----------------------------------
添加键值:77
----------------------------------
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F0E8CF5-F8BF-4645-8BA5-B77F8440A2FE}\VersionIndependentProgID\: "ToolBand.XBTP07744"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F0E8CF5-F8BF-4645-8BA5-B77F8440A2FE}\TypeLib\: "{921BCA06-B9C9-49a7-8F0E-26084B438CF4}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F0E8CF5-F8BF-4645-8BA5-B77F8440A2FE}\ProgID\: "ToolBand.XBTP07744.1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F0E8CF5-F8BF-4645-8BA5-B77F8440A2FE}\InprocServer32\: "C:\PROGRA~1\搜阉索鞴工~1\soso.dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F0E8CF5-F8BF-4645-8BA5-B77F8440A2FE}\InprocServer32\ThreadingModel: "Apartment"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F0E8CF5-F8BF-4645-8BA5-B77F8440A2FE}\: "XBTP07744 Class"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD0FCC2-3CBF-4D9D-8515-C48EB7C922F9}\VersionIndependentProgID\: "XBTB07744.XBTB07744"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD0FCC2-3CBF-4D9D-8515-C48EB7C922F9}\TypeLib\: "{921BCA06-B9C9-49a7-8F0E-26084B438CF4}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD0FCC2-3CBF-4D9D-8515-C48EB7C922F9}\ProgID\: "XBTB07744.XBTB07744.1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD0FCC2-3CBF-4D9D-8515-C48EB7C922F9}\InprocServer32\: "C:\Program Files\搜索工具栏\soso.dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD0FCC2-3CBF-4D9D-8515-C48EB7C922F9}\InprocServer32\ThreadingModel: "Apartment"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD0FCC2-3CBF-4D9D-8515-C48EB7C922F9}\: "搜索工具栏"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{921BCA06-B9C9-49A7-8F0E-26084B438CF4}\1.0\0\win32\: "C:\Program Files\搜索工具栏\soso.dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{921BCA06-B9C9-49A7-8F0E-26084B438CF4}\1.0\HELPDIR\: "C:\Program Files\搜索工具栏\"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{921BCA06-B9C9-49A7-8F0E-26084B438CF4}\1.0\FLAGS\: "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{921BCA06-B9C9-49A7-8F0E-26084B438CF4}\1.0\: "Softomate 1.0 Type Library"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTP07744\CurVer\: "ToolBand.XBTP07744.1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTP07744\CLSID\: "{6F0E8CF5-F8BF-4645-8BA5-B77F8440A2FE}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTP07744\: "XBTP07744 Class"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTP07744.1\CLSID\: "{6F0E8CF5-F8BF-4645-8BA5-B77F8440A2FE}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ToolBand.XBTP07744.1\: "XBTP07744 Class"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB07744.IEToolbar\CurVer\: "XBTB07744.IEToolbar.1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB07744.IEToolbar\CLSID\: "{8FD0FCC2-3CBF-4D9D-8515-C48EB7C922F9}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB07744.IEToolbar\: "IE Toolbar"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB07744.IEToolbar.1\CLSID\: "{8FD0FCC2-3CBF-4D9D-8515-C48EB7C922F9}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB07744.IEToolbar.1\: "IE Toolbar"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB07744.XBTB07744\CurVer\: "XBTB07744.XBTB07744.1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB07744.XBTB07744\CLSID\: "{8FD0FCC2-3CBF-4D9D-8515-C48EB7C922F9}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB07744.XBTB07744\: "搜索工具栏"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB07744.XBTB07744.1\CLSID\: "{8FD0FCC2-3CBF-4D9D-8515-C48EB7C922F9}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XBTB07744.XBTB07744.1\: "搜索工具栏"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8FD0FCC2-3CBF-4D9D-8515-C48EB7C922F9}: 00
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{6F0E8CF5-F8BF-4645-8BA5-B77F8440A2FE}\: "XBTP07744"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XBTB07744.XBTB07744Toolbar\DisplayName: "搜索"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XBTB07744.XBTB07744Toolbar\UninstallString: 72 65 67 73 76 72 33 32 20 2F 75 20 2F 73 20 22 43 3A 5C 50 72 6F 67 72 61 6D 20 46 69 6C 65 73 5C CB D1 CB F7 B9 A4 BE DF C0 B8 5C 73 6F 73 6F 2E
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe: 0x00000000
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:R:\wqfguh1.rkr: 01 00 00 00 06 00 00 00 50 C7 E0 15 B6 31 C7 01
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache\E:\jdsthu1.exe: "jdsthu1"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\tb_items\Widthcombo11: 0x00000001
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\corruptedMsg: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\uninstallMsg: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\updateMsg: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\autoUpdateMsg: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\versi
