整理:Baker  2011.8.17  特别感谢zengjian96帮我排版

对关键程序注入运行防护:

*.bat

*.cmd

*.com

*.dll

*.drv

*.exe

*.lnk

*.ocx

*.pif

*.scr

*.sys

关键文件/程序防护:

Cacls.exe

cmd.exe

command.com

cscript.exe

csrss.exel

debug.exe

diskpart.exe

format.exe

ftp.exe

对文件夹的保护:

C\WINDOWS

C\WINDOWS\system.ini

C\WINDOWS\system32

C\WINDOWS\system32

C\WINDOWS\System32\AUTOEXEC.nt

C\WINDOWS\System32\bootvrfy.exe

C\WINDOWS\system32\config

C\WINDOWS\System32\CONFIG.nt

C\WINDOWS\System32\control.ini

C\WINDOWS\system32\drivers

C\WINDOWS\system32\drivers\etc

C\WINDOWS\system32\drivers\etc

C\WINDOWS\System32\logon.exe

C\WINDOWS\System32\ntdos.sys

C\WINDOWS\system32\svchost.exe

C\WINDOWS\win.ini.

C\WINDOWS\wininit.ini

HOSTS

msconfig.exe

msh.exe

mshta.exe

net.exe

net1.exe

netsh.exe

netstat.exe

ntoskrnl.exe

ntsd.exe

ntvdm.exe

reg.exe

regedit.exe

regsvr32.exe

replace.exe

rundll32

lsass.exe

schtasks.exe

services.exe

smss.exe

svchost.exe

system.exe

taskkill.exe

tasklist.exe

telnet.exe

tftp.exe

winlogon.exe

winrar.exe

wscript.exe

注册表关键位置防护

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\polices\system\h

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explore\DisallowRun

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explore\NoRun

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRunH

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\RistrictRun

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Currentversion\Policies\Network\

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Currentversion\Policies\Network\

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\p

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windowsnt\Currentversion\Windows\load

HKEY_CURRENT_USER\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Windows\load

HKEY_CURRENT_USER\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Windows\Programs

HKEY_CURRENT_USER\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Windows\Programs

HKEY_CURRENT_USER\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Windows\run

HKEY_CURRENT_USER\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\Notify\

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internetexplorer\Infodelivery\Restrictions\

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internetexplorer\Toolbars\Restrictions\

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\Logoff\

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\Logoff\

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\Logon\

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\Logon\p

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\Windowsupdate\

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windowsfirewall\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\d

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\batfile\shell\open\command\d

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\batfile\shell\open\command\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cmdfile\shell\open\command\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cmdfile\shell\open\command\d

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\comfile\shell\open\command\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\comfile\shell\open\command\d

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\j

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\d

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\htafile\Shell\Open\Command\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\htafile\shell\open\command\d

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\piffile\shell\open\command\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\piffile\shell\open\command\j

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShellScrap\shell\open\command\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShellScrap\shell\open\command\v

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ActiveSetup\InstalledComponents\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Activesetup\InstalledComponents\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CodeStoreDatabase\DistributionUnits\r

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CodeStoreDatabase\DistributionUnits\V

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CommandProcessor\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CommandProcessor\V

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Extensions\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Main\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Main\Default_Page_URL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Main\Default_Search_URL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Main\HOMEOldSP

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Main\LocalPage

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Main\SearchPage

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Main\StartPage

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Main\StartPage_bak

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Search\CustomizeSearch

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Search\Default_Search_URL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Search\SearchAssistant

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internetexplorer\Toolbar\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\V

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ras\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ras\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPaths\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPaths\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explore\Advanced\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explore\ShareTaskScheduler\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explore\ShellExecuteHooks\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explore\ShellFolders\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explore\UserShellFolders\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Currentversion\Explorer\Browserhelperobjects\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellFolders\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserShellFolders\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explore\Run\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Currentversion\Policies\Network\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Currentversion\Policies\Network\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\h

