|
 | 作者: shuishi [shuishi]
 论坛用户 |
登录 |
| 在这个报告里面: 注册表报告 文件列表位于 C:\WINDOWS\*.* 文件列表位于 C:\WINDOWS\SYSTEM\*.* win.ini 报告 system.ini 报告 c:\autoexec.bat 报告 c:\config.sys 报告 -------------------------------------------------------------------------------- 注册表报告 统计信息: 被删除的键: 2 被修改的键: 12 新增的键 : 9 被删除的键 HKEY_USERS\.DEFAULT\Software\Vitas\regsnap\estimReg\@ Value: <value not set> HKEY_USERS\.DEFAULT\Software\Vitas\regsnap\Recent File List\@ Value: <value not set> -------------- Total positions: 2 被修改的键 HKEY_LOCAL_MACHINE\Software\Description\Microsoft\Rpc\UuidPersistentData\LastTimeAllocated Old value: Type: REG_BINARY Length: 8 byte(s) 80 99 E3 3E 2D 71 D8 01 | ...>-q.. New value: Type: REG_BINARY Length: 8 byte(s) 20 3D 85 98 2F 71 D8 01 | =../q.. HKEY_LOCAL_MACHINE\Software\Microsoft\DirectDraw\MostRecentApplication\ID Old value: DWORD: 924266219 (0x37172eeb) New value: DWORD: 1016860177 (0x3c9c0e11) HKEY_LOCAL_MACHINE\Software\Microsoft\DirectDraw\MostRecentApplication\Name Old value: String: "IEXPLORE.EXE" New value: String: "MWIE.EXE" HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Desktop\Components\GeneralFlags Old value: DWORD: 1 (0x1) New value: DWORD: 0 (0) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Download Directory Old value: String: "C:\gong" New value: String: "C:\" HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\International\CpMRU\Cache Old value: Type: REG_BINARY Length: 80 byte(s) B0 04 00 00 16 00 00 00 E9 FD 00 00 02 00 00 00 | ................ AF 6F 00 00 02 00 00 00 00 00 00 00 00 00 00 00 | .o.............. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................ New value: Type: REG_BINARY Length: 80 byte(s) B0 04 00 00 17 00 00 00 E9 FD 00 00 02 00 00 00 | ................ AF 6F 00 00 02 00 00 00 00 00 00 00 00 00 00 00 | .o.............. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................ HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU\MRUListEx Old value: Type: REG_BINARY Length: 256 byte(s) 04 00 00 00 01 00 00 00 3E 00 00 00 2C 00 00 00 | ........>...,... 3C 00 00 00 3D 00 00 00 3B 00 00 00 3A 00 00 00 | <...=...;...:... 39 00 00 00 1F 00 00 00 38 00 00 00 00 00 00 00 | 9.......8....... 16 00 00 00 37 00 00 00 36 00 00 00 0E 00 00 00 | ....7...6....... 35 00 00 00 34 00 00 00 33 00 00 00 32 00 00 00 | 5...4...3...2... 05 00 00 00 31 00 00 00 30 00 00 00 2F 00 00 00 | ....1...0.../... 1A 00 00 00 06 00 00 00 2E 00 00 00 03 00 00 00 | ................ 2D 00 00 00 2B 00 00 00 0D 00 00 00 1B 00 00 00 | -...+........... 2A 00 00 00 29 00 00 00 27 00 00 00 28 00 00 00 | *...)