HKEY_CURRENT_USER,Software\Microsoft\Windows\CurrentVersion\RunMyPeople:="C:\Program Files\Daum\MyPeople\MyPeople\MyPeople.exe" -startupctfmon.exe:=C:\WINDOWS\system32\ctfmon.exe
HKLM,Software\Microsoft\Windows\CurrentVersion\RunHidirect:=C:\windows\system32\cmmss.exeMSCLIENT:=C:\WINDOWS\NICS\Client.exesafeout:=C:\WINDOWS\nics\safeout.exe1:=c:\nics.batSoftcampDS:=C:\WINDOWS\Softcamp\SDS\SDSLaunc.exeActivePost Standard:="C:\Program Files\SKB Messenger\SKB_Messenger.exe"CleanMem Mini Monitor:=C:\Program Files\CleanMem\Mini_Monitor.exe /startupAhnLab V3Lite Tray Process:="C:\Program Files\AhnLab\V3Lite\V3LTray.exe" /logonSOFTWARE:=
HKLM,Software\Microsoft\Windows NT\CurrentVersion\WinlogonKey:=98330701GinaDLL:=SCGina.dllDisableCAD:=1DefaultDomainName:=PC-201211080840AltDefaultDomainName:=PC-201211080840AltDefaultUserName:=User1ShowLogonOptions:=0HibernationPreviouslyEnabled:=1WinStationsDisabled:=0SFCDisable:=0DebugServerCommand:=noBackground:=0 0 0LogonType:=1UIHost:=logonui.exeAllowMultipleTSSessions:=0scremoveoption:=0passwordexpirywarning:=14forceunlocklogon:=0cachedlogonscount:=10allocatefloppies:=0allocatedasd:=0allocatecdroms:=0PreloadFontFile:=gulimSfcQuota:=4294967295VmApplet:=rundll32 shell32,Control_RunDLL "sysdm.cpl"Userinit:=C:\WINDOWS\system32\userinit.exe,System:=ShutdownWithoutLogon:=0Shell:=Explorer.exeReportBootOk:=1PowerdownAfterShutdown:=0LegalNoticeText:=LegalNoticeCaption:=DefaultUserName:=User1AutoRestartShell:=1Credentials:=SpecialAccounts:=Notify:=GPExtensions:=
HKEY_CURRENT_USER,Software\Microsoft\Windows NT\CurrentVersion\WindowsDevice:=print,winspool,Ne00:Programs:=com exe bat pif cmdNullPort:=NoneNetMessage:=noload:=DosPrint:=noDocuments:=DebugOptions:=2048
HKEY_LOCAL_MACHINE,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notifywlballoon:=termsrv:=SensLogn:=sclgntfy:=Schedule:=ScCertProp:=igfxcui:=dimsntfy:=cscdll:=cryptnet:=crypt32chain:=
HKEY_LOCAL_MACHINE,Software\Microsoft\Windows NT\CurrentVersion\WindowsUSERProcessHandleQuota:=10000TransmissionRetryTimeout:=90swapdisk:=Spooler:=yesGDIProcessHandleQuota:=10000DeviceNotSelectedTimeout:=15AppInit_DLLs:=
http://urin79.com
우린친구블로그
sketchbook5, 스케치북5
이 사이트를 나눔글꼴로 보기 위해서는나눔글꼴을 설치해야 합니다.
정상 레지스터리 샘플
HKEY_CURRENT_USER,Software\Microsoft\Windows\CurrentVersion\Run
MyPeople:="C:\Program Files\Daum\MyPeople\MyPeople\MyPeople.exe" -startup
ctfmon.exe:=C:\WINDOWS\system32\ctfmon.exe
HKLM,Software\Microsoft\Windows\CurrentVersion\Run
Hidirect:=C:\windows\system32\cmmss.exe
MSCLIENT:=C:\WINDOWS\NICS\Client.exe
safeout:=C:\WINDOWS\nics\safeout.exe
1:=c:\nics.bat
SoftcampDS:=C:\WINDOWS\Softcamp\SDS\SDSLaunc.exe
ActivePost Standard:="C:\Program Files\SKB Messenger\SKB_Messenger.exe"
CleanMem Mini Monitor:=C:\Program Files\CleanMem\Mini_Monitor.exe /startup
AhnLab V3Lite Tray Process:="C:\Program Files\AhnLab\V3Lite\V3LTray.exe" /logon
SOFTWARE:=
HKLM,Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Key:=98330701
GinaDLL:=SCGina.dll
DisableCAD:=1
DefaultDomainName:=PC-201211080840
AltDefaultDomainName:=PC-201211080840
AltDefaultUserName:=User1
ShowLogonOptions:=0
HibernationPreviouslyEnabled:=1
WinStationsDisabled:=0
SFCDisable:=0
DebugServerCommand:=no
Background:=0 0 0
LogonType:=1
UIHost:=logonui.exe
AllowMultipleTSSessions:=0
scremoveoption:=0
passwordexpirywarning:=14
forceunlocklogon:=0
cachedlogonscount:=10
allocatefloppies:=0
allocatedasd:=0
allocatecdroms:=0
PreloadFontFile:=gulim
SfcQuota:=4294967295
VmApplet:=rundll32 shell32,Control_RunDLL "sysdm.cpl"
Userinit:=C:\WINDOWS\system32\userinit.exe,
System:=
ShutdownWithoutLogon:=0
Shell:=Explorer.exe
ReportBootOk:=1
PowerdownAfterShutdown:=0
LegalNoticeText:=
LegalNoticeCaption:=
DefaultUserName:=User1
AutoRestartShell:=1
Credentials:=
SpecialAccounts:=
Notify:=
GPExtensions:=
HKEY_CURRENT_USER,Software\Microsoft\Windows NT\CurrentVersion\Windows
Device:=print,winspool,Ne00:
Programs:=com exe bat pif cmd
NullPort:=None
NetMessage:=no
load:=
DosPrint:=no
Documents:=
DebugOptions:=2048
HKEY_LOCAL_MACHINE,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
wlballoon:=
termsrv:=
SensLogn:=
sclgntfy:=
Schedule:=
ScCertProp:=
igfxcui:=
dimsntfy:=
cscdll:=
cryptnet:=
crypt32chain:=
HKEY_LOCAL_MACHINE,Software\Microsoft\Windows NT\CurrentVersion\Windows
USERProcessHandleQuota:=10000
TransmissionRetryTimeout:=90
swapdisk:=
Spooler:=yes
GDIProcessHandleQuota:=10000
DeviceNotSelectedTimeout:=15
AppInit_DLLs:=