启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
<updatereal><C:\WINDOWS\realupdate.exe other> []
<msnnt><C:\WINDOWS\winampa.exe> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Update><C:\Program Files\Common Files\UPDATE2\Update.exe> []
<ShStatEXE><"E:\杀毒软件\SHSTAT.EXE" /STANDALONE> [Network Associates, Inc.]
<McAfeeUpdaterUI><"E:\Common Framework\UpdaterUI.exe" /StartedFromRunKey> [Network Associates, Inc.]
<Network Associates Error Reporting Service><"C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"> [Network Associates, Inc.]
<softbox><C:\WINDOWS\system32\softbox.exe> []
<ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe> [ATI Technologies, Inc.]
<CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe> []
<Tray><C:\WINDOWS\command\rundll32.exe> []
<realtpsk><C:\WINDOWS\system\realsched.exe> []
<Desktop><C:\WINDOWS\system32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll> []
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> []
<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> []
<StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<kokv><C:\WINDOWS\system32\2b9i8ef.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellService
ObjectDelayLoad]
<DelayRun><C:\WINDOWS\system32\2b9d8ef0.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
<WinlogonNotify: AtiExtEvent><Ati2evxx.dll> [ATI Technologies Inc.]
==================================
启动文件夹
[壁纸自动换]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\壁纸自动换.lnk><N>
[IE-Bar]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\IE-Bar.lnk><N>
==================================
服务
[Ati HotKey Poller / Ati HotKey Poller]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart]
<C:\WINDOWS\system32\ati2sgag.exe><>
[McAfee Framework 服务 / McAfeeFramework]
<E:\Common Framework\FrameworkService.exe /ServiceStart><Network Associates, Inc.>
[Network Associates McShield / McShield]
<"E:\杀毒软件\Mcshield.exe"><Network Associates, Inc.>
[Network Associates Task Manager / McTaskManager]
<"E:\杀毒软件\VsTskMgr.exe"><Network Associates, Inc.>
[NT Data Provider / MouTALS]
<C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WBEM\SMTPCONFS.DLL,Export 1087><N/A>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
==================================
浏览器加载项
[MonitorURL Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, >
[CAdLogic
Object]
{11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush.dll, N/A>
[ComBho]
{1F80EA54-211C-4A3A-9C4E-C3F19D589079} <C:\WINDOWS\system32\iScreensaver.dll, N/A>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[CpapView Class]
{77962960-536E-47EC-9DDB-52651519705F} <C:\WINDOWS\system32\Rundl132.dll, >
[]
{8532B305-4486-4388-939F-341C0430CDFC} <C:\WINDOWS\system32\DxBho.dll, N/A>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <E:\迅雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[perfdp]
{995FF616-7583-4D6B-9675-EED24EDC93BB} <C:\WINDOWS\system32\perfidp.dll, >
[DDOC]
{A64E86D2-203D-4145-AA9B-2425BAF568E9} <C:\WINDOWS\system32\xenroer.dll, >
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[InteSearch]
{EBBC6E6D-7B65-46be-B509-86CED2D17876} <C:\WINDOWS\system32\Inte32.dll, N/A>
[BHelper Class]
{F2E37336-BFDB-409B-8D0E-6F013C438B20} <C:\WINDOWS\system\2b9o8ef0.dll, N/A>
[WMHlprObj Class]
{F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[启动迅雷]
{0062C9BD-B349-40DE-91A0-755F37ACD559} <E:\迅雷\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
{0A155D3C-68E2-4215-A47A-E800A446447A} <D:\浩方对战平台\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[微软]
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft? Corporation>
[MonitorURL Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, >
[CAdLogic
Object]
{11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush.dll, N/A>
[ComBho]
{1F80EA54-211C-4A3A-9C4E-C3F19D589079} <C:\WINDOWS\system32\iScreensaver.dll, N/A>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[CpapView Class]
{77962960-536E-47EC-9DDB-52651519705F} <C:\WINDOWS\system32\Rundl132.dll, >
[]
{8532B305-4486-4388-939F-341C0430CDFC} <C:\WINDOWS\system32\DxBho.dll, N/A>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <E:\迅雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[perfdp]
{995FF616-7583-4D6B-9675-EED24EDC93BB} <C:\WINDOWS\system32\perfidp.dll, >
[DDOC]
{A64E86D2-203D-4145-AA9B-2425BAF568E9} <C:\WINDOWS\system32\xenroer.dll, >
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[Shockwave Flash
Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.>
[InteSearch]
{EBBC6E6D-7B65-46BE-B509-86CED2D17876} <C:\WINDOWS\system32\Inte32.dll, N/A>
[BHelper Class]
{F2E37336-BFDB-409B-8D0E-6F013C438B20} <C:\WINDOWS\system\2b9o8ef0.dll, N/A>
[WMHlprObj Class]
{F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[&使用迅雷下载]
<E:\迅雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<E:\迅雷\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
<c:\program files\qq2005\AddToNetDisk.htm, N/A>
[使用影音传送带下载]
<C:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
<C:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
<c:\program files\qq2005\AddEmotion.htm, N/A>
[访问通用网址]
<C:\Program Files\CNNIC\Cdn\cnnic.htm, N/A>
