<font size="2">private void Search() { try { this.listBox1.Items.Add(""); this.listBox1.Items.Add("扫描指定的目录文件");
Box2.Checked==true) { RegistryKey microsoft = Registry.LocalMachine.OpenSubKey("SOFTWARE\\Microsoft",true); RegistryKey currentversion1 = microsoft.OpenSubKey("Windows NT\\CurrentVersion",true); RegistryKey currentversion2 = microsoft.OpenSubKey("Windows\\CurrentVersion",true);
Box1.Text = strdir; this.label1.Enabled = true; this.label4.Enabled = true; this.Cursor = System.Windows.Forms.Cursors.Default;
Box1.Items.Add(" 恭喜恭喜,没有发现可疑文件"); } else { this.listBox1.Items.Add(" 共发现"+a+"个可疑文件,请用专业反病毒软件查杀"); }
Box1.Items.Add(""); this.listBox1.Items.Add("扫描结束,"+"共扫描了"+d+"个进程,"+b+"个文件"); this.listBox1.Items.Add(""); this.listBox1.Items.Add("反病毒技术支持"); this.listBox1.Items.Add(" Email:honeydogchen@163.com");
Box1.Text = f.FullName.ToString(); this.textBox1.Refresh();
Box1.Items.Add(" 名称:"+f.Name.ToString()); this.listBox1.Items.Add(" 路径:"+strDir+"
Box3.Checked==true) { DirectoryInfo[] dir1List = dir.GetDirectories(); for(int i = 0;i
Box1.Items.Add(" 名称:"+f.Name.ToString()); this.listBox1.Items.Add(" 路径:"+strDir+"
Box1.Visible = true;
Box1.Items.Clear(); this.listBox1.Items.Add("扫描注册表的启动项"); RegistryKey hklm = Registry.LocalMachine; RegistryKey hkcu = Registry.CurrentUser; RegistryKey hkcr = Registry.ClassesRoot;
Box1.Items.Add(" "+sValName1+":"+run1.GetValue(sValName1)); } RegistryKey run2 = hkcu.OpenSubKey("Software\\Microsoft\\Windows\\CurrentVersion\\Run"); foreach(string sValName2 in run2.GetValueNames()) { this.listBox1.Items.Add(" "+sValName2+":"+run2.GetValue(sValName2)); }
Box1.Items.Add(""); this.listBox1.Items.Add("扫描文件的关联状况"); RegistryKey currentversion1 = hklm.OpenSubKey("SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion",true); RegistryKey winlogon = currentversion1.OpenSubKey("Winlogon",true); RegistryKey windowstoo = currentversion1.OpenSubKey("Windows",true);
Box1.Items.Add(" Shell="+explorer+" 异常"); }
Box1.Items.Add(" run="+run+" 异常"); } string load = Convert.ToString(ini.IniReadValue("windows","load")); if(load!="") { n++; this.listBox1.Items.Add(" load="+load+" 异常"); } } } catch(Exception) { }
logon.GetValue("Shell").ToString(); if(explorer!="explorer.exe"&&explorer!="Explorer.exe") { n++; this.listBox1.Items.Add(" Shell="+explorer+" 异常"); } string runtoo = windowstoo.GetValue("run").ToString(); if(runtoo!="") { n++; this.listBox1.Items.Add(" run="+runtoo+" 异常"); } string loadtoo = windowstoo.GetValue("load").ToString(); if(loadtoo!="") { n++; this.listBox1.Items.Add(" load="+loadtoo+" 异常"); } } catch(Exception) { } RegistryKey command1 = hkcr.OpenSubKey("txtfile\\shell\\open\\command",true); foreach(string txt in command1.GetValueNames()) { string txt1 = command1.GetValue(txt).ToString(); if(txt1!="NOTEPAD.EXE %1"&&txt1!="notepad.exe %1") { h++; this.listBox1.Items.Add(" txt文件关联:"+txt1.ToString()+" 异常"); } } RegistryKey command2 = hkcr.OpenSubKey("exefile\\shell\\open\\command",true); foreach(string exe in command2.GetValueNames()) { string exe1 = command2.GetValue(exe).ToString(); string exe10 = "\""+"%1"+"\""+" %*"; if(exe1!=exe10) { i++; this.listBox1.Items.Add(" exe文件关联:"+exe1+" 异常"); } } RegistryKey command3 = hkcr.OpenSubKey("regfile\\shell\\open\\command",true); foreach(string reg in command3.GetValueNames()) { string reg1 = command3.GetValue(reg).ToString(); string reg10 = "regedit.exe "+"\""+"%1"+"\""; if(reg1!=reg10) { j++; this.listBox1.Items.Add(" reg文件关联:"+reg1+" 异常"); } } RegistryKey command4 = hkcr.OpenSubKey("comfile\\shell\\open\\command",true); foreach(string com in command4.GetValueNames()) { string com1 = command4.GetValue(com).ToString(); string com10 = "\""+"%1"+"\""+" %*"; if(com1!=com10) { k++; this.listBox1.Items.Add(" com文件关联:"+com1+" 异常"); } } RegistryKey command5 = hkcr.OpenSubKey("batfile\\shell\\open\\command",true); foreach(string bat in command5.GetValueNames()) { string bat1 = command5.GetValue(bat).ToString(); string bat10 = "\""+"%1"+"\""+" %*"; if(bat1!=bat10) { l++; this.listBox1.Items.Add(" bat文件关联:"+bat1+" 异常"); } }
Box1.Items.Add(" Explorer.exe、Win.ini、System.ini正常"); if(h==0) this.listBox1.Items.Add(" txt文件关联正常"); if(i==0) this.listBox1.Items.Add(" exe文件关联正常"); if(j==0) this.listBox1.Items.Add(" reg文件关联正常"); if(k==0) this.listBox1.Items.Add(" com文件关联正常"); if(l==0) this.listBox1.Items.Add(" bat文件关联正常"); } private void CheckProcess() { try { this.listBox1.Items.Add(""); this.listBox1.Items.Add("扫描当前的系统进程"); Process[] procList = new System.Diagnostics.Process[50]; procList = Process.GetProcesses(); d = procList.GetLength(0);
Box1.Text = "ProcName:"+strProcName; this.textBox1.Refresh(); Thread.Sleep(50); Activate(); for(int j=0;j
Box1.Items.Add(" 恭喜恭喜,没有发现可疑进程"); } else { this.listBox1.Items.Add(" 共发现"+c+"个可疑进程,请用专业反病毒软件查杀"); }
