瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 主页被锁定www.yo101.com,高手来看看!急急急!

1   1  /  1  页   跳转

主页被锁定www.yo101.com,高手来看看!急急急!

收藏
无可奈何又中毒
头像
初生襁褓狮
  • 帖子:6
  • 注册: 2006-11-05
  • 来自:
发表于: 2006-11-05 21:03 | 显示全部 短消息 资料
字号: 1楼

主页被锁定www.yo101.com,高手来看看!急急急!

[Main]
Program=超级兔子IE修复专家
Version=V7.85
WindowsVersion=Windows XP
IEVersion=4.0.0000
WinDir=E:\WINDOWS\
WinSystemDir=E:\WINDOWS\system32\
USERPROFILE=E:\Documents and Settings\Administrator
Admin=1
Detail=1
Date=2006-11-05
Time=20:38:22
Code=,
CDCode=,
Reg=0

[Soft]
Max=0

[IE]
1_HKey=HKEY_CURRENT_USER
1_Key=Software\Microsoft\Internet Explorer\Main
1_Name=Window Title
1_Value=Microsoft Internet Explorer
2_HKey=HKEY_CURRENT_USER
2_Key=Software\Microsoft\Internet Explorer\Main
2_Name=Local Page
2_Value=about:blank
3_HKey=HKEY_CURRENT_USER
3_Key=Software\Microsoft\Internet Explorer\Main
3_Name=Search Page
3_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
4_HKey=HKEY_CURRENT_USER
4_Key=Software\Microsoft\Internet Explorer\Main
4_Name=Start Page
4_Value=
5_HKey=HKEY_CURRENT_USER
5_Key=Software\Microsoft\Internet Explorer\Main
5_Name=Default_page_url
5_Value=http://www.microsoft.com/windows/ie_intl/cn/start/
6_HKey=HKEY_CURRENT_USER
6_Key=Software\Microsoft\Internet Explorer\Main
6_Name=First Home Page
6_Value=
7_HKey=HKEY_LOCAL_MACHINE
7_Key=Software\Microsoft\Internet Explorer\Main
7_Name=Search Page
7_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
8_HKey=HKEY_LOCAL_MACHINE
8_Key=Software\Microsoft\Internet Explorer\Main
8_Name=Start Page
8_Value=http://www.yo101.com
9_HKey=HKEY_LOCAL_MACHINE
9_Key=Software\Microsoft\Internet Explorer\Main
9_Name=Default_page_url
9_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
10_HKey=HKEY_LOCAL_MACHINE
10_Key=Software\Microsoft\Internet Explorer\Main
10_Name=First Home Page
10_Value=
11_HKey=HKEY_LOCAL_MACHINE
11_Key=Software\Microsoft\Internet Explorer\Main
11_Name=Search Page
11_Value=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
12_HKey=HKEY_LOCAL_MACHINE
12_Key=Software\Microsoft\Internet Explorer\Main
12_Name=Start Page
12_Value=http://www.yo101.com
Max=12
最后编辑2006-11-06 11:27:50
分享到:
gototop
 
无可奈何又中毒
头像
初生襁褓狮
  • 帖子:6
  • 注册: 2006-11-05
  • 来自:
发表于: 2006-11-05 21:04 | 显示全部 短消息 资料
字号: 2楼

