ysys110 - 2006-5-11 22:58:00
用AutoRuns扫描
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
+ rdpclip RDP Clip Monitor Microsoft Corporation c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
+ C:\WINDOWS\system32\userinit.exe Userinit Logon Application Microsoft Corporation c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
+ Explorer.exe Windows Explorer Microsoft Corporation c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ NvCplDaemon NVIDIA Taskbar Utility Library NVIDIA Corporation c:\windows\system32\nvqtwk.dll
+ yassistse 没有找到文件: rem
+ YLive.exe YLive c:\program files\yahoo!\assistant\ylive.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ ctfmon.exe CTF Loader Microsoft Corporation c:\windows\system32\ctfmon.exe
HKLM\SOFTWARE\Classes\Protocols\Filter
+ Class Install Handler OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ deflate OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ gzip OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ lzdhtml OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ text/webviewhtml Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
HKLM\SOFTWARE\Classes\Protocols\Handler
+ about Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
+ cdl OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ dvd ActiveX control for streaming video Microsoft Corporation c:\windows\system32\msvidctl.dll
+ file OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ ftp OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ gopher OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ http OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ https OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ its Microsoft? InfoTech Storage System Library Microsoft Corporation c:\windows\system32\itss.dll
+ javascript Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
+ local OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ mailto Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
+ mhtml Microsoft Internet Messaging API Microsoft Corporation c:\windows\system32\inetcomm.dll
+ mk OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ ms-its Microsoft? InfoTech Storage System Library Microsoft Corporation c:\windows\system32\itss.dll
+ res Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
+ sysimage Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
+ tv ActiveX control for streaming video Microsoft Corporation c:\windows\system32\msvidctl.dll
+ vbscript Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
+ wia WIA Scripting Layer Microsoft Corporation c:\windows\system32\wiascr.dll
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
+ Internet Explorer Windows NT User Data Migration Tool Microsoft Corporation c:\windows\system32\shmgrate.exe
+ Internet Explorer 6 IE 5.0 Per-User Install Utility Microsoft Corporation c:\windows\system32\ie4uinit.exe
+ Microsoft Outlook Express 6 Outlook Express Setup Library Microsoft Corporation c:\program files\outlook express\setup50.exe
+ Microsoft Windows Media Player Microsoft Windows Media Player 安装实用程序 Microsoft Corporation c:\windows\inf\unregmp2.exe
+ Microsoft Windows Media Player ADVPACK Microsoft Corporation c:\windows\system32\advpack.dll
+ NetMeeting 3.01 ADVPACK Microsoft Corporation c:\windows\system32\advpack.dll
+ Outlook Express Windows NT User Data Migration Tool Microsoft Corporation c:\windows\system32\shmgrate.exe
+ Themes Setup Microsoft(C) Register Server Microsoft Corporation c:\windows\system32\regsvr32.exe
+ Windows Messenger 4.7 ADVPACK Microsoft Corporation c:\windows\system32\advpack.dll
+ Windows 桌面更新 Microsoft(C) Register Server Microsoft Corporation c:\windows\system32\regsvr32.exe
+ 通讯簿 6 Outlook Express Setup Library Microsoft Corporation c:\program files\outlook express\setup50.exe
+ 浏览器自定义组件 Microsoft Internet Explorer Customization DLL Microsoft Corporation c:\windows\system32\iedkcs32.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
+ Browseui 预加载程序 Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ 组件类别缓存程序 Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
+ CDBurn Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ PostBootReminder Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ SysTray Systray shell service object Microsoft Corporation c:\windows\system32\stobject.dll
