收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 VT 1 / 46 999.dll 三九胃泰荣誉归来~~改进版,安全 ...
1 ...303132333435363738... 53下一页
返回列表 发新帖
楼主: firefox3
 收起左侧

[可疑文件] VT 1 / 46 999.dll 三九胃泰荣誉归来~~改进版,安全模式锁屏!!N 家杀软主防测试

  [复制链接]
firefox3
 楼主| 发表于 2013-1-14 11:58:58 | 显示全部楼层
katatlove 发表于 2013-1-14 05:13
我觉得有几个很关键的地方想不通,首先我遇到的2次安全模式被锁,之前都是可以成功进入安全模式的,也就是 ...

重启归来,岁月静好,现世安稳 等会我测试一下OA

刚才测试的进程截图

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

蓝核
发表于 2013-1-14 12:10:36 | 显示全部楼层
firefox3 发表于 2013-1-14 11:58
重启归来,岁月静好,现世安稳 等会我测试一下OA

刚才测试的进程截图

手机党表示看的过瘾,大明湖畔的tf和妈妈图了?表示愿意人气相赠~看来看去,还是老牌子比较奇葩。。。咖啡和诺顿想不到啊。果然手动比较。。。。
回复

举报

firefox3
 楼主| 发表于 2013-1-14 12:16:29 | 显示全部楼层
蓝核 发表于 2013-1-14 12:10
手机党表示看的过瘾,大明湖畔的tf和妈妈图了?表示愿意人气相赠~看来看去,还是老牌子比较奇葩。。。咖 ...

联系K同学吧
回复

举报

firefox3
 楼主| 发表于 2013-1-14 12:29:10 | 显示全部楼层
katatlove 发表于 2013-1-14 05:13
我觉得有几个很关键的地方想不通,首先我遇到的2次安全模式被锁,之前都是可以成功进入安全模式的,也就是 ...


win7 64位 SBie中运行三九胃泰,OA监控,全程无启动项拦截,OA防御失败,查看启动项,无添加三九胃泰启动项,SBie3.46防御成功!











本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

蓝核
发表于 2013-1-14 12:37:31 | 显示全部楼层
katatlove 发表于 2013-1-14 05:13
我觉得有几个很关键的地方想不通,首先我遇到的2次安全模式被锁,之前都是可以成功进入安全模式的,也就是 ...

K同学要不要辛苦测试下TF和妈妈图?给人气思密达~
回复

举报

firefox3
 楼主| 发表于 2013-1-14 13:03:30 | 显示全部楼层
蓝核 发表于 2013-1-14 12:10
手机党表示看的过瘾,大明湖畔的tf和妈妈图了?表示愿意人气相赠~看来看去,还是老牌子比较奇葩。。。咖 ...

Mamutu 未拦截到SBie内运行的三九胃泰添加启动项,锁屏,重启之后SBie防御成功桌面解锁!

最后一张截图是实机截图,截的是虚拟机被锁屏。第二张截图可以无视。







本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
蓝核 + 1 感谢支持,欢迎常来: )

查看全部评分

回复

举报

QQ1620493525
头像被屏蔽
发表于 2013-1-14 13:27:42 | 显示全部楼层
TF求PM
回复

举报

firefox3
 楼主| 发表于 2013-1-14 13:47:35 | 显示全部楼层
katatlove 发表于 2013-1-12 14:42
这个,估计又得灭一大片了. 求PM

文件: C:\Users\Firefox3\Desktop\新建文件夹 (2)\999.dll
大小: 244224 字节
修改时间: 2013年1月14日, 13:45:35
MD5: 27BAA226FC2FCE551B2DD7601D3851AE
SHA1: 597467375AA4B6A58E8DB37AF6EC25ABC28B3CD1
CRC32: 3911096B

三九胃泰又更新了~~

文件: C:\Users\Firefox3\Desktop\999.dll
大小: 253440 字节
修改时间: 2013年1月14日, 12:17:03
MD5: FB0A4D1CCAD1E4DD5536B0566AC4D5D6
SHA1: 272EB0029C6E5B180CACF983F155AF128868644F
CRC32: EC30D650
回复

举报

aice7837
发表于 2013-1-14 14:15:08 | 显示全部楼层
katatlove 发表于 2013-1-14 05:13
我觉得有几个很关键的地方想不通,首先我遇到的2次安全模式被锁,之前都是可以成功进入安全模式的,也就是 ...