[IE2]
1_HKey=HKEY_CURRENT_USER
1_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
1_Name={01E04581-4EEE-11D0-BFE9-00AA005B4383}
1_FileName=%SystemRoot%\system32\browseui.dll
1_FileSize=1022464
1_FileDate=2006-5-10 下午 01:26:20
1_FileVersion=6.0.2900.2904
2_HKey=HKEY_CURRENT_USER
2_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
2_Name={0E5CBF21-D15F-11D0-8301-00AA005B4383}
2_FileName=%SystemRoot%\system32\SHELL32.dll
2_FileSize=8312320
2_FileDate=2006-3-17 下午 12:46:42
2_FileVersion=6.0.2900.2869
3_HKey=HKEY_CURRENT_USER
3_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
3_Name={43869BB3-22FD-4F15-9B46-238106BA2F4E}
3_FileName=D:\兔子优~1\MAGICSET\haokanbar.dll
3_FileSize=729088
3_FileDate=2006-7-24 下午 02:06:04
3_FileVersion=2.2.0.1612
4_HKey=HKEY_CURRENT_USER
4_Key=Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
4_Name={7A38130D-BEB7-4D60-BE7A-4C4AB6A85CD1}
4_FileName=
4_FileVersion=
5_HKey=HKEY_CURRENT_USER
5_Key=Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
5_Name={01E04581-4EEE-11D0-BFE9-00AA005B4383}
5_FileName=%SystemRoot%\system32\browseui.dll
5_FileSize=1022464
5_FileDate=2006-5-10 下午 01:26:20
5_FileVersion=6.0.2900.2904
6_HKey=HKEY_CURRENT_USER
6_Key=Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
6_Name={43869BB3-22FD-4F15-9B46-238106BA2F4E}
6_FileName=D:\兔子优~1\MAGICSET\haokanbar.dll
6_FileSize=729088
6_FileDate=2006-7-24 下午 02:06:04
6_FileVersion=2.2.0.1612
7_HKey=HKEY_LOCAL_MACHINE
7_Key=SOFTWARE\Microsoft\Internet Explorer\Toolbar
7_Name={43869BB3-22FD-4F15-9B46-238106BA2F4E}
7_FileName=D:\兔子优~1\MAGICSET\haokanbar.dll
7_FileSize=729088
7_FileDate=2006-7-24 下午 02:06:04
7_FileVersion=2.2.0.1612
Max=7

[IE3]
1_HKey=HKEY_CURRENT_USER
1_Key=Software\Microsoft\Internet Explorer\MenuExt\上传到QQ网络硬盘
1_FileName=D:\腾讯QQ\AddToNetDisk.htm
1_FileSize=534
1_FileDate=2006-5-23 下午 03:35:18
1_FileVersion=
2_HKey=HKEY_CURRENT_USER
2_Key=Software\Microsoft\Internet Explorer\MenuExt\添加到QQ自定义面板
2_FileName=D:\腾讯QQ\AddPanel.htm
2_FileSize=1815
2_FileDate=2006-5-23 下午 03:35:16
2_FileVersion=
3_HKey=HKEY_CURRENT_USER
3_Key=Software\Microsoft\Internet Explorer\MenuExt\添加到QQ表情
3_FileName=D:\腾讯QQ\AddEmotion.htm
3_FileSize=534
3_FileDate=2006-5-23 下午 03:35:16
3_FileVersion=
4_HKey=HKEY_CURRENT_USER
4_Key=Software\Microsoft\Internet Explorer\MenuExt\用QQ彩信发送该图片
4_FileName=D:\腾讯QQ\SendMMS.htm
4_FileSize=519
4_FileDate=2006-5-23 下午 03:35:36
4_FileVersion=
5_HKey=HKEY_LOCAL_MACHINE
5_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157b}
5_Clsid={1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
5_ButtonText=QQ
5_MenuText=腾讯QQ
5_FileName=
5_FileVersion=
6_HKey=HKEY_LOCAL_MACHINE
6_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}
6_Clsid={1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
6_ButtonText=QQ炫彩工具条设置
6_MenuText=QQ炫彩工具条设置
6_FileName=
6_FileVersion=
7_HKey=HKEY_CURRENT_USER
7_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping
7_Clsid=
7_ButtonText=
7_MenuText=
7_FileName=
7_FileVersion=
8_HKey=HKEY_CURRENT_USER
8_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{f15c22ef-534e-414d-ab5d-1425cd806e41}
8_Clsid={1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
8_ButtonText=哇哇网址导航
8_MenuText=哇哇网址导航
8_FileName=
8_FileVersion=
9_HKey=HKEY_CURRENT_USER
9_Key=SOFTWARE\Microsoft\Internet Explorer\Extensions\{f15c22ef-534e-414d-ab5d-1425cd806e42}
9_Clsid={1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
9_ButtonText=哇哇软件下载
9_MenuText=哇哇软件下载
9_FileName=
9_FileVersion=
10_HKey=HKEY_LOCAL_MACHINE
10_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7369D35A-5B70-4A5B-B789-B25FE09B4AF3}
10_Clsid=超级兔子上网精灵
10_FileName=D:\兔子优~1\MAGICSET\haokanbar.dll
10_FileSize=729088
10_FileDate=2006-7-24 下午 02:06:04
10_FileVersion=2.2.0.1612
11_HKey=HKEY_LOCAL_MACHINE
11_Key=SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}
11_Download=http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
11_FileName=
11_FileVersion=
12_HKey=HKEY_LOCAL_MACHINE
12_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1889E1A5-18ED-418E-B063-F4850CE5CD5B}
12_NameServer=
12_Clsid=
12_FileName=
12_FileVersion=
13_HKey=HKEY_LOCAL_MACHINE
13_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{529D8331-E5EA-423A-9F81-828EB60C4F49}
13_NameServer=
13_Clsid=
13_FileName=
13_FileVersion=
14_HKey=HKEY_LOCAL_MACHINE
14_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{530E6D1D-8269-4E9B-BA97-F898A3AF4C73}
14_NameServer=202.102.199.68 202.102.192.68
14_Clsid=
14_FileName=
14_FileVersion=
15_HKey=HKEY_LOCAL_MACHINE
15_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{773169A4-46A6-4607-9676-62FBCEDD857E}
15_NameServer=
15_Clsid=
15_FileName=
15_FileVersion=
16_HKey=HKEY_LOCAL_MACHINE
16_Key=SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A508EE03-EBF4-40CF-9247-F56612CA3896}
16_NameServer=
16_Clsid=
16_FileName=
16_FileVersion=
Max=16
gototop
 