+ WebCheck Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ Rising Execute File Exts hook Rising Shell Ext Module Beijing Rising Technology Co., Ltd. c:\windows\system32\ravext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Auto Update Property Sheet Extension Automatic Updates Control Panel Microsoft Corporation c:\windows\system32\wuaucpl.cpl
+ Message View Phone Browser Message View Nokia c:\program files\nokia\nokia pc suite 6\messageview.dll
+ PhoneBrowser Phone Browser Nokia c:\program files\nokia\nokia pc suite 6\phonebrowser.dll
+ RISING Rising Shell Ext Module Beijing Rising Technology Co., Ltd. c:\windows\system32\ravext.dll
+ Shell Search Band Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Windows Media Player Add to Playlist Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll
+ Windows Media Player Burn Audio CD Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll
+ Windows Media Player Play as Playlist Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll
+ WinRAR shell extension c:\program files\winrar\rarext.dll
+ Yahoo!Photo yPhtb Yahoo! China c:\program files\yahoo!\assistant\assist\yphtb.dll
+ 粉碎文件 Wiper 动态链接库 c:\program files\yahoo!\assistant\assist\ywiper.dll
ysys110 - 2006-5-11 22:59:00
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ {0D2E74C4-3C34-11d2-A27E-00C04FC30871}Windows Shell Common DllMicrosoft Corporationc:\windows\system32\shell32.dll
+ {24F14F01-7B1C-11d1-838f-0000F80461CF}Windows Shell Common DllMicrosoft Corporationc:\windows\system32\shell32.dll
+ {24F14F02-7B1C-11d1-838f-0000F80461CF}Windows Shell Common DllMicrosoft Corporationc:\windows\system32\shell32.dll
+ {66742402-F9B9-11D1-A202-0000F81FEDEE}Windows Shell Common DllMicrosoft Corporationc:\windows\system32\shell32.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ Ad Engine没有找到文件: C:\Program Files\Yayad\AdCore.dll
+ AntiFish Classyangling.dllYahoo.c:\program files\yahoo!\assistant\assist\yangling.dll
+ DragSearch BHODragSearchc:\program files\yahoo!\assistant\assist\ydragsearch.dll
+ IeCatch2 Classjccatch ModuleAmaze Softd:\program files\flashget\flashget\jccatch.dll
+ QQBrowserHelperObject ClassQQIEHelper Module深圳市腾讯计算机系统有限公司d:\program files\qq\qqiehelper.dll
+ Yahoo!PhotoyPhtbYahoo! Chinac:\program files\yahoo!\assistant\assist\yphtb.dll
+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
+ coolbarToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll
+ shdocvw.dllShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ FlashGet BarFlashGet IE BarAmaze Softd:\program files\flashget\flashget\fgiebar.dll
+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ &FlashGetFlashGetAmaze Softd:\program files\flashget\flashget\flashget.exe
+ Windows MessengerWindows MessengerMicrosoft Corporationc:\program files\messenger\msmsgs.exe
+ 浩方对战平台浩方对战平台上海浩方在线信息技术有限公司d:\program files\hf\浩方对战平台\gameclient.exe
+ 腾讯QQQQTENCENTd:\program files\qq\qq.exe
任务进度
+ DDD_Uninstall_Program.jobrep Modulec:\windows\temp\rep.exe
+ DM_Install_Program.jobdmremotesetup1000 Oaksd:\program files\hf\浩方对战平台\101318.exe
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
+ autocheck autochk *Auto Check UtilityMicrosoft Corporationc:\windows\system32\autochk.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
+ Your Image File Name Here without a pathSymbolic Debugger for Windows 2000Microsoft Corporationc:\windows\system32\ntsd.exe
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
+ advapi32Advanced Windows 32 Base APIMicrosoft Corporationc:\windows\system32\advapi32.dll
+ comdlg32Common Dialogs DLLMicrosoft Corporationc:\windows\system32\comdlg32.dll
+ gdi32GDI Client DLLMicrosoft Corporationc:\windows\system32\gdi32.dll
+ imagehlpWindows NT Image HelperMicrosoft Corporationc:\windows\system32\imagehlp.dll
+ kernel32Windows NT BASE API Client DLLMicrosoft Corporationc:\windows\system32\kernel32.dll
+ lz32LZ Expand/Compress API DLLMicrosoft Corporationc:\windows\system32\lz32.dll
+ ole32Microsoft OLE for WindowsMicrosoft Corporationc:\windows\system32\ole32.dll
+ oleaut32Microsoft Corporationc:\windows\system32\oleaut32.dll
+ olecli32Object Linking and Embedding Client LibraryMicrosoft Corporationc:\windows\system32\olecli32.dll
+ olecnv32Microsoft OLE for WindowsMicrosoft Corporationc:\windows\system32\olecnv32.dll
+ olesvr32Object Linking and Embedding Server LibraryMicrosoft Corporationc:\windows\system32\olesvr32.dll
+ olethk32Microsoft OLE for WindowsMicrosoft Corporationc:\windows\system32\olethk32.dll
+ rpcrt4Remote Procedure Call RuntimeMicrosoft Corporationc:\windows\system32\rpcrt4.dll