...'...(... 0C 00 00 00 26 00 00 00 25 00 00 00 0B 00 00 00 | ....&...%....... 0A 00 00 00 24 00 00 00 07 00 00 00 15 00 00 00 | ....$........... 14 00 00 00 20 00 00 00 21 00 00 00 23 00 00 00 | .... ...!...#... 22 00 00 00 1D 00 00 00 1E 00 00 00 1C 00 00 00 | "............... 02 00 00 00 19 00 00 00 18 00 00 00 17 00 00 00 | ................ 12 00 00 00 13 00 00 00 11 00 00 00 10 00 00 00 | ................ 0F 00 00 00 08 00 00 00 09 00 00 00 FF FF FF FF | ................ New value: Type: REG_BINARY Length: 260 byte(s) 01 00 00 00 00 00 00 00 3F 00 00 00 04 00 00 00 | ........?....... 3E 00 00 00 2C 00 00 00 3C 00 00 00 3D 00 00 00 | >...,...<...=... 3B 00 00 00 3A 00 00 00 39 00 00 00 1F 00 00 00 | ;...:...9....... 38 00 00 00 16 00 00 00 37 00 00 00 36 00 00 00 | 8.......7...6... 0E 00 00 00 35 00 00 00 34 00 00 00 33 00 00 00 | ....5...4...3... 32 00 00 00 05 00 00 00 31 00 00 00 30 00 00 00 | 2.......1...0... 2F 00 00 00 1A 00 00 00 06 00 00 00 2E 00 00 00 | /............... 03 00 00 00 2D 00 00 00 2B 00 00 00 0D 00 00 00 | ....-...+....... 1B 00 00 00 2A 00 00 00 29 00 00 00 27 00 00 00 | ....*...)...'... 28 00 00 00 0C 00 00 00 26 00 00 00 25 00 00 00 | (.......&...%... 0B 00 00 00 0A 00 00 00 24 00 00 00 07 00 00 00 | ........$....... 15 00 00 00 14 00 00 00 20 00 00 00 21 00 00 00 | ........ ...!... 23 00 00 00 22 00 00 00 1D 00 00 00 1E 00 00 00 | #..."........... 1C 00 00 00 02 00 00 00 19 00 00 00 18 00 00 00 | ................ 17 00 00 00 12 00 00 00 13 00 00 00 11 00 00 00 | ................ 10 00 00 00 0F 00 00 00 08 00 00 00 09 00 00 00 | ................ FF FF FF FF | .... HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\1\CabView Old value: Type: REG_BINARY Length: 92 byte(s) 5C 00 00 00 02 00 00 00 01 00 00 00 B8 0B 00 00 | \............... B8 0B 00 00 FF FF FF FF FF FF FF FF 00 00 00 00 | ................ 00 00 00 00 A0 01 00 00 84 01 00 00 01 00 00 00 | ................ 00 00 00 00 7C 2A 00 00 00 00 00 00 B6 28 F7 BF | ....|*.......(.. 07 00 00 00 E0 D0 57 00 73 35 CF 11 AE 69 08 00 | ......W.s5...i.. 2B 2E 12 62 01 00 00 00 00 00 00 00 | +..b........ New value: Type: REG_BINARY Length: 92 byte(s) 5C 00 00 00 02 00 00 00 03 00 00 00 FF FF FF FF | \............... FF FF FF FF FF FF FF FF FF FF FF FF 00 00 00 00 | ................ 00 00 00 00 A0 01 00 00 84 01 00 00 01 00 00 00 | ................ 00 00 00 00 8C 29 00 00 00 00 00 00 B6 28 F7 BF | .....).......(.. 07 00 00 00 E0 D0 57 00 73 35 CF 11 AE 69 08 00 | ......W.s5...i.. 2B 2E 12 62 01 00 00 00 00 00 00 00 | +..b........ HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\1\ViewView2 Old value: Type: REG_BINARY Length: 360 byte(s) 1C 00 00 00 01 00 00 00 00 00 00 00 00 00 30 00 | ..............0. 00 00 00 00 01 00 00 00 FF FF FF FF F0 F0 F0 F0 | ................ 14 00 03 00 68 01 00 00 00 00 00 00 00 00 00 00 | ....h........... FD 00 00 00 02 00 00 00 18 00 31 00 00 00 00 00 | ..........1..... 65 30 15 0D 10 00 67 6F 6E 67 00 47 4F 4E 47 00 | e0....gong.GONG. 16 00 00 00 02 00 00 00 34 00 B1 00 00 00 00 00 | ........4....... 64 30 E7 7D 10 00 4D 79 20 44 6F 63 75 6D 65 6E | d0.}..My Documen 74 73 00 4D 59 44 4F 43 55 7E 31 00 BA 8F 0D 45 | ts.MYDOCU~1....E 25 AD D0 11 98 A8 08 00 36 1B 11 03 63 00 00 00 | %.......6...c... 02 00 00 00 25 00 31 00 00 00 00 00 64 30 D9 72 | ....%.1.....d0.r 11 00 50 72 6F 67 72 61 6D 20 46 69 6C 65 73 00 | ..Program Files. 50 52 4F 47 52 41 7E 31 00 B0 00 00 00 02 00 00 | PROGRA~1........ 00 17 00 31 00 00 00 00 00 64 30 D7 72 10 80 57 | ...1.....d0.r..W 69 6E 64 6F 77 73 00 00 F5 01 00 00 FD FF FF FF | indows.......... 18 00 31 00 00 00 00 00 67 30 E4 25 10 00 C6 C6 | ..1.....g0.%.... BD E2 00 C6 C6 BD E2 00 97 01 00 00 02 00 00 00 | ................ 2E 00 32 00 C8 F2 0F 00 68 30 91 12 20 00 30 31 | ..2.....h0.. .01 30 39 56 42 52 75 6E 36 30 73 70 34 2E 65 78 65 | 09VBRun60sp4.exe 00 30 31 30 39 56 42 52 55 2E 45 58 45 00 4A 01 | .0109VBRU.EXE.J. 00 00 02 00 00 00 26 00 32 00 A0 53 15 00 97 2B | ......&.2..S...+ 9D 21 20 00 63 72 61 63 6B 65 72 2E 63 68 6D 00 | .! .cracker.chm. 43 52 41 43 4B 45 52 2E 43 48 4D 00 4A 01 00 00 | CRACKER.CHM.J... 02 00 00 00 00 00 D1 7F | ....... New value: Type: REG_BINARY Length: 432 byte(s) 1C 00 00 00 01 00 00 00 00 00 00 00 00 00 30 00 | ..............0. 00 00 00 00 01 00 00 00 FF FF FF FF F0 F0 F0 F0 | ................ 14 00 03 00 B0 01 00 00 00 00 00 00 00 00 00 00 | ................ FD 00 00 00 02 00 00 00 18 00 31 00 00 00 00 00 | ..........1..... 65 30 15 0D 10 00 67 6F 6E 67 00 47 4F 4E 47 00 | e0....gong.GONG. 16 00 00 00 02 00 00 00 34 00 B1 00 00 00 00 00 | ........4....... 64 30 E7 7D 10 00 4D 79 20 44 6F 63 75 6D 65 6E | d0.}..My Documen 74 73 00 4D 59 44 4F 43 55 7E 31 00 BA 8F 0D 45 | ts.MYDOCU~1....E 25 AD D0 11 98 A8 08 00 36 1B 11 03 63 00 00 00 | %.......6...c... 02 00 00 00 25 00 31 00 00 00 00 00 64 30 D9 72 | ....%.1.....d0.r 11 00 50 72 6F 67 72 61 6D 20 46 69 6C 65 73 00 | ..Program Files. 50 52 4F 47 52 41 7E 31 00 B0 00 00 00 02 00 00 | PROGRA~1........ 00 17 00 31 00 00 00 00 00 64 30 D7 72 10 80 57 | ...1.....d0.r..W 69 6E 64 6F 77 73 00 00 88 02 00 00 02 00 00 00 | indows.......... 