无可奈何又中毒
头像
初生襁褓狮
  • 帖子:6
  • 注册: 2006-11-05
  • 来自:
发表于: 2006-11-05 21:10 | 显示全部 短消息 资料
字号: 3楼

[Link]
1_HKey=HKEY_CLASSES_ROOT
1_Key=.exe
1_Name=
1_Value=exefile
1_HKeyLink=HKEY_CLASSES_ROOT
1_KeyLink=exefile\shell\open\command
1_NameLink=
1_ValueLink="%1" %*
2_HKey=HKEY_CLASSES_ROOT
2_Key=.com
2_Name=
2_Value=comfile
2_HKeyLink=HKEY_CLASSES_ROOT
2_KeyLink=comfile\shell\open\command
2_NameLink=
2_ValueLink="%1" %*
3_HKey=HKEY_CLASSES_ROOT
3_Key=.lnk
3_Name=
3_Value=lnkfile
3_HKeyLink=HKEY_CLASSES_ROOT
3_KeyLink=lnkfile\CLSID
3_NameLink=
3_ValueLink={00021401-0000-0000-C000-000000000046}
4_HKey=HKEY_CLASSES_ROOT
4_Key=.txt
4_Name=
4_Value=txtfile
4_HKeyLink=HKEY_CLASSES_ROOT
4_KeyLink=txtfile\shell\open\command
4_NameLink=
4_ValueLink=%SystemRoot%\system32\NOTEPAD.EXE %1
4_FileSizeLink=66560
4_FileDateLink=2005-8-1 上午 08:00:00
4_FileVersionLink=5.1.2600.2180
5_HKey=HKEY_CLASSES_ROOT
5_Key=.htm
5_Name=
5_Value=htmlfile
5_HKeyLink=HKEY_CLASSES_ROOT
5_KeyLink=htmlfile\shell\open\command
5_NameLink=
5_ValueLink="E:\Program Files\Internet Explorer\iexplore.exe" -nohome
5_FileSizeLink=93184
5_FileDateLink=2005-8-1 上午 08:00:00
5_FileVersionLink=6.0.2900.2180
6_HKey=HKEY_CLASSES_ROOT
6_Key=.html
6_Name=
6_Value=htmlfile
6_HKeyLink=HKEY_CLASSES_ROOT
6_KeyLink=htmlfile\shell\open\command
6_NameLink=
6_ValueLink="E:\Program Files\Internet Explorer\iexplore.exe" -nohome
6_FileSizeLink=93184
6_FileDateLink=2005-8-1 上午 08:00:00
6_FileVersionLink=6.0.2900.2180
7_HKey=HKEY_CLASSES_ROOT
7_Key=.url
7_Name=
7_Value=InternetShortcut
7_HKeyLink=HKEY_CLASSES_ROOT
7_KeyLink=InternetShortcut\shell\open\command
7_NameLink=
7_ValueLink=rundll32.exe shdocvw.dll,OpenURL %l
8_HKey=HKEY_CLASSES_ROOT
8_Key=PROTOCOLS\Filter\text/html
8_Name=CLSID
8_Value=
9_HKey=HKEY_CLASSES_ROOT
9_Key=PROTOCOLS\Filter\text/plain
9_Name=CLSID
9_Value=
10_HKey=HKEY_LOCAL_MACHINE
10_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
10_Name=
10_Value=http://
11_HKey=HKEY_LOCAL_MACHINE
11_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes
11_Name=www
11_Value=http://
Max=11