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\p

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\t

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx\x

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellExtensions\Approved\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellExtensions\Approved\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\AutoUpdate\AUOptions

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DriverSigning

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Accessibility\UtilityManager\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Accessibility\UtilityManager\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\GinaDLL\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\IniFileMapping\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\IniFileMapping\v

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\SvcHost\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\SvcHost\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\SystemRestore\DisableSR

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\SystemRestore\DisableSR

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Windows\AppInit_DLLs

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Windows\AppInit_DLLs

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\DefaultUserName

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\DefaultUserName

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\GinaDLL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\GPExtensions\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\GPExtensions\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\GunaDLL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\Notify\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\Notify\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\SFCDisabale

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\SFCDisable

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\Shell

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\Shell

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\SpecialAccounts\UserList\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\SpecialAccounts\UserList\x

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\System

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\System

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\Taskman

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\Taskman

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\UIHost

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\UIHost

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\UserInit

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\UserInit

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\VmApplet

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\VmApplet

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\WOW\boot\t

HKEY_LOCAL_MACHINE\SOFTWARE\Mirabilis\ICQ\Agent\Apps\IcqWinCfg\

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\r

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windowsupdate\

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windowsfirewall\t

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\t

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SessionManager\

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SessionManager\BootExecute

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SessionManager\BootExecute

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SessionManager\Environment\ComSpec

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SessionManager\Environment\ComSpect

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\r

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SessionManager\BootExecute

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SessionManager\BootExecute

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SessionManager\Environment\ComSpec

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SessionManager\Environment\ComSpect

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SessionManager\BootExecute

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SessionManager\BootExecute

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SessionManager\Environment\ComSpec

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SessionManager\Environment\ComSpect

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\restrictanonymous

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\restrictanonymous

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\NetworkProvide\Order

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\r

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\BootExecute

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\BootExecute

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\Environment\ComSpec

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\Environment\ComSpect

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\Environment\Path

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\Environment\Path

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\KnownDLLs\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\KnownDLLs\p

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\PendindFileRenameOprations

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\PendingFileRenameOperations

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ShellHWDetection\V

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer\Wds\rdpwd\StartupPrograms

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TerminalSever\Wds\rdpwd\StartupPrograms

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW\b

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ShellHWDetection\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\d

HKEY_USERS\.default\SOFTWARE\Microsoft\Internetexplorer\Main\

HKEY_USERS\.default\SOFTWARE\Microsoft\Internetexplorer\Main\SearchBar

HKEY_USERS\.default\SOFTWARE\Microsoft\Internetexplorer\Main\SearchPage

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\MessengerService\

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Devices\

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\PrintPorts\

HKEY_USERS\S-1-5-21-682003330-484061587-1801674531-500\SOFTWARE\Microsoft\InternetExplorer\Main\StartPage

转载于:https://www.cnblogs.com/zhxfl/archive/2011/11/13/2246937.html

HIPS 自定义框架相关推荐

  1. 实战:基于自定义注解实现自定义框架Spring

    实战:基于自定义注解实现自定义框架Spring 一.自定义注解介绍 1.1 通过反射API,可以判断一个类.接口.字段或者方法上是否有注解 Class类(java.lang包下)中提供了一些方法用于反 ...

  2. 不会框架不要紧,我带你自定义框架

    不会框架不要紧,我带你自定义框架 前言:这标题说的有点大了,当一回标题党,之前在学JSP的时候提到了JSTL和EL表达式,由于一直钟情于Servlet,迟迟没有更新别的,这回算是跳出来了.这回放个大招 ...

  3. php前台可自定义框架,实现Discuz!前台DIY自定义框架比例

    Discuz!建站用户应该都知道它的DIY功能,该功能主要是利用页面拖拽技术,在不编写代码的情况下实现快速布局页面.聚合调用站内数据的功能.在默认的布局框中中我们看到有多种比例,不过如果站长朋友用DI ...