+ shell32Windows Shell Common DllMicrosoft Corporationc:\windows\system32\shell32.dll
+ urlInternet Shortcut Shell Extension DLLMicrosoft Corporationc:\windows\system32\url.dll
+ urlmonOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll
+ user32Windows XP USER API Client DLLMicrosoft Corporationc:\windows\system32\user32.dll
+ versionVersion Checking and File Installation LibrariesMicrosoft Corporationc:\windows\system32\version.dll
+ wininetInternet Extensions for Win32Microsoft Corporationc:\windows\system32\wininet.dll
+ wldap32Win32 LDAP API DLLMicrosoft Corporationc:\windows\system32\wldap32.dll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
+ logonui.exeWindows Logon UIMicrosoft Corporationc:\windows\system32\logonui.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ crypt32chainCrypto API32Microsoft Corporationc:\windows\system32\crypt32.dll
+ cryptnetCrypto Network Related APIMicrosoft Corporationc:\windows\system32\cryptnet.dll
+ cscdllOffline Network AgentMicrosoft Corporationc:\windows\system32\cscdll.dll
+ ScCertPropCommon DLL to receive Winlogon notificationsMicrosoft Corporationc:\windows\system32\wlnotify.dll
+ ScheduleCommon DLL to receive Winlogon notificationsMicrosoft Corporationc:\windows\system32\wlnotify.dll
+ sclgntfySecondary Logon Service Notification DLLMicrosoft Corporationc:\windows\system32\sclgntfy.dll
+ SensLognCommon DLL to receive Winlogon notificationsMicrosoft Corporationc:\windows\system32\wlnotify.dll
+ termsrvCommon DLL to receive Winlogon notificationsMicrosoft Corporationc:\windows\system32\wlnotify.dll
+ wlballoonCommon DLL to receive Winlogon notificationsMicrosoft Corporationc:\windows\system32\wlnotify.dll
HKCU\Control Panel\Desktop\Scrnsave.exe
+ C:\WINDOWS\system32\logon.scrLogon Screen SaverMicrosoft Corporationc:\windows\system32\logon.scr
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{2BC95629-7A87-4E3C-89B1-898620880908}] DATAGRAM 2Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{2BC95629-7A87-4E3C-89B1-898620880908}] SEQPACKET 2Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{351C6D80-F0CA-459E-9EBA-F2A6AAA1A727}] DATAGRAM 4Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{351C6D80-F0CA-459E-9EBA-F2A6AAA1A727}] SEQPACKET 4Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{5C70D73A-2C7A-4F68-9D2F-29F660E44621}] DATAGRAM 1Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{5C70D73A-2C7A-4F68-9D2F-29F660E44621}] SEQPACKET 1Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{7367A50E-4A39-4351-852D-A0AEE0BF6DAC}] DATAGRAM 3Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{7367A50E-4A39-4351-852D-A0AEE0BF6DAC}] SEQPACKET 3Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{E16BC90B-A61A-4D71-B5F3-D3434CF676FD}] DATAGRAM 0Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{E16BC90B-A61A-4D71-B5F3-D3434CF676FD}] SEQPACKET 0Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD Tcpip [RAW/IP]Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD Tcpip [TCP/IP]Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD Tcpip [UDP/IP]Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ RSVP TCP Service ProviderMicrosoft Windows Rsvp 1.0 Service ProviderMicrosoft Corporationc:\windows\system32\rsvpsp.dll
+ RSVP UDP Service ProviderMicrosoft Windows Rsvp 1.0 Service ProviderMicrosoft Corporationc:\windows\system32\rsvpsp.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ BJ Language MonitorLangage Monitor for Canon Bubble-Jet PrinterMicrosoft Corporationc:\windows\system32\cnbjmon.dll
+ Local PortLocal Spooler DLLMicrosoft Corporationc:\windows\system32\localspl.dll
+ PJL Language MonitorPJL Language monitorMicrosoft Corporationc:\windows\system32\pjlmon.dll
+ Standard TCP/IP PortStandard TCP/IP Port Monitor DLLMicrosoft Corporationc:\windows\system32\tcpmon.dll
+ USB MonitorStandard Dynamic Printing Port Monitor DLLMicrosoft Corporationc:\windows\system32\usbmon.dll
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
+ msv1_0Microsoft Authentication Package v1.0Microsoft Corporationc:\windows\system32\msv1_0.dll
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
+ scecliWindows Security Configuration Editor Client EngineMicrosoft Corporationc:\windows\system32\scecli.dll
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
+ kerberosKerberos Security PackageMicrosoft Corporationc:\windows\system32\kerberos.dll
