public static List <Autorunpoints> StartAudit() { var lstAutoRuns = new List <Autorunpoints>(); try { // DELAYLOAD string regModified; string[] regdl = RegistryUtil.GetSubValueNames("Software\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad", false); string owner = RegistryUtil.GetMachineRegKeyOwner("Software\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad", false, out regModified); GetCLSIDDetails(lstAutoRuns, regdl, owner, "ShellServiceObjectDelayLoad", regModified); // DELAYLOAD 64 regdl = RegistryUtil.GetSubValueNames("Software\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad", true); owner = RegistryUtil.GetMachineRegKeyOwner("Software\\Microsoft\\Windows\\CurrentVersion\\ShellServiceObjectDelayLoad", true, out regModified); GetCLSIDDetails(lstAutoRuns, regdl, owner, "ShellServiceObjectDelayLoad", regModified); } catch (Exception) { } return(lstAutoRuns); }
public static List <Autorunpoints> StartAudit() { var lstAutoRuns = new List <Autorunpoints>(); try { ///// BHO string regModified; string[] regbhos = RegistryUtil.GetSubKeys("LocalMachine", "Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects", false); string owner = RegistryUtil.GetMachineRegKeyOwner("Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects", false, out regModified); DelayedLoad.GetCLSIDDetails(lstAutoRuns, regbhos, owner, "Browser Helper Objects", regModified); ///// BHO 64 regbhos = RegistryUtil.GetSubKeys("LocalMachine", "Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects", true); owner = RegistryUtil.GetMachineRegKeyOwner("Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects", true, out regModified); DelayedLoad.GetCLSIDDetails(lstAutoRuns, regbhos, owner, "Browser Helper Objects", regModified); } catch (Exception) { return(lstAutoRuns); } return(lstAutoRuns); }