晕船海盗 - 2009-7-26 10:23:00
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Protocols\Filter
+ WebView MIME Filter Windows Shell Common Dll Microsoft Corporation C:\WINDOWS\SYSTEM32\SHELL32.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
+ 0 ABOUT:HOME.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
+ PostBootReminder 对象 Windows Shell Common Dll Microsoft Corporation C:\WINDOWS\SYSTEM32\SHELL32.DLL
+ 烧 CD 的 ShellFolder Windows Shell Common Dll Microsoft Corporation C:\WINDOWS\SYSTEM32\SHELL32.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ URL 执行挂钩 Windows Shell Common Dll Microsoft Corporation C:\WINDOWS\SYSTEM32\SHELL32.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ 显示摇曳 CPL 扩展 DESKPAN.DLL
+ Desktop Explorer C:\WINDOWS\SYSTEM32\NVSHELL.DLL
+ Desktop Explorer Menu C:\WINDOWS\SYSTEM32\NVSHELL.DLL
+ nView Desktop Context Menu C:\WINDOWS\SYSTEM32\NVSHELL.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\Shellex\ColumnHandlers
+ {0D2E74C4-3C34-11d2-A27E-00C04FC30871} Windows Shell Common Dll Microsoft Corporation C:\WINDOWS\SYSTEM32\SHELL32.DLL
+ {24F14F01-7B1C-11d1-838f-0000F80461CF} Windows Shell Common Dll Microsoft Corporation C:\WINDOWS\SYSTEM32\SHELL32.DLL
+ {24F14F02-7B1C-11d1-838f-0000F80461CF} Windows Shell Common Dll Microsoft Corporation C:\WINDOWS\SYSTEM32\SHELL32.DLL
+ {66742402-F9B9-11D1-A202-0000F81FEDEE} Windows Shell Common Dll Microsoft Corporation C:\WINDOWS\SYSTEM32\SHELL32.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ ThunderAtOnce Class TDAtOnce 深圳市迅雷网络技术有限公司 D:\THUNDER\COMDLLS\TDATONCE_NOW.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars
+ File Search Explorer Band Windows Shell Common Dll Microsoft Corporation C:\WINDOWS\SYSTEM32\SHELL32.DLL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
+ kaccore 金山软件基础服务,为金山公司系列软件提供调用方式扩展、软件升级等多种基础服务。 Kingsoft Corporation C:\PROGRAM FILES\KINGSOFT\KAC\SERVICE\KACCORE.EXE
+ Kingsoft Antivirus WebShield Service Kingsoft Antivirus WebShield Service Kingsoft Corporation D:\KSWEBSHIELDSVC\KSWEBSHIELD.EXE
+ NVSvc Provides system and desktop level support to the NVIDIA display driver NVIDIA Corporation C:\WINDOWS\SYSTEM32\NVSVC32.EXE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services(Drivers)
+ aeaudio Andrea Audio Noise Cancellation Driver Andrea Electronics Corporation C:\WINDOWS\SYSTEM32\DRIVERS\AEAUDIO.SYS
+ nv NVIDIA Compatible Windows 2000 Miniport Driver, Version 175.16 NVIDIA Corporation C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\KnownDlls
+ shell32 Windows Shell Common Dll Microsoft Corporation C:\WINDOWS\SYSTEM32\SHELL32.DLL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Authentication Packages
+ msv1_0 Microsoft Authentication Package v1.0 Microsoft Corporation C:\WINDOWS\SYSTEM32\MSV1_0.DLL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Security Packages
+ msv1_0 Microsoft Authentication Package v1.0 Microsoft Corporation C:\WINDOWS\SYSTEM32\MSV1_0.DLL
文件关联
+ .exe => exefile HKEY_CLASSES_ROOT\exefile\shell\open\command %1
+ .com => comfile HKEY_CLASSES_ROOT\comfile\shell\open\command %1
+ .bat => batfile HKEY_CLASSES_ROOT\batfile\shell\open\command %1
+ .cmd => cmdfile HKEY_CLASSES_ROOT\cmdfile\shell\open\command %1
+ .scr => scrfile HKEY_CLASSES_ROOT\scrfile\shell\open\command %1
+ .pif => piffile HKEY_CLASSES_ROOT\piffile\shell\open\command %1
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; 360SE)
帅哥阿福 - 2009-7-26 10:29:00
楼主觉得哪个可疑?
貌似都是正常的呀。
晕船海盗 - 2009-7-26 10:42:00
全是正常的吗?那哪些可以清除掉?
我就知道那个金山,迅雷,360的那几个其他的不清楚,点击那些的时候有投票30多票安全,90多票不安全是怎么回事?
帅哥阿福 - 2009-7-26 10:44:00
个人经验,只留下微软签名的启动项,其他的可以勾选去掉。
并不是说没有微软签名的就是病毒,只是为了系统启动加快还是少一些启动加载项好。
晕船海盗 - 2009-7-26 10:52:00
那我发上来的可疑项都没问题吧?不是病毒吧?
帅哥阿福 - 2009-7-26 11:13:00
从名字上看,应该都不是。
不过仅仅从名字上分析是不科学的,最好还是提供确实的文件。
© 2000 - 2024 Rising Corp. Ltd.