[Shdoclc]
1_FileSize=498176
1_FileDate=2005-8-1 上午 08:00:00
1_FileVersion=6.0.2900.2180
Max=1

[AppInit_DLLs]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
1_Name=AppInit_DLLs
1_Value=
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
2_Name=Userinit
2_Value=E:\WINDOWS\system32\userinit.exe,
2_FileSize=23552
2_FileDate=2005-8-1 上午 08:00:00
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
3_Name=Shell
3_Value=Explorer.exe
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
4_Name=System
3_Value=
Max=4

[WinSock2NameSpace]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001
1_Name=DisplayString
1_Value=Tcpip
1_Enabled=1
1_LibraryPath=%SystemRoot%\System32\mswsock.dll
1_FileSize=240640
1_FileDate=2005-8-1 上午 08:00:00
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002
2_Name=DisplayString
2_Value=NTDS
2_Enabled=1
2_LibraryPath=%SystemRoot%\System32\winrnr.dll
2_FileSize=16896
2_FileDate=2005-8-1 上午 08:00:00
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003
3_Name=DisplayString
3_Value=网络位置知晓 (NLA) 名称空间
3_Enabled=1
3_LibraryPath=%SystemRoot%\System32\mswsock.dll
3_FileSize=240640
3_FileDate=2005-8-1 上午 08:00:00
Max=3

