木馬可能藏匿之註冊表清單

木馬可能藏匿之註冊表清單 1.HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run 2.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 3.HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce 4.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce 5.HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnceSetup 6.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceSetup 7.HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices 8.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices 9.HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce 10.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce 11.HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run 12.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run 13.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\Userinit 14.HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\CurrentVersion\WinLogon
15. HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Explorer\Shell Folders
16. HKEY_CLASSES_ROOT\txtfile\shell\open\command
17. HKEY_CLASSES_ROOT\Briefcase\shell\open\command
18. HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\
19. HKEY_CLASSES_ROOT\exefile\shell\open\command
20. HKEY_CLASSES_ROOT\???file \shell\open\command (???)表示可能為任何副檔名之名稱