希望高人说说H 和sre的区别，我决的SRE扫描完整！

引用:

【阿杜QQ的贴子】希望高人说说H 和sre的区别，我决的SRE扫描完整！ ...........................

的确——SRE扫描完整，但我看着头晕！内容太多。
其实，还有一个不错的工具——autoruns。瑞星防火墙中也带这个工具。隐去微软的项目后，内容要简洁得多。看着也舒服些。
不知为什么没什么人用。

hijackthis操作较简单，日志也不复杂
sre能把人看晕

有人说H 能发现鸽子，SRE不能是真的吗?

引用:

【阿杜QQ的贴子】有人说H 能发现鸽子，SRE不能是真的吗? ...........................

瞎说

为何H 扫描的那么少，SRE扫描的很多啊

引用:

【阿杜QQ的贴子】为何H 扫描的那么少，SRE扫描的很多啊 ...........................

能否扫到灰鸽子，不是以日志的内容多少来论的。

哪个能更方便发现鸽子？

【回复“阿杜QQ”的帖子】
内容少的
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run           

+ AddrPlus3        TENCENT    c:\program files\tencent\adplus\stup.exe

+ KAVPersonal50    Kaspersky Anti-Virus GUI Part    Kaspersky Lab    c:\program files\kaspersky lab\kaspersky anti-virus personal pro\kav.exe

+ RunShadowTip    ShadowTip    PowerShadow    c:\windows\system32\shadow\shadowtip.exe

C:\Documents and Settings\All Users\「开始」菜单\程序\启动           

+ Adobe Gamma Loader.lnk    Adobe Gamma Loader    Adobe Systems, Inc.    c:\program files\common files\adobe\calibration\adobe gamma loader.exe

C:\Documents and Settings\baohelin\「开始」菜单\程序\启动           

+ 腾讯QQ.lnk    QQ    TENCENT    c:\program files\tencent\qq\qq.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run           

+ AMonitor    eTrust Activity Monitor    Computer Associates International, Inc.    c:\program files\tiny firewall pro\amon.exe

+ HijackThis startup scan    HijackThis    Soeperman Enterprises Ltd.    c:\program files\hijackthis.exe

+ IDMan    Internet Download Manager Application (IDM)    Internet Download Manager Corp., Tonec Inc.     c:\program files\internet download manager\idman.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ HyperTerminal Icon Ext    HyperTerminal Applet Library    Hilgraeve, Inc.    c:\windows\system32\hticons.dll

+ SnagIt    SnagIt Add-in for Internet Explorer    TechSmith Corporation    c:\program files\techsmith\snagit 7\snagitieaddin.dll

+ ssaddr.dll        Tencent    c:\program files\tencent\adplus\ssaddr.dll

+ ssaddr.dll        Tencent    c:\program files\tencent\adplus\ssaddr.dll

+ ssaddr.dll        Tencent    c:\program files\tencent\adplus\ssaddr.dll

+ TuneUp Shredder Shell Context Menu Extension    TuneUp Shredder Shell Extension    TuneUp Software GmbH    c:\program files\tuneup utilities 2004\sdshelex.dll

+ WinRAR shell extension            c:\program files\winrar\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects           

+ HelperObject Class    SnagIt Browser Helper Object for Internet Explorer    TechSmith Corporation    c:\program files\techsmith\snagit 7\snagitbho.dll

+ IDMIEHlprObj Class    IDMIECC Module    Internet Download Manager Corp., Tonec Inc.    c:\program files\internet download manager\idmiecc.dll

+ IeCatch2 Class    jccatch Module    Amaze Soft    c:\program files\flashget\jccatch.dll

+ QQBrowserHelperObject Class    QQIEHelper Module    深圳市腾讯计算机系统有限公司    c:\program files\tencent\qq\qqiehelper.dll

HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks           

+ ssaddr.dll        Tencent    c:\program files\tencent\adplus\ssaddr.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar           

+ FlashGet Bar    FlashGet IE Bar    Amaze Soft    c:\program files\flashget\fgiebar.dll

+ snagitieaddin.dll    SnagIt Add-in for Internet Explorer    TechSmith Corporation    c:\program files\techsmith\snagit 7\snagitieaddin.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions           