[WinSock2Protocol]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001
1_Name=PackedCatalogItem
1_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
1_Value=  ??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀%?揿礀挀氀愀搀昀?      ? ????耀?銡?ā              ? ? ? ? ā ?          ?匀????吀挀瀀椀瀀?嬀吀?倀??倀崀                                                                                                                                                                                                                                           
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002
2_Name=PackedCatalogItem
2_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
2_Value=  ??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀%?揿礀挀氀愀搀??      ? ????耀?銡?ā              ? ? ? ? ? ?      ?  MSAFD Tcpip [UDP/IP]                                                                                                                                                                                                                                           
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003
3_Name=PackedCatalogItem
3_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
3_Value=  ??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀%?揿礀挀氀愀搀??      ? ????耀?銡?ā              ? ? ? ? ?  ?    ?  MSAFD Tcpip [RAW/IP]                                                                                                                                                                                                                                           
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004
4_Name=PackedCatalogItem
4_FileName=%SystemRoot%\system32\rsvpsp.dll
4_Value=?揿愀洀瘀椀搀? ?椀渀昀 ā 戀? ccdecode.inf   ? certclas.inf  ?? communic.inf    ??comnt5.inf    ? corelist.inf  ???cyclad☉       ?鵠?????  龍???唼u 砀??嚇u ? ? ? ? ? ?      ?  RSVP UDP Service Provider ??    ā ?矵?? ??  捻欿??矵?w ???矵豈?聆氿?封?攀瘀椀挀攀尀笀??????????? ??? ???????????????? ?? 紀 ?????? ?? 紀 ????屐瀂鯁倂?????蠴畖? ?畕類??墶矷??  ???矚易?坐u 瀀鯁 ??龐矛???矚??矵??矵 ?? ??  tt??矵 ??矵    X ??矵 ?? 陳畗  ???SY?倀?? ā ?躐?漀渀琀?矵
5_HKey=HKEY_LOCAL_MACHINE
5_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005
5_Name=PackedCatalogItem
5_FileName=%SystemRoot%\system32\rsvpsp.dll
5_Value=?揿愀洀瘀椀搀? ?椀渀昀 ā 戀? ccdecode.inf   ? certclas.inf  ?? communic.inf    ??comnt5.inf    ? corelist.inf  ???cyclad?       ?鵠?????  ockdow  ?  ? ? ? ? ā ?          刀匀嘀倀?吀?倀?匀攀爀瘀椀挀攀?倀爀漀瘀椀搀攀爀  ?姨?姨???????囝??      ?????? ?囝??囜 搀??矵 ???樀?w 囜囜耂 ā ???t?  ??t?  ?  ??铀? ? ? ā ?t???  ??囜    ` 誥矵?蠿????矵 ? ?蠀?  ???w??矵??矵??  ??斴矷????????矵?矚      ?          ? ?????ā ? ??    栀鯊 搀岨?矵?桷鯊 搀岨??
6_HKey=HKEY_LOCAL_MACHINE
6_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006
6_Name=PackedCatalogItem
6_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
6_Value=  ??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀%?揿礀挀氀愀搀??      ?  弘玍?锑è往??                     耀        ?匀????一攀琀??伀匀?嬀尀?攀瘀椀挀攀尀一攀琀?吀开吀挀瀀椀瀀开笀??????????? ??? ???????????????? ?? 紀崀?匀?儀倀????吀?                                                                                                                                                                          
7_HKey=HKEY_LOCAL_MACHINE
7_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007
7_Name=PackedCatalogItem
7_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
7_Value=  ??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀%?揿礀挀氀愀搀??      ?  弘玍?锑è往??                     耀        ?匀????一攀琀??伀匀?嬀尀?攀瘀椀挀攀尀一攀琀?吀开吀挀瀀椀瀀开笀??????????? ??? ???????????????? ?? 紀崀???吀??刀???                                                                                                                                                                          
8_HKey=HKEY_LOCAL_MACHINE
8_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008
8_Name=PackedCatalogItem
8_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
8_Value=  ??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀%?揿礀挀氀愀搀??         弘玍?锑è往??                    ??        ?匀????一攀琀??伀匀?嬀尀?攀瘀椀挀攀尀一攀琀?吀开吀挀瀀椀瀀开笀??????????? ???????????? ?????????? 紀崀?匀?儀倀????吀??                                                                                                                                                                         
9_HKey=HKEY_LOCAL_MACHINE
9_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009
9_Name=PackedCatalogItem
9_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
9_Value=  ??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀%?揿礀挀氀愀搀??         弘玍?锑è往??                    ??        ?匀????一攀琀??伀匀?嬀尀?攀瘀椀挀攀尀一攀琀?吀开吀挀瀀椀瀀开笀??????????? ???????????? ?????????? 紀崀???吀??刀????                                                                                                                                                                         
10_HKey=HKEY_LOCAL_MACHINE
10_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010
10_Name=PackedCatalogItem
10_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
10_Value=  ??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀%?揿礀挀氀愀搀??         弘玍?锑è往??                    _?        MSAFD NetBIOS [\Device\NetBT_Tcpip_{F9DE49EA-8406-4523-B289-91B8F0BDE0DA}] SEQPACKET
gototop
 
无可奈何又中毒
头像
初生襁褓狮
  • 帖子:6
  • 注册: 2006-11-05
  • 来自:
发表于: 2006-11-05 21:12 | 显示全部 短消息 资料
字号: 4楼

11_HKey=HKEY_LOCAL_MACHINE
11_Key=SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011
11_Name=PackedCatalogItem
11_FileName=%SystemRoot%\system32\mswsock.dll c a m v i d 3 0 . i n f
11_Value=  ??挀挀搀攀挀漀搀攀?椀渀昀 ā  氀挀攀爀琀挀氀愀猀?椀渀昀  戀瀅挀漀洀洀甀渀椀挀?椀渀昀    ??揿漀洀渀琀??椀渀昀    吀
挀漀爀攀氀椀猀琀?椀渀昀  戀%?揿礀挀氀愀搀??         弘玍?锑è往??                    _?        MSAFD NetBIOS [\Device\NetBT_Tcpip_{F9DE49EA-8406-4523-B289-91B8F0BDE0DA}] DATAGRAM 2                                                                                                                                                                         
Max=11

[WinSock2Winsock]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=System\CurrentControlSet\Services\Winsock2\Winsock
1_Name=PathName
1_Value=
1_Found=0
Max=1

[WOW]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Control\WOW
1_Name=cmdline
1_Value=%SystemRoot%\system32\ntvdm.exe -o
1_Filename=E:\WINDOWS\SYSTEM32\NTVDM.EXE
1_FileSize=417280
1_FileDate=2005-8-1 上午 08:00:00
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SYSTEM\CurrentControlSet\Control\WOW
2_Name=wowcmdline
2_Value=%SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
2_Filename=E:\WINDOWS\SYSTEM32\NTVDM.EXE
2_FileSize=417280
2_FileDate=2005-8-1 上午 08:00:00
Max=2

[ShellExecuteHooks]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
1_Name={AEB6717E-7E19-11d0-97EE-00C04FD91972}
1_ClsidName=URL 执行挂钩
1_FileName=E:\WINDOWS\system32\shell32.dll
1_FileSize=8312320
1_FileDate=2006-3-17 下午 12:46:42
Max=1

[ShellServiceObjectDelayLoad]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
1_Name=PostBootReminder
1_Value={7849596a-48ea-486e-8937-a2a3009f31a9}
1_ClsidName=PostBootReminder 对象
1_FileName=%SystemRoot%\system32\SHELL32.dll
1_FileSize=8312320
1_FileDate=2006-3-17 下午 12:46:42
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
2_Name=CDBurn
2_Value={fbeb8a05-beee-4442-804e-409d6c4515e9}
2_ClsidName=烧 CD 的 ShellFolder
2_FileName=%SystemRoot%\system32\SHELL32.dll
2_FileSize=8312320
2_FileDate=2006-3-17 下午 12:46:42
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
3_Name=WebCheck
3_Value={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
3_ClsidName=WebCheck
3_FileName=%SystemRoot%\system32\webcheck.dll
3_FileSize=265728
3_FileDate=2005-8-1 上午 08:00:00
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
4_Name=SysTray
4_Value={35CEC8A3-2BE6-11D2-8773-92E220524153}
4_ClsidName=SysTray
4_FileName=E:\WINDOWS\system32\stobject.dll
4_FileSize=121344
4_FileDate=2005-8-1 上午 08:00:00
Max=4

[SharedTaskScheduler]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
1_Name={438755C2-A8BA-11D1-B96B-00A0C90312E1}
1_Value=Browseui 预加载程序
1_FileName=%SystemRoot%\system32\browseui.dll
1_FileSize=1022464
1_FileDate=2006-5-10 下午 01:26:20
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
2_Name={8C7461EF-2B13-11d2-BE35-3078302C2030}
2_Value=组件类别缓存程序
2_FileName=%SystemRoot%\system32\browseui.dll
2_FileSize=1022464
2_FileDate=2006-5-10 下午 01:26:20
Max=2

[ProtocolDefaults]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
1_Name=http
1_Value=3
2_HKey=HKEY_LOCAL_MACHINE
2_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
2_Name=https
2_Value=3
3_HKey=HKEY_LOCAL_MACHINE
3_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
3_Name=ftp
3_Value=3
4_HKey=HKEY_LOCAL_MACHINE
4_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
4_Name=file
4_Value=3
5_HKey=HKEY_LOCAL_MACHINE
5_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
5_Name=@ivt
5_Value=1
6_HKey=HKEY_LOCAL_MACHINE
6_Key=SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
6_Name=shell
6_Value=0
Max=6

[BootExecute]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=SYSTEM\CurrentControlSet\Control\Session Manager
1_Name=BootExecute
1_Value=autocheck autochk *
Max=1