18 00 31 00 00 00 00 00 68 30 4D 54 10 00 7A 73 | ..1.....h0MT..zs 68 79 00 5A 53 48 59 00 F5 01 00 00 FD FF FF FF | hy.ZSHY......... 18 00 31 00 00 00 00 00 67 30 E4 25 10 00 C6 C6 | ..1.....g0.%.... BD E2 00 C6 C6 BD E2 00 97 01 00 00 02 00 00 00 | ................ 2E 00 32 00 C8 F2 0F 00 68 30 91 12 20 00 30 31 | ..2.....h0.. .01 30 39 56 42 52 75 6E 36 30 73 70 34 2E 65 78 65 | 09VBRun60sp4.exe 00 30 31 30 39 56 42 52 55 2E 45 58 45 00 4A 01 | .0109VBRU.EXE.J. 00 00 02 00 00 00 26 00 32 00 A0 53 15 00 97 2B | ......&.2..S...+ 9D 21 20 00 63 72 61 63 6B 65 72 2E 63 68 6D 00 | .! .cracker.chm. 43 52 41 43 4B 45 52 2E 43 48 4D 00 37 02 00 00 | CRACKER.CHM.7... FF FF FF FF 20 00 32 00 5F 10 00 00 68 30 2F 54 | .... .2._...h0/T 20 00 7A 73 68 79 2E 72 61 72 00 5A 53 48 59 2E | .zshy.rar.ZSHY. 52 41 52 00 37 02 00 00 FF FF FF FF 00 00 D1 7F | RAR.7.......... HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\Desktop\ViewView2 Old value: Type: REG_BINARY Length: 569 byte(s) 1C 00 00 00 01 00 00 00 00 00 00 00 00 00 30 00 | ..............0. 00 00 00 00 01 00 00 00 FF FF FF FF F0 F0 F0 F0 | ................ 14 00 03 00 39 02 00 00 00 00 00 00 00 00 00 00 | ....9........... 16 00 00 00 02 00 00 00 14 00 1F 0F E0 4F D0 20 | .............O. EA 3A 69 10 A2 D8 08 00 2B 30 30 9D 16 00 00 00 | .:i.....+00..... 4D 00 00 00 14 00 1F 10 BA 8F 0D 45 25 AD D0 11 | M..........E%... 98 A8 08 00 36 1B 11 03 12 00 00 00 8F 00 00 00 | ....6........... 14 00 1F 2D 60 2C 8D 20 EA 3A 69 10 A2 D7 08 00 | ...-`,. .:i..... 2B 30 30 9D B0 00 00 00 02 00 00 00 14 00 1F 00 | +00............. 3C D8 E9 7B 29 A7 97 4D B5 A7 1B 73 13 C3 9E 0A | <..{)..M...s.... 1A 00 00 00 DF 00 00 00 14 00 1F 00 40 F0 5F 64 | ............@._d 81 50 1B 10 9F 08 00 AA 00 2F 95 4E 1A 00 00 00 | .P......./.N.... 34 01 00 00 32 00 B1 00 00 00 00 00 64 30 21 7C | 4...2.......d0!| 11 00 CE D2 B5 C4 B9 AB CE C4 B0 FC 00 CE D2 B5 | ................ C4 B9 AB 7E 31 00 20 D9 BB 85 A0 42 69 10 A2 E4 | ...~1. ....Bi... 08 00 2B 30 30 9D 63 00 00 00 98 00 00 00 2B 00 | ..+00.c.......+. 32 00 C7 03 00 00 65 30 20 56 20 00 4D 53 2D 44 | 2.....e0 V .MS-D 4F 53 20 B7 BD CA BD 2E 70 69 66 00 4D 53 2D 44 | OS .....pif.MS-D 4F 53 7E 31 2E 50 49 46 00 63 00 00 00 EB 00 00 | OS~1.PIF.c...... 00 28 00 32 00 71 01 00 00 65 30 79 47 20 00 4D | .(.2.q...e0yG .M 77 49 45 32 30 30 34 2E 6C 6E 6B 00 4D 57 49 45 | wIE2004.lnk.MWIE 32 30 30 34 2E 4C 4E 4B 00 63 00 00 00 4D 00 00 | 2004.LNK.c...M.. 00 32 00 32 00 BE 01 00 00 65 30 82 18 20 00 50 | .2.2.....e0.. .P 61 72 74 69 74 69 6F 6E 4D 61 67 69 63 20 38 2E | artitionMagic 8. 