+ &FlashGet    FlashGet    Amaze Soft    c:\program files\flashget\flashget.exe

+ 腾讯QQ    QQ    TENCENT    c:\program files\tencent\qq\qq.exe

Task Scheduler           

+ 1-Click Maintenance.job    TuneUp System Optimizer    TuneUp Software GmbH    c:\program files\tuneup utilities 2004\systemoptimizer.exe

HKLM\System\CurrentControlSet\Services           

+ kavsvc    Kaspersky Anti-Virus Service    Kaspersky Lab    c:\program files\kaspersky lab\kaspersky anti-virus personal pro\kavsvc.exe

+ ShadowSystemService            c:\windows\system32\shadow\shadowservice.exe

+ UmxAgent    eTrust Event Manager    Computer Associates International, Inc.    c:\program files\tiny firewall pro\umxagent.exe

+ UmxCfg    eTrust Configuration Engine    Computer Associates International, Inc.    c:\program files\common files\pfshared\umxcfg.exe

+ UmxFwHlp    eTrust Firewall User-Mode Helper    Computer Associates International, Inc.    c:\program files\tiny firewall pro\umxfwhlp.exe

+ UmxLU    Live Update Monitor    Tiny Software, Inc.    c:\program files\common files\pfshared\umxlu.exe

+ UmxPol    eTrust FW Policy Manager Service    Computer Associates International, Inc.    c:\program files\common files\pfshared\umxpol.exe

HKLM\System\CurrentControlSet\Services           

+ ac97intc    Intel(r) Integrated Controller Hub Audio Driver    Intel Corporation    c:\windows\system32\drivers\ac97intc.sys

+ Kl1    Kaspersky Anti-Hacker Only Driver    Kaspersky Lab    c:\windows\system32\drivers\kl1.sys

+ Klif    spuper-ptor    Kaspersky Labs    c:\windows\system32\drivers\klif.sys

+ Klmc    Kaspersky Anti-Virus Mail Checker Proxy    Kaspersky Lab    c:\windows\system32\drivers\klmc.sys

+ KmxAgent    eTrust Agent driver    Computer Associates International, Inc.    c:\windows\system32\drivers\kmxagent.sys

+ KmxBiG    eTrust Integrity Guard driver    Computer Associates International, Inc.    c:\windows\system32\drivers\kmxbig.sys

+ KmxCfg    KMX - Configuration Cache    Computer Associates International, Inc.    c:\windows\system32\drivers\kmxcfg.sys

+ KmxFile    eTrust File Guard driver    Computer Associates International, Inc.    c:\windows\system32\drivers\kmxfile.sys

+ KmxFw    eTrust firewall security engine    Computer Associates International, Inc.    c:\windows\system32\drivers\kmxfw.sys

+ KmxIds    TPF: IDS engine plug-in    Computer Associates International, Inc.    c:\windows\system32\drivers\kmxids.sys

+ KmxNdis    eTrust NDIS filter    Computer Associates International, Inc.    c:\windows\system32\drivers\kmxndis.sys

+ KmxSbx    eTrust Registry, Spawning and Devices Guard driver    Computer Associates International, Inc.    c:\windows\system32\drivers\kmxsbx.sys

+ ltmodem5    LT Windows Modem    LT    c:\windows\system32\drivers\ltmdmnt.sys

+ npkcrypt    nProtect KeyCrypt Driver    INCA Internet Co., Ltd.    c:\program files\tencent\qq\npkcrypt.sys

+ npkcusb    nProtect KeyCrypt Driver    INCA Internet Co., Ltd.    c:\program files\tencent\qq\npkcusb.sys

+ nv    NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73     NVIDIA Corporation    c:\windows\system32\drivers\nv4_mini.sys

+ Ptilink    Direct Parallel Link Driver    Parallel Technologies, Inc.    c:\windows\system32\drivers\ptilink.sys

+ rtl8139    Realtek RTL8139 NDIS 5.0 Driver    Realtek Semiconductor Corporation    c:\windows\system32\drivers\rtl8139.sys