[AutoRun]
1_HKey=HKEY_LOCAL_MACHINE
1_Key=Software\Microsoft\Windows\CurrentVersion\Run
1_Name=PHIME2002ASync
1_Value=e:\windows\system32\ime\tintlgnt\tintsetp.exe /sync
1_FileSize=455168
1_FileDate=2005-8-1 上午 08:00:00
1_FileVersion=5.2.0.2801
2_HKey=HKEY_LOCAL_MACHINE
2_Key=Software\Microsoft\Windows\CurrentVersion\Run
2_Name=PHIME2002A
2_Value=e:\windows\system32\ime\tintlgnt\tintsetp.exe /imename
2_FileSize=455168
2_FileDate=2005-8-1 上午 08:00:00
2_FileVersion=5.2.0.2801
3_HKey=HKEY_LOCAL_MACHINE
3_Key=Software\Microsoft\Windows\CurrentVersion\Run
3_Name=RavTask
3_Value="e:\program files\rising\rav\ravtask.exe" -system
3_FileSize=114688
3_FileDate=2006-3-30 下午 05:57:57
3_FileVersion=18.0.0.22
4_HKey=HKEY_LOCAL_MACHINE
4_Key=Software\Microsoft\Windows\CurrentVersion\Run
4_Name=Cmaudio
4_Value=; rundll32 cmicnfg.cpl,cmictrlwnd
5_HKey=HKEY_LOCAL_MACHINE
5_Key=Software\Microsoft\Windows\CurrentVersion\Run
5_Name=Super Rabbit SafeEdit
5_Value=; d:\兔子优化大师\magicset\srfc.exe /load
5_FileSize=43520
5_FileDate=2004-12-5 下午 07:31:32
5_FileVersion=2.20.0.0
6_HKey=HKEY_LOCAL_MACHINE
6_Key=Software\Microsoft\Windows\CurrentVersion\Run
6_Name=StormCodec_Helper
6_Value="d:\新建文件夹\storm codec\stormset.exe" /s /opti
6_FileVersion=
7_HKey=HKEY_LOCAL_MACHINE
7_Key=Software\Microsoft\Windows NT\CurrentVersion\Windows
7_Name=load
7_Value=
8_HKey=HKEY_CURRENT_USER
8_Key=Software\Microsoft\Windows NT\CurrentVersion\Windows
8_Name=load
8_Value=
Max=8
gototop
 
无可奈何又中毒
头像
初生襁褓狮
  • 帖子:6
  • 注册: 2006-11-05
  • 来自:
发表于: 2006-11-05 21:12 | 显示全部 短消息 资料
字号: 5楼

[Process]
1_FileName=E:\WINDOWS\SYSTEM32\SMSS.EXE
1_FileSize=50688
1_FileDate=2005-8-1 上午 08:00:00
1_FileVersion=5.1.2600.2180
2_FileName=E:\WINDOWS\SYSTEM32\WINLOGON.EXE
2_FileSize=487424
2_FileDate=2005-8-1 上午 08:00:00
2_FileVersion=5.1.2600.2180
3_FileName=E:\WINDOWS\SYSTEM32\SERVICES.EXE
3_FileSize=108032
3_FileDate=2005-8-1 上午 08:00:00
3_FileVersion=5.1.2600.2180
4_FileName=E:\WINDOWS\SYSTEM32\LSASS.EXE
4_FileSize=13312
4_FileDate=2005-8-1 上午 08:00:00
4_FileVersion=5.1.2600.2180
5_FileName=E:\WINDOWS\SYSTEM32\SVCHOST.EXE
5_FileSize=14336
5_FileDate=2005-8-1 上午 08:00:00
5_FileVersion=5.1.2600.2180
6_FileName=E:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
6_FileSize=110592
6_FileDate=2006-3-30 下午 05:57:57
6_FileVersion=18.0.0.3
7_FileName=E:\WINDOWS\SYSTEM32\SVCHOST.EXE
7_FileSize=14336
7_FileDate=2005-8-1 上午 08:00:00
7_FileVersion=5.1.2600.2180
8_FileName=E:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE
8_FileSize=266240
8_FileDate=2006-11-5 下午 12:00:12
8_FileVersion=18.0.1.47
9_FileName=E:\WINDOWS\EXPLORER.EXE
9_FileSize=976896
9_FileDate=2005-8-1 上午 08:00:00
9_FileVersion=6.0.2900.2180
10_FileName=E:\WINDOWS\SYSTEM32\SPOOLSV.EXE
10_FileSize=57856
10_FileDate=2005-8-1 上午 08:00:00
10_FileVersion=5.1.2600.2696
11_FileName=E:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE
11_FileSize=114688
11_FileDate=2006-3-30 下午 05:57:57
11_FileVersion=18.0.0.22
12_FileName=E:\PROGRAM FILES\RISING\RAV\RAVMON.EXE
12_FileSize=614400
12_FileDate=2006-11-5 下午 12:00:12
12_FileVersion=18.0.1.39
13_FileName=E:\WINDOWS\SYSTEM32\CTFMON.EXE
13_FileSize=15360
13_FileDate=2005-8-1 上午 08:00:00
13_FileVersion=5.1.2600.2180
14_FileName=E:\PROGRAM FILES\RISING\RAV\RSAGENT.EXE
14_FileSize=106496
14_FileDate=2006-3-30 下午 05:57:12
14_FileVersion=18.0.0.12
15_FileName=E:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
15_FileSize=93184
15_FileDate=2005-8-1 上午 08:00:00
15_FileVersion=6.0.2900.2180
16_FileName=E:\WINDOWS\MSAGENT\AGENTSVR.EXE
16_FileSize=256512
16_FileDate=2005-8-1 上午 08:00:00
16_FileVersion=2.0.0.3422
17_FileName=D:\兔子优化大师\MAGICSET\IEHELP.EXE
17_FileSize=1359872
17_FileDate=2006-10-10 下午 11:18:02
17_FileVersion=7.85.0.0
18_FileName=[SYSTEM PROCESS]
19_FileName=E:\WINDOWS\system32\CSRSS.EXE
19_FileSize=6144
19_FileDate=2005-8-1 上午 08:00:00
19_FileVersion=5.1.2600.2180
20_FileName=E:\WINDOWS\system32\ALG.EXE
20_FileSize=44544
20_FileDate=2005-8-1 上午 08:00:00
20_FileVersion=5.1.2600.2180
Max=20