  4. Dynamics CRM2011自定义框架解决方案

    Dynamics CRM2011自定义框架解决方案 解决方案文件下载 一.  目的 许多客户习惯之前系统自定义开发的页面.操作习惯或界面风格,但使用了Dynamics CRM2011后只能使用产品自带 ...

  5. django基础、自定义框架

    django基础 HTTP 超文本传输协议 是在应用层 如今广泛使用的是HTTP1.1 默认为80端口 5层协议: HTTP协议 应用层 TCP/UDP协议 运输层 IP 网络层 数据链路层 物理层 ...

  6. day50 django第一天 自定义框架

    主要内容: 1.http协议 2.web框架 3.Django 1.http协议 1.1 http协议的简介 超文本传输协议(英文:Hyper Text Transfer Protocol,HTTP) ...

  7. php自定义框架,「php 框架」自定义php框架(篇一) - seo实验室

    php 框架 老是用别人的东西,虽然一时爽,但想做深度开发,哪有自己的东西用起来方便?那我们就自己弄一个php小框架,知根知底,想怎么改就怎么改,岂不爽哉? 如图,mvc即框架名,旗下包含7个文件夹, ...

  8. php mvc自定义框架视频教程,基于PHP面向对象的自定义MVC框架高级项目开发视频教程...

    ├ │  ├01-温故而知新.wmv │  ├02-验证码技术介绍.wmv │  ├03-GD处理图像的基本步骤.wmv │  ├04-画布操作基本步骤-补充.wmv │  ├05-仿制ecshop验 ...

  9. socket自定义框架

    socket代码 import socket server_sk = socket.socket(socket.AF_INET, socket.SOCK_STREAM) server_sk.bind( ...

最新文章

  1. 卷积神经网络CNN——图像卷积与反卷积(后卷积,转置卷积)
  2. python查看工作目录_闲话python-36:文件系统操作
  3. 1.2 检测和测量图像中的圆形目标
  4. 关于 PHP 5.4 你所需要知道的
  5. Java中如何引用文档对象模型_在JAVA中使用文档对象模型DOM经验小结
  6. 双网卡主机配置oracle监听,VirtualBox设置双网卡实现虚机上网及主宿机互访
  7. 顺风车订单已结束仍在录音 嘀嗒出行回应录音机制
  8. 妙用Python内置函数int()快速计算等比数列前n项和
  9. Rust 越来越香了!AWS 雇佣 Rust 编译器团队负责人 Felix Klock
  10. 黑马程序员-OC-内存管理(非ARC模式下)
  11. python 在window 系统 连接并操作远程 oracle 数据库
  12. Python编程入门教程
  13. 基于matpower的电力系统潮流计算matlab程序
  14. 机器学习CS229极简的6张速查表
  15. SQL查询语句大全(个人总结)
  16. rs232接口_各类PLC都支持RS232和485通讯,原理和方法普及一下
  17. 易语言制作的QQ聊天中常用的GIF图片【带源码下载】
  18. 深入理解Arduino下的ESP8266_Non-OS_SDK API① Non-OS SDK
  19. 微信公众号服务器配置但没有回调,微信公众号 “服务器配置” 踩坑记
  20. imx8mq-evk快速启动-方案讨论,准备工作

热门文章

  1. Ubuntu修改/删除主目录下的中文文件夹
  2. 洛谷P1040-加分二叉树-dp+二叉树
  3. OpenCV基础知识 图像
  4. Linux 打印简单日志(一)
  5. 函数read、write、lseek
  6. 【线程】线程基本函数
  7. java接口作用和好处,持续更新大厂面试笔试题
  8. java拦截器和过滤器,2021最新版!
  9. 安卓开发入门到精通!免费Android高级工程师学习资源,系列篇
  10. 资深Android开发带你入门Framework,架构师必备技能