+ safemon    System Safety Monitor 2.0 extension for Windows security layer    System Safety Limited    c:\windows\system32\drivers\safemon.sys

+ SVKP            File not found: C:\windows\system32\SVKP.sys

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls           

+ UmxSbxExw.dll    User mode executive module helper DLL    Computer Associates International, Inc.    c:\windows\system32\umxsbxexw.dll

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify           

+ PFW    UmxWNP    Computer Associates International, Inc.    c:\windows\system32\umxwnp.dll

+ System Safety Monitor    System Safety Winlogon Notification    System Safety Limited    c:\windows\system32\ssmwinlogonex.dll

【回复“阿杜QQ”的帖子】
内容多的第一部分
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit

+ C:\windows\system32\userinit.exeUserinit Logon ApplicationMicrosoft Corporationc:\windows\system32\userinit.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell

+ Explorer.exeWindows ExplorerMicrosoft Corporationc:\windows\explorer.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ AddrPlus3TENCENTc:\program files\tencent\adplus\stup.exe

+ KAVPersonal50Kaspersky Anti-Virus GUI PartKaspersky Labc:\program files\kaspersky lab\kaspersky anti-virus personal pro\kav.exe

+ PHIME2002A微軟新注音輸入法 2002aMicrosoft Corporationc:\windows\system32\ime\tintlgnt\tintsetp.exe

+ PHIME2002ASync微軟新注音輸入法 2002aMicrosoft Corporationc:\windows\system32\ime\tintlgnt\tintsetp.exe

+ RunShadowTipShadowTipPowerShadowc:\windows\system32\shadow\shadowtip.exe

C:\Documents and Settings\All Users\「开始」菜单\程序\启动

+ Adobe Gamma Loader.lnkAdobe Gamma LoaderAdobe Systems, Inc.c:\program files\common files\adobe\calibration\adobe gamma loader.exe

C:\Documents and Settings\baohelin\「开始」菜单\程序\启动

+ 腾讯QQ.lnkQQTENCENTc:\program files\tencent\qq\qq.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

+ AMonitoreTrust Activity MonitorComputer Associates International, Inc.c:\program files\tiny firewall pro\amon.exe

+ ctfmon.exeCTF LoaderMicrosoft Corporationc:\windows\system32\ctfmon.exe

+ HijackThis startup scanHijackThisSoeperman Enterprises Ltd.c:\program files\hijackthis.exe

+ IDManInternet Download Manager Application (IDM)Internet Download Manager Corp., Tonec Inc. c:\program files\internet download manager\idman.exe

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components

+ Internet ExplorerWindows NT User Data Migration ToolMicrosoft Corporationc:\windows\system32\shmgrate.exe

+ Internet Explorer 6IE 5.0 Per-User Install UtilityMicrosoft Corporationc:\windows\system32\ie4uinit.exe

+ Microsoft Outlook Express 6Outlook Express Setup LibraryMicrosoft Corporationc:\program files\outlook express\setup50.exe

+ Microsoft Windows Media PlayerMicrosoft Windows Media Player 安装实用程序Microsoft Corporationc:\windows\inf\unregmp2.exe

+ Microsoft Windows Media PlayerADVPACKMicrosoft Corporationc:\windows\system32\advpack.dll

+ NetMeeting 3.01ADVPACKMicrosoft Corporationc:\windows\system32\advpack.dll

+ Outlook ExpressWindows NT User Data Migration ToolMicrosoft Corporationc:\windows\system32\shmgrate.exe

+ Themes SetupMicrosoft(C) Register ServerMicrosoft Corporationc:\windows\system32\regsvr32.exe

+ Windows Messenger 4.7ADVPACKMicrosoft Corporationc:\windows\system32\advpack.dll

+ Windows 桌面更新Microsoft(C) Register ServerMicrosoft Corporationc:\windows\system32\regsvr32.exe

+ 通讯簿 6Outlook Express Setup LibraryMicrosoft Corporationc:\program files\outlook express\setup50.exe

+ 浏览器自定义组件Microsoft Internet Explorer Customization DLLMicrosoft Corporationc:\windows\system32\iedkcs32.dll

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler

+ Browseui 预加载程序Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll