收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 样本(更新)(有沙盘、影子的童靴,请关闭web 黑名单再 ...
12345678下一页
返回列表 发新帖
查看: 10363|回复: 75
收起左侧

[可疑文件] 样本(更新)(有沙盘、影子的童靴,请关闭web 黑名单再进毒网,慎重!)

  [复制链接]
firefox3
发表于 2012-12-4 12:48:45 | 显示全部楼层 |阅读模式
本帖最后由 firefox3 于 2012-12-5 11:39 编辑

(以进入毒网后,wgsdgsdgdsgsd.exe进入本地的行为为准)

https://www.virustotal.com/file/ ... nalysis/1354596056/


想进毒网体验一下的看这里:

attack.piratearpsp.info/r/l/set_letter_misunderstood.php

自行携带Fan{过}{滤}Qiang工具,jre-7u5-windows-i586.exe

保证您会有超值的体验 comodo拦截记录在六楼

还等什么,只要998~~




https://www.virustotal.com/file/ ... nalysis/1354608968/


无法运行的,请看 http://bbs.kafan.cn/thread-1422889-2-1.html 11楼

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

消停
头像被屏蔽
发表于 2012-12-4 12:56:59 | 显示全部楼层
诺顿扫描miss
回复

举报

hddu
发表于 2012-12-4 12:59:56 | 显示全部楼层
不是有效的win32应用程序
回复

举报

coldwinter
发表于 2012-12-4 13:00:24 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

CIA
发表于 2012-12-4 13:02:09 | 显示全部楼层
费尔  云鉴定  是病毒
回复

举报

firefox3
 楼主| 发表于 2012-12-4 13:07:32 | 显示全部楼层
hddu 发表于 2012-12-4 12:59
不是有效的win32应用程序


2012-12-04 13:01:44         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         Sandbox中运行         部分限制
2012-12-04 13:01:44         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         Sandbox中运行         部分限制
2012-12-04 13:01:45         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         Sandbox中运行         部分限制
2012-12-04 13:01:47         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2012-12-04 13:01:48         C:\WINDOWS\system32\ctfmon.exe         Sandbox中运行         部分限制
2012-12-04 13:01:48         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2012-12-04 13:01:49         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\All Users\Application Data\REGSVR32.EXE-x.txt
2012-12-04 13:01:49         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\All Users\Application Data\RUNDLL32.EXE-x.txt
2012-12-04 13:01:49         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609
2012-12-04 13:01:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:01:49         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:01:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:01:49         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:01:49         C:\WINDOWS\system32\ctfmon.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe
2012-12-04 13:01:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{B445D53D-3DCF-11E2-A222-506313B49FD4}.dat
2012-12-04 13:01:51         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         Sandbox中运行         部分限制
2012-12-04 13:01:52         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2012-12-04 13:01:53         C:\WINDOWS\system32\ctfmon.exe         Sandbox中运行         部分限制
2012-12-04 13:01:53         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:01:54         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\All Users\Application Data\IEXPLORE.EXE-x.txt
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\InprocServer32
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\All Users\Application Data\IEXPLORE.EXE-x.txt
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:01:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:01:56         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         Sandbox中运行         部分限制
2012-12-04 13:01:58         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2012-12-04 13:01:58         C:\WINDOWS\system32\ctfmon.exe         Sandbox中运行         部分限制
2012-12-04 13:01:59         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2012-12-04 13:02:02         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         Sandbox中运行         部分限制
2012-12-04 13:02:04         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2012-12-04 13:02:05         C:\WINDOWS\system32\ctfmon.exe         Sandbox中运行         部分限制
2012-12-04 13:02:06         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2012-12-04 13:02:08         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         Sandbox中运行         部分限制
2012-12-04 13:02:10         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:39         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:39         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\All Users\Application Data\RUNDLL32.EXE-x.txt
2012-12-04 13:02:39         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609
2012-12-04 13:02:39         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:02:39         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{B77C6087-3DCF-11E2-A222-506313B49FD4}.dat
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
2012-12-04 13:02:39         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:39         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:39         C:\WINDOWS\system32\ctfmon.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe
2012-12-04 13:02:40         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         Sandbox中运行         部分限制
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:44         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\InprocServer32
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B77C6088-3DCF-11E2-A222-506313B49FD4}.dat
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:44         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:02:44         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2012-12-04 13:02:44         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:44         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:44         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2012-12-04 13:02:57         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:57         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\All Users\Application Data\IEXPLORE.EXE-x.txt
2012-12-04 13:02:57         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:57         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:57         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:57         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\All Users\Application Data\RUNDLL32.EXE-x.txt
2012-12-04 13:02:57         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:57         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.pad
2012-12-04 13:02:57         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609
2012-12-04 13:02:57         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:57         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:57         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:57         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:02:57         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:02:57         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:02:57         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{BABC7539-3DCF-11E2-A222-506313B49FD4}.dat
2012-12-04 13:02:57         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
2012-12-04 13:02:57         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:57         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:02:57         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:05         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:05         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:05         C:\WINDOWS\system32\ctfmon.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BABC753A-3DCF-11E2-A222-506313B49FD4}.dat
2012-12-04 13:03:05         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:05         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:05         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:05         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2012-12-04 13:03:05         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\InprocServer32
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:11         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:11         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\All Users\Application Data\IEXPLORE.EXE-x.txt
2012-12-04 13:03:11         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:11         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\All Users\Application Data\IEXPLORE.EXE-x.txt
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:11         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:11         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:11         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:11         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\All Users\Application Data\RUNDLL32.EXE-x.txt
2012-12-04 13:03:18         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:18         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:18         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.pad
2012-12-04 13:03:18         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:18         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat
2012-12-04 13:03:18         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609
2012-12-04 13:03:18         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:18         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:18         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:27         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat
2012-12-04 13:03:35         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:46         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:46         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2012-12-04 13:03:46         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:46         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:03:46         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:46         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:54         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
2012-12-04 13:03:54         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:54         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
2012-12-04 13:03:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:54         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:54         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:54         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:54         C:\WINDOWS\system32\ctfmon.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe
2012-12-04 13:03:54         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:54         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{BEC26D19-3DCF-11E2-A222-506313B49FD4}.dat
2012-12-04 13:03:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:54         C:\Documents and Settings\Administrator\wgsdgsdgdsgsd.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2012-12-04 13:03:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2012-12-04 13:03:54         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:03:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:54         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2012-12-04 13:03:54         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2012-12-04 13:03:54         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
报告结束
回复

举报

firefox3
 楼主| 发表于 2012-12-4 13:08:25 | 显示全部楼层
hddu 发表于 2012-12-4 12:59
不是有效的win32应用程序

我可以把毒网地址给你,你自己提取一下
回复

举报

will
发表于 2012-12-4 13:11:22 | 显示全部楼层

WIN8下无法运行

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

7758521wang
发表于 2012-12-4 13:12:19 | 显示全部楼层
360未知  小红伞扫描miss
回复

举报

firefox3
 楼主| 发表于 2012-12-4 13:12:35 | 显示全部楼层
will 发表于 2012-12-4 13:11

想运行的话,我可以把毒网地址给你,直接进毒网看comodo的拦截记录就知道很爽的
回复

举报

下一页 »
12345678下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-24 06:24 , Processed in 0.138963 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表