dll hkey_local_machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
KAVPersonal50 "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize hkey_local_machine\software\microsoft\windows\currentversion\run
NvCplDaemon RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup hkey_local_machine\software\microsoft\windows\currentversion\run
桌面图标文字自动透明 E:\Program Files\优化大师\WinMem.exe XP hkey_local_machine\software\microsoft\windows\currentversion\run
WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} hkey_local_machine\software\microsoft\windows\currentversion\ShellServiceObjectDelayLoad
SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} hkey_local_machine\software\microsoft\windows\currentversion\ShellServiceObjectDelayLoad
userinit C:\WINDOWS\system32\Userinit.exe, hkey_local_machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
shell Explorer.exe hkey_local_machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
stubpath C:\WINDOWS\inf\unregmp2.exe /ShowWMP hkey_local_machine\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
appinit_dlls hkey_local_machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
bgswitch C:\WINDOWS\system32\bgswitch.exe hkey_current_user\software\microsoft\windows\currentversion\run
eMuleAutoStart E:\eMule\eMule.exe -AutoStart hkey_current_user\software\microsoft\windows\currentversion\run
shell Explorer.exe C:\WINDOWS\system.ini|boot
scrnsave.exe C:\WINDOWS\system32\ssmypics.scr C:\WINDOWS\system.ini|boot
desktop.ini C:\Documents and Settings\All Users\「开始」菜单\程序\启动\desktop.ini C:\Documents and Settings\All Users\「开始」菜单\程序\启动\
卡巴斯基反黑客.lnk C:\Documents and Settings\All Users\「开始」菜单\程序\启动\卡巴斯基反黑客.lnk C:\Documents and Settings\All Users\「开始」菜单\程序\启动\
desktop.ini C:\Documents and Settings\user\「开始」菜单\程序\启动\desktop.ini C:\Documents and Settings\user\「开始」菜单\程序\启动\
{53707962-6F74-2D53-2644-206D7942484F} E:\杀手\SPYBOT~1\SDHelper.dll hkey_local_machine\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
000000000001 %SystemRoot%\System32\mswsock.dll hkey_lo
咱有那么多的启动项呀??