+ msv1_0Microsoft Authentication Package v1.0Microsoft Corporationc:\windows\system32\msv1_0.dll
+ schannelTLS / SSL Security ProviderMicrosoft Corporationc:\windows\system32\schannel.dll
+ wdigestMicrosoft Digest AccessMicrosoft Corporationc:\windows\system32\wdigest.dll
ysys110 - 2006-5-11 23:09:00
隐藏系统进程后的日志
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ NvCplDaemonNVIDIA Taskbar Utility LibraryNVIDIA Corporationc:\windows\system32\nvqtwk.dll
+ yassistse没有找到文件: rem
+ YLive.exeYLive c:\program files\yahoo!\assistant\ylive.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ Rising Execute File Exts hookRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Message ViewPhone Browser Message ViewNokiac:\program files\nokia\nokia pc suite 6\messageview.dll
+ PhoneBrowserPhone BrowserNokiac:\program files\nokia\nokia pc suite 6\phonebrowser.dll
+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll
+ WinRAR shell extensionc:\program files\winrar\rarext.dll
+ Yahoo!PhotoyPhtbYahoo! Chinac:\program files\yahoo!\assistant\assist\yphtb.dll
+ 粉碎文件Wiper 动态链接库c:\program files\yahoo!\assistant\assist\ywiper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ AntiFish Classyangling.dllYahoo.c:\program files\yahoo!\assistant\assist\yangling.dll
+ DragSearch BHODragSearchc:\program files\yahoo!\assistant\assist\ydragsearch.dll
+ IeCatch2 Classjccatch ModuleAmaze Softd:\program files\flashget\flashget\jccatch.dll
+ QQBrowserHelperObject ClassQQIEHelper Module深圳市腾讯计算机系统有限公司d:\program files\qq\qqiehelper.dll
+ Yahoo!PhotoyPhtbYahoo! Chinac:\program files\yahoo!\assistant\assist\yphtb.dll
+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
+ coolbarToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ FlashGet BarFlashGet IE BarAmaze Softd:\program files\flashget\flashget\fgiebar.dll
+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ &FlashGetFlashGetAmaze Softd:\program files\flashget\flashget\flashget.exe
+ 浩方对战平台浩方对战平台上海浩方在线信息技术有限公司d:\program files\hf\浩方对战平台\gameclient.exe
+ 腾讯QQQQTENCENTd:\program files\qq\qq.exe
任务进度
+ DDD_Uninstall_Program.jobrep Modulec:\windows\temp\rep.exe
+ DM_Install_Program.jobdmremotesetup1000 Oaksd:\program files\hf\浩方对战平台\101318.exe
baohe - 2006-5-11 23:10:00
【回复“ysys110”的帖子】
日志还没贴完
附件:
1558472006511231248.jpg
ysys110 - 2006-5-11 23:12:00
贴完了呀。
baohe - 2006-5-11 23:13:00
| 引用: |
【ysys110的贴子】贴完了呀。
........................... |
看3楼的图
baohe - 2006-5-11 23:18:00
【回复“ysys110”的帖子】
给你个例子
附件:
1558472006511231842.jpg
阿杜QQ - 2006-5-11 23:21:00
这个你说得防火墙扫描工具?有点乱
ysys110 - 2006-5-11 23:29:00
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{2BC95629-7A87-4E3C-89B1-898620880908}] DATAGRAM 2Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{2BC95629-7A87-4E3C-89B1-898620880908}] SEQPACKET 2Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{351C6D80-F0CA-459E-9EBA-F2A6AAA1A727}] DATAGRAM 4Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{351C6D80-F0CA-459E-9EBA-F2A6AAA1A727}] SEQPACKET 4Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{5C70D73A-2C7A-4F68-9D2F-29F660E44621}] DATAGRAM 1Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{5C70D73A-2C7A-4F68-9D2F-29F660E44621}] SEQPACKET 1Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{7367A50E-4A39-4351-852D-A0AEE0BF6DAC}] DATAGRAM 3Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{7367A50E-4A39-4351-852D-A0AEE0BF6DAC}] SEQPACKET 3Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{E16BC90B-A61A-4D71-B5F3-D3434CF676FD}] DATAGRAM 0Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{E16BC90B-A61A-4D71-B5F3-D3434CF676FD}] SEQPACKET 0Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD Tcpip [RAW/IP]Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD Tcpip [TCP/IP]Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ MSAFD Tcpip [UDP/IP]Microsoft Windows Sockets 2.0 Service ProviderMicrosoft Corporationc:\windows\system32\mswsock.dll
+ RSVP TCP Service ProviderMicrosoft Windows Rsvp 1.0 Service ProviderMicrosoft Corporationc:\windows\system32\rsvpsp.dll
+ RSVP UDP Service ProviderMicrosoft Windows Rsvp 1.0 Service ProviderMicrosoft Corporationc:\windows\system32\rsvpsp.dll
baohe - 2006-5-11 23:29:00
| 引用: |
【阿杜QQ的贴子】这个你说得防火墙扫描工具?有点乱
........................... |
1、这不是瑞星防火墙带的那个工具。这只sysintrenal的auroruns。
2、乱与不乱——那要看你怎么用。这个autoruns有这种功能(见下图),我根本不用再辛辛苦苦的读什么日志!用好了,autoruns可以自己帮你找出那些异常的注册表项!
附件:
1558472006511233026.jpg
ysys110 - 2006-5-11 23:45:00
© 2000 - 2026 Rising Corp. Ltd.