30 2E 6C 6E 6B 00 50 41 52 54 49 54 7E 31 2E 4C | 0.lnk.PARTIT~1.L 4E 4B 00 16 00 00 00 79 01 00 00 36 00 32 00 5A | NK.....y...6.2.Z 01 00 00 68 30 AE 11 20 00 56 69 73 75 61 6C 20 | ...h0.. .Visual 42 61 73 69 63 20 36 2E 30 BE AB BC F2 B0 E6 2E | Basic 6.0....... 6C 6E 6B 00 56 49 53 55 41 4C 42 41 2E 4C 4E 4B | lnk.VISUALBA.LNK 00 66 00 00 00 26 01 00 00 28 00 32 00 B0 01 00 | .f...&...(.2.... 00 65 30 84 49 20 00 57 69 6E 42 6F 6F 73 74 2E | .e0.I .WinBoost. 6C 6E 6B 00 57 49 4E 42 4F 4F 53 54 2E 4C 4E 4B | lnk.WINBOOST.LNK 00 63 00 00 00 02 00 00 00 24 00 32 00 7C 01 00 | .c.......$.2.|.. 00 65 30 51 0E 20 00 57 69 6E 52 41 52 2E 6C 6E | .e0Q. .WinRAR.ln 6B 00 57 49 4E 52 41 52 2E 4C 4E 4B 00 63 00 00 | k.WINRAR.LNK.c.. 00 02 00 00 00 00 00 D1 7F | ........ New value: Type: REG_BINARY Length: 615 byte(s) 1C 00 00 00 01 00 00 00 00 00 00 00 00 00 30 00 | ..............0. 00 00 00 00 01 00 00 00 FF FF FF FF F0 F0 F0 F0 | ................ 14 00 03 00 67 02 00 00 00 00 00 00 00 00 00 00 | ....g........... 16 00 00 00 02 00 00 00 14 00 1F 0F E0 4F D0 20 | .............O. EA 3A 69 10 A2 D8 08 00 2B 30 30 9D 16 00 00 00 | .:i.....+00..... 4D 00 00 00 14 00 1F 10 BA 8F 0D 45 25 AD D0 11 | M..........E%... 98 A8 08 00 36 1B 11 03 12 00 00 00 8F 00 00 00 | ....6........... 14 00 1F 2D 60 2C 8D 20 EA 3A 69 10 A2 D7 08 00 | ...-`,. .:i..... 2B 30 30 9D B0 00 00 00 02 00 00 00 14 00 1F 00 | +00............. 3C D8 E9 7B 29 A7 97 4D B5 A7 1B 73 13 C3 9E 0A | <..{)..M...s.... 1A 00 00 00 DF 00 00 00 14 00 1F 00 40 F0 5F 64 | ............@._d 81 50 1B 10 9F 08 00 AA 00 2F 95 4E 1A 00 00 00 | .P......./.N.... 34 01 00 00 32 00 B1 00 00 00 00 00 64 30 21 7C | 4...2.......d0!| 11 00 CE D2 B5 C4 B9 AB CE C4 B0 FC 00 CE D2 B5 | ................ C4 B9 AB 7E 31 00 20 D9 BB 85 A0 42 69 10 A2 E4 | ...~1. ....Bi... 08 00 2B 30 30 9D 63 00 00 00 98 00 00 00 2B 00 | ..+00.c.......+. 32 00 C7 03 00 00 65 30 20 56 20 00 4D 53 2D 44 | 2.....e0 V .MS-D 4F 53 20 B7 BD CA BD 2E 70 69 66 00 4D 53 2D 44 | OS .....pif.MS-D 4F 53 7E 31 2E 50 49 46 00 63 00 00 00 EB 00 00 | OS~1.PIF.c...... 00 28 00 32 00 71 01 00 00 65 30 79 47 20 00 4D | .(.2.q...e0yG .M 77 49 45 32 30 30 34 2E 6C 6E 6B 00 4D 57 49 45 | wIE2004.lnk.MWIE 32 30 30 34 2E 4C 4E 4B 00 63 00 00 00 4D 00 00 | 2004.LNK.c...M.. 00 32 00 32 00 BE 01 00 00 65 30 82 18 20 00 50 | .2.2.....e0.. .P 61 72 74 69 74 69 6F 6E 4D 61 67 69 63 20 38 2E | artitionMagic 8. 30 2E 6C 6E 6B 00 50 41 52 54 49 54 7E 31 2E 4C | 0.lnk.PARTIT~1.L 4E 4B 00 16 00 00 00 C4 01 00 00 26 00 32 00 66 | NK.........&.2.f 01 00 00 68 30 90 51 20 00 52 65 67 53 6E 61 70 | ...h0.Q .RegSnap 2E 6C 6E 6B 00 52 45 47 53 4E 41 50 2E 4C 4E 4B | .lnk.REGSNAP.LNK 00 16 00 00 00 79 01 00 00 36 00 32 00 5A 01 00 | .....y...6.2.Z.. 00 68 30 AE 11 20 00 56 69 73 75 61 6C 20 42 61 | .h0.. .Visual Ba 73 69 63 20 36 2E 30 BE AB BC F2 B0 E6 2E 6C 6E | sic 6.0.......ln 6B 00 56 49 53 55 41 4C 42 41 2E 4C 4E 4B 00 66 | k.VISUALBA.LNK.f 00 00 00 26 01 00 00 28 00 32 00 B0 01 00 00 65 | ...&...(.2.....e 30 84 49 20 00 57 69 6E 42 6F 6F 73 74 2E 6C 6E | 0.I .WinBoost.ln 6B 00 57 49 4E 42 4F 4F 53 54 2E 4C 4E 4B 00 63 | k.WINBOOST.LNK.c 00 00 00 02 00 00 00 24 00 32 00 7C 01 00 00 65 | .......$.2.|...e 30 51 0E 20 00 57 69 6E 52 41 52 2E 6C 6E 6B 00 | 0Q. .WinRAR.lnk. 57 49 4E 52 41 52 2E 4C 4E 4B 00 63 00 00 00 02 | WINRAR.LNK.c.... 00 00 00 00 00 D1 7F | ...... HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings Old value: Type: REG_BINARY Length: 56 byte(s) 3C 00 00 00 60 00 00 00 01 00 00 00 00 00 00 00 | <...`........... 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 | ................ E0 60 77 05 52 02 C4 01 01 00 00 00 C0 A8 83 48 | .`w.R..........H 00 00 00 00 00 00 00 00 | ........ New value: Type: REG_BINARY Length: 56 byte(s) 3C 00 00 00 64 00 00 00 01 00 00 00 00 00 00 00 | <...d........... 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 | ................ E0 60 77 05 52 02 C4 01 01 00 00 00 C0 A8 83 48 | .`w.R..........H 00 00 00 00 00 00 00 00 | ........ HKEY_USERS\.DEFAULT\Software\Vitas\regsnap\main\VERINFO Old value: DWORD: 0 (0) New value: DWORD: 1 (0x1) -------------- Total positions: 12 新增的键 HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\FindFlags Value: DWORD: 14 (0xe) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\View Value: Type: REG_BINARY Length: 60 byte(s) 2C 00 00 00 00 00 00 00 01 00 00 00 FF FF FF FF | ,............... FF FF FF FF FF FF FF FF FF FF FF FF 46 00 00 00 | ............F... 86 00 00 00 9E 02 00 00 21 02 00 00 D8 00 00 00 | ........!....... 78 00 00 00 20 01 00 00 01 00 00 00 | x... ....... HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU\63 Value: Type: REG_BINARY Length: 71 byte(s) 14 00 1F 0F E0 4F D0 20 EA 3A 69 10 A2 D8 08 00 | .....O. .:i..... 2B 30 30 9D 19 00 23 43 3A 5C 00 00 80 F3 6F 02 | +00...#C:\....o. 00 00 00 00 00 8E 54 02 00 00 00 11 EE 18 00 31 | ......T........1 00 00 00 00 00 68 30 4D 54 10 00 7A 73 68 79 00 | .....h0MT..zshy. 5A 53 48 59 00 00 00 | ZSHY... HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\63\CabView Value: Type: REG_BINARY Length: 92 byte(s) 5C 00 00 00 02 00 00 00 03 00 00 00 FF FF FF FF | \............... FF FF FF FF FF FF FF FF FF FF FF FF 00 00 00 00 | ................ 00 00 00 00 A0 01 00 00 84 01 00 00 01 00 00 00 | ................ 00 00 00 00 F0 A0 31 7F 00 00 00 00 76 FE C1 00 | ......1....v... 07 00 00 00 E0 D0 57 00 73 35 CF 11 AE 69 08 00 | ......W.s5...i.. 2B 2E 12 62 01 00 00 00 00 00 00 00 | +..b........ HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\63\ViewView2 Value: Type: REG_BINARY Length: 48 byte(s) 1C 00 00 00 01 00 00 00 00 00 00 00 00 00 30 00 | ..............0. 00 00 00 00 01 00 00 00 FF FF FF FF F0 F0 F0 F0 | ................ 14 00 03 00 30 00 00 00 00 00 00 00 00 00 00 00 | ....0........... HKEY_USERS\.DEFAULT\Software\Vitas\regsnap\estimFile\u_蓝水石-C:\WINDOWS\*.* Value: DWORD: 209 (0xd1) HKEY_USERS\.DEFAULT\Software\Vitas\regsnap\estimFile\u_蓝水石-C:\WINDOWS\SYSTEM\*.* Value: DWORD: 914 (0x392) HKEY_USERS\.DEFAULT\Software\Vitas\regsnap\estimReg\f_蓝水石 Value: DWORD: 31130 (0x799a) HKEY_USERS\.DEFAULT\Software\Vitas\regsnap\Recent File List\File1 Value: String: "C:\My Documents\注册表\rg-QINGWA-蓝水石-030804182012.rgs" -------------- Total positions: 9 -------------------------------------------------------------------------------- 文件列表位于 C:\WINDOWS\*.* 统计信息: 被删除的文件: 0 被修改的文件: 4 新增加的文件: 0 被修改的文件 msimgsiz.dat 旧的: 大小: 16 384 , 日期/时间: 2004年03月08日 1134 新的: 大小: 16 384 , 日期/时间: 2004年03月08日 1834 system.dat 旧的: 大小: 2 474 016 , 日期/时间: 2004年03月08日 1820 新的: 大小: 2 474 016 , 日期/时间: 2004年03月08日 1834 user.dat 旧的: 大小: 180 256 , 日期/时间: 2004年03月08日 1820 新的: 大小: 180 256 , 日期/时间: 2004年03月08日 1836 win386.swp 旧的: 大小: 37 748 736 , 日期/时间: 2004年03月08日 1822 新的: 大小: 62 914 560 , 日期/时间: 2004年03月08日 1835 -------------- Total positions: 4 -------------------------------------------------------------------------------- 文件列表位于 C:\WINDOWS\SYSTEM\*.* 统计信息: 被删除的文件: 0 被修改的文件: 0 新增加的文件: 0 -------------------------------------------------------------------------------- win.ini 报告 统计信息: 被删除的键: 0 被修改的键 : 0 新增的键: 0 -------------------------------------------------------------------------------- system.ini 报告 统计信息: 被删除的键: 0 被修改的键 : 0 新增的键: 0 -------------------------------------------------------------------------------- c:\autoexec.bat 报告 未更改 -------------------------------------------------------------------------------- c:\config.sys 报告 未更改  |
| 地主 发表时间: 04-03-09 19:12 |
 | 回复: raymondw [raymondw]  论坛用户 |
登录 |
|
是不是太多了 杀毒吧 |
| B1层 发表时间: 04-03-11 11:05 |
|
20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon
粤ICP备05087286号
论坛: 黑客进阶 标题: 这回我找到它了!帮我看看!都在我机子里做了什么!谢谢!!