onError: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\connecti
onError: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\lastVersionMsg: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\contextMenuItemName: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\closeAllWindowsForUpdate: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\firstURL: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\serverpath: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\updateUrl: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\urlAfterUpdate: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\urlAfterUninstall: "http://www.kuaiso.com"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\contextSearch: "http://toolsbar.kuaiso.com/search.htm?st=1&dir=1&wd=%selection"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\OpenNew: "0"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\AutoComplete: "1"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\KeepHistory: "0"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\RunSearchAutomatically: "1"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\RunSearchDragAutomatically: "1"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\DescriptiveText: "1"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\ShowHighlightButton: "1"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\ShowFindButtons: "0"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\UpdateAutomatically: "2"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\EditWidthcombo1: "1"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\#EditWidthcombo1#: "Widthcombo11"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\PopStop: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\ErrorMsg: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\AlertMsg: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\FindWord: "Select %currentword on the page"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\AutoSearch: "http://toolsbar.kuaiso.com/search.htm?st=1&dir=1&wd=%s"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\AutoWild: ""
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\CloseWindow: "1"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\OldAssitant1: "http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\toolbar_id: "{15CD1708-BB55-4dfd-8A19-34D945B8194F}"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\toolbar_version: "<TOOLBAR name="鎼滅储宸ュ叿鏍? version="1.0"/>"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\firstTime: "1"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\XBTB07744\Toolbar\TBShow: "1"
----------------------------------
修改键值:3
----------------------------------
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG\Seed: E3 98 F1 71 FD 65 29 54 4D B1 F5 FC E7 FB 22 AC 0C 10 0A 51 28 CC 26 D6 C9 A0 BE 47 90 9A 9A 7A D8 30 69 A4 F7 68 04 90 EE 4D 3F BF BC 06 A3 51 F9 4A B3 7B 02 12 3E B7 82 E3 87 0F C1 13 3F 4A 02 4C 34 69 97 1E 4E 76 A8 80 43 DD 05 5B 7D 18
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG\Seed: 9A 94 31 1A 72 3A F0 BD 84 F5 16 DC 7F 40 7D E9 34 87 D1 5C 05 29 66 0B 86 D6 4E 35 90 FC 71 E0 61 EC 0E 30 80 2E 35 D8 94 49 89 E6 5C B3 09 5A EC 51 7A F1 B1 D0 3D B8 23 59 CD 85 C8 54 D9 F3 59 D4 57 8B 83 EB D6 BB 1E 25 0E F2 16 10 30 E9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant: "http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant: "http://toolsbar.kuaiso.com/search.html"
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU: 01 00 00 00 0F 00 00 00 E0 10 8D 08 B6 31 C7 01
HKEY_USERS\S-1-5-21-861567501-1844237615-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU: 01 00 00 00 10 00 00 00 50 C7 E0 15 B6 31 C7 01
----------------------------------
添加文件:7
----------------------------------
C:\Program Files\搜索工具栏\basis.xml
C:\Program Files\搜索工具栏\icons.bmp
C:\Program Files\搜索工具栏\soso.crc
C:\Program Files\搜索工具栏\soso.dll
C:\Program Files\搜索工具栏\soso_i.bmp
C:\Program Files\搜索工具栏\version.txt
C:\WINDOWS\Prefetch\JDSTHU1.EXE-18348511.pf
----------------------------------
修改文件:4
----------------------------------
C:\Documents and Settings\qwe\NTUSER.DAT.LOG
C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
C:\WINDOWS\system32\config\software
C:\WINDOWS\system32\config\software.LOG
----------------------------------
添加目录:6
----------------------------------
C:\Program Files\搜索工具栏
C:\Program Files\搜索工具栏\.
C:\Program Files\搜索工具栏\..
C:\Program Files\搜索工具栏\Cache
C:\Program Files\搜索工具栏\Cache\.
C:\Program Files\搜索工具栏\Cache\..
----------------------------------
总计:141
----------------------------------