[Hosts]
HostsFile=E:\WINDOWS\system32\Drivers\Etc\Hosts
1_Host=127.0.0.1      localhost
Max=1

[Service]
1_ServiceName=DcomLaunch
1_DisplayName=DCOM Server Process Launcher
1_Description=为 DCOM 服务提供加载功能。
1_Status=已启动
1_StartType=自动
1_ServiceDll=E:\WINDOWS\SYSTEM32\RPCSS.DLL
1_ImagePath=E:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH

2_ServiceName=HTTPFilter
2_DisplayName=HTTP SSL
2_Description=此服务通过安全套接字层(SSL)实现 HTTP 服务的安全超文本传送协议(HTTPS)。如果此服务被禁用,任何依赖它的服务将无法启动。
2_Status=停止
2_StartType=手动
2_ServiceDll=E:\WINDOWS\SYSTEM32\W3SSL.DLL
2_ImagePath=E:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER

3_ServiceName=NetDDEdsdm
3_DisplayName=Network DDE DSDM
3_Description=管理动态数据交换 (DDE) 网络共享。如果此服务终止,DDE 网络共享将不可用。如果此服务被禁用,任何依赖它的服务将无法启动。
3_Status=停止
3_StartType=已禁用
3_ServiceDll=
3_ImagePath=E:\WINDOWS\SYSTEM32\NETDDE.EXE

4_ServiceName=RsCCenter
4_DisplayName=Rising Process Communication Center
4_Description=
4_Status=已启动
4_StartType=自动
4_ServiceDll=
4_ImagePath="E:\PROGRAM FILES\RISING\RAV\CCENTER.EXE"

5_ServiceName=RsRavMon
5_DisplayName=Rising RealTime Monitor
5_Description=
5_Status=已启动
5_StartType=自动
5_ServiceDll=
5_ImagePath="E:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE"

6_ServiceName=UMWdf
6_DisplayName=Windows User Mode Driver Framework
6_Description=启用 Windows 用户模式驱动程序。
6_Status=停止
6_StartType=手动
6_ServiceDll=
6_ImagePath=E:\WINDOWS\SYSTEM32\WDFMGR.EXE

7_ServiceName=WmdmPmSN
7_DisplayName=Portable Media Serial Number Service
7_Description=Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
7_Status=停止
7_StartType=手动
7_ServiceDll=E:\WINDOWS\SYSTEM32\MSPMSNSV.DLL
7_ImagePath=E:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS

8_ServiceName=wscsvc
8_DisplayName=Security Center
8_Description=监视系统安全设置和配置。
8_Status=已启动
8_StartType=自动
8_ServiceDll=E:\WINDOWS\SYSTEM32\WSCSVC.DLL
8_ImagePath=E:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS

9_ServiceName=xmlprov
9_DisplayName=Network Provisioning Service
9_Description=为自动网络提供管理基于域的 XML 配置文件。
9_Status=停止
9_StartType=手动
9_ServiceDll=E:\WINDOWS\SYSTEM32\XMLPROV.DLL
9_ImagePath=E:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS

Max=9

[END]
Max=1
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT