 |
|
| 感谢分享 |
|
感谢分享 |
| 感谢分享 |
| 感谢分享 |
| 傻瓜式操作 |
| 谢谢楼主分享 |
| 还好没使用,谢谢大家的提醒 |
| 感谢分享 |
| 感谢分享 |
| 感谢分享 |
| 试试看好用吗 |
| 火绒毫无反应,什么杀毒软件可用? |
|
Windows Registry Editor Version 5.00 ;固态硬盘优化 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction] "Enable"="n" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Memory Management\PrefetchParameters] "EnablePrefetcher"=dword:00000000 ;关闭错误报告 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting] "Disabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting] "DoReport"=dword:00000000 "ShowUI"=dword:00000000 ;关闭系统还原 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "RPSessionInterval"=dword:00000000 "DisableSR"=dword:00000001 "CreateFirstRunRp"=dword:00000000 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPP\Clients] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] "DisableSR"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer] "LimitSystemRestoreCheckpointing"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction] "Enable"="n" ;关闭用户账户控制(UAC) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=dword:00000000 "EnableLUA"=dword:00000000 ;记事本自动换行 [HKEY_CURRENT_USER\Software\Microsoft\Notepad] "fWrap"=dword:00000001 ;减少关机等待时间 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control] "WaitToKillServiceTimeout"="0" [HKEY_CURRENT_USER\Control Panel\Desktop] "HungAppTimeout"="3000" "WaitToKillAppTimeout"="10000" ;禁用驱动签名 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Driver Signing] "Policy"=hex:01 [HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows NT\Driver Signing] "BehaviorOnFailedVerify"=dword:00000000 ;禁止U盘等所有磁盘自动运行(保留光盘自动播放) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=dword:000000ff [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=dword:000000ff [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR] "AutoRun"=dword:000000ff [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\USBSTOR] "AutoRun"=dword:000000ff [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cdrom] "Autorun"=dword:000000ff [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdrom] "Autorun"=dword:000000ff ;禁止远程修改注册表 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SECUREPIPESERVERS\WINREG] "remoteregaccess"=dword:00000001 ;开启win10护眼 [HKEY_CURRENT_USER\Control Panel\Colors] "Window"="202 234 206" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\DefaultColors\Standard] "Window"=dword:00caeace ;任务栏时间显示秒 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "ShowSecondsInSystemClock"=dword:00000001 ;设置默认保留带宽为0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters] "Tcp1323Opts"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Psched] "NonBestEffortLimit"=dword:00000000 ;修改状态栏透明度 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "UseOLEDTaskbarTransparency"=dword:00000001 |
| C:\PHP5433\goopdate.exe 白文件 C:\PHP5433\goopdate.dll 黑文件,用来给两个exe添加启动项 C:\PHP5433\sdiagnhost.exe 远控木马主体 远控连接地址:ffcc1.casacam.net (45.195.198.207) |
|
该用户发布的程序捆绑远控木马,请下载运行过的同学尽快杀毒,远控利用白加黑启动,木马路径: C:\PHP5433\goopdate.exe 白文件 C:\PHP5433\goopdate.dll 黑文件,用来给两个exe添加启动项 C:\PHP5433\sdiagnhost.exe 远控木马主体 远控连接地址:ffcc1.casacam.net (45.195.198.207) |
|
本帖最后由 201027149 于 2024-4-15 16:22 编辑 https://www.52pojie.cn/thread-1905288-1-1.html 大家小心 防止有人看不见链接,贴个图吧。 |
1.png (410.86 KB, 下载次数: 54)
| 我想问你这个软件也没个恢复选项,我不想用了 咋改回去啊 |
| 直接被杀毒软件 干掉了 |
| 看着不错,谢谢分享 |
| 感谢分享 |
| 感谢辛苦提供分享! |
| 谢谢分享 |
| 得着好像不错,下载试用一下! |
| 感谢分享 |
| 看着不错 感谢分享 |
| 下载试用下,感谢 |
| 感谢分享 |
| 试试 |
|
谢谢分享 |
Powered by Discuz! X3.3
© 2001-2017 Comsenz Inc.
组图打开中,请稍候......
收藏
支持
反对