求测op
回复

举报

firefox3
 楼主| 发表于 2013-1-14 14:19:31 | 显示全部楼层
aice7837 发表于 2013-1-14 14:15
求测op

我来吧,K同学估计睡觉呢

先给你看看  三九胃泰的兄弟,也是蛮强悍的,毛豆成功防御

2013-01-14 14:12:49         C:\Documents and Settings\Administrator\桌面\31.44.184.51F000015.dll         Sandbox中运行         部分限制
2013-01-14 14:12:50         C:\WINDOWS\system32\rundll32.exe         Sandbox中运行         部分限制
2013-01-14 14:12:50         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\All Users\Application Data\13.pad
2013-01-14 14:12:50         C:\WINDOWS\system32\rundll32.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609
2013-01-14 14:12:50         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2013-01-14 14:12:51         C:\WINDOWS\system32\ctfmon.exe         Sandbox中运行         部分限制
2013-01-14 14:12:51         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2013-01-14 14:12:51         C:\WINDOWS\system32\rundll32.exe         Sandbox中运行         部分限制
2013-01-14 14:12:52         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2013-01-14 14:12:53         C:\WINDOWS\system32\ctfmon.exe         Sandbox中运行         部分限制
2013-01-14 14:12:53         C:\WINDOWS\system32\rundll32.exe         Sandbox中运行         部分限制
2013-01-14 14:12:54         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2013-01-14 14:12:54         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2013-01-14 14:12:55         C:\WINDOWS\system32\ctfmon.exe         Sandbox中运行         部分限制
2013-01-14 14:12:55         C:\WINDOWS\system32\rundll32.exe         Sandbox中运行         部分限制
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{6C75FB27-5E11-11E2-A1E0-506313B49FD4}.dat
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
2013-01-14 14:12:55         C:\Documents and Settings\Administrator\桌面\31.44.184.51F000015.dll         访问内存         C:\WINDOWS\system32\ctfmon.exe
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
2013-01-14 14:12:55         C:\Documents and Settings\Administrator\桌面\31.44.184.51F000015.dll         访问内存         C:\WINDOWS\system32\ctfmon.exe
2013-01-14 14:12:55         C:\WINDOWS\system32\ctfmon.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6C75FB28-5E11-11E2-A1E0-506313B49FD4}.dat
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:12:55         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\All Users\Application Data\13.pad
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:12:55         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\All Users\Application Data\13.pad
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:12:55         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\All Users\Application Data\13.pad
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:12:55         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:12:56         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2013-01-14 14:12:56         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2013-01-14 14:12:57         C:\WINDOWS\system32\ctfmon.exe         Sandbox中运行         部分限制
2013-01-14 14:12:58         C:\WINDOWS\system32\rundll32.exe         Sandbox中运行         部分限制
2013-01-14 14:12:58         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2013-01-14 14:12:58         C:\Program Files\Internet Explorer\IEXPLORE.EXE         Sandbox中运行         部分限制
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:13:18         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:18         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:18         C:\WINDOWS\system32\rundll32.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}\InprocServer32
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:18         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:18         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:13:23         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
2013-01-14 14:13:33         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
2013-01-14 14:13:33         C:\WINDOWS\system32\ctfmon.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{6DA4C5CE-5E11-11E2-A1E0-506313B49FD4}.dat
2013-01-14 14:13:33         C:\Documents and Settings\Administrator\桌面\31.44.184.51F000015.dll         访问内存         C:\WINDOWS\system32\ctfmon.exe
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:33         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:33         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:33         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6DA4C5CF-5E11-11E2-A1E0-506313B49FD4}.dat
2013-01-14 14:13:42         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\All Users\Application Data\13.pad
2013-01-14 14:13:42         C:\WINDOWS\system32\rundll32.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:42         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:42         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2013-01-14 14:13:42         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}\InprocServer32
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:50         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:50         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{6EC54258-5E11-11E2-A1E0-506313B49FD4}.dat
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:50         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
2013-01-14 14:13:59         C:\Documents and Settings\Administrator\桌面\31.44.184.51F000015.dll         访问内存         C:\WINDOWS\system32\ctfmon.exe
2013-01-14 14:13:59         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
2013-01-14 14:13:59         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:59         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:59         C:\Documents and Settings\Administrator\桌面\31.44.184.51F000015.dll         访问内存         C:\WINDOWS\system32\ctfmon.exe
2013-01-14 14:13:59         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:59         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2013-01-14 14:13:59         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:59         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:59         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:59         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:59         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:59         C:\WINDOWS\system32\ctfmon.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe
2013-01-14 14:13:59         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:13:59         C:\WINDOWS\system32\ctfmon.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\internat.exe
2013-01-14 14:13:59         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:13:59         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:13:59         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:13:59         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\All Users\Application Data\13.pad
2013-01-14 14:13:59         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:07         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:07         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:07         C:\WINDOWS\system32\rundll32.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609
2013-01-14 14:14:07         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:07         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}\InprocServer32
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2013-01-14 14:14:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:14         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{7017D044-5E11-11E2-A1E0-506313B49FD4}.dat
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
2013-01-14 14:14:22         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2013-01-14 14:14:31         C:\Documents and Settings\Administrator\桌面\31.44.184.51F000015.dll         访问内存         C:\WINDOWS\system32\ctfmon.exe
2013-01-14 14:14:31         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:31         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:31         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:31         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:31         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2013-01-14 14:14:31         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:31         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:14:31         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:31         C:\WINDOWS\system32\ctfmon.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe
2013-01-14 14:14:31         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:31         C:\WINDOWS\system32\ctfmon.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\internat.exe
2013-01-14 14:14:31         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2013-01-14 14:14:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:31         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:40         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:40         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\All Users\Application Data\13.pad
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:40         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\All Users\Application Data\13.pad
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5
2013-01-14 14:14:40         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:14:49         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:49         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\All Users\Application Data\13.js
2013-01-14 14:14:49         C:\WINDOWS\system32\rundll32.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:49         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:49         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:14:49         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:49         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:49         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:56         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:56         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\History
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改注册表项         HKUS\S-1-5-21-789336058-1708537768-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
2013-01-14 14:14:56         C:\Program Files\Internet Explorer\iexplore.exe         修改文件         C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
2013-01-14 14:14:56         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:56         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:56         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:14:56         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:05         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:14         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\Documents and Settings\Administrator\桌面\31.44.184.51F000015.dll         访问内存         C:\WINDOWS\system32\ctfmon.exe
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:22         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:31         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
2013-01-14 14:15:37         C:\WINDOWS\system32\rundll32.exe         修改文件         C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\runctf.lnk
报告结束
回复

举报

下一页 »
1 ...303132333435363738... 53下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-1-11 00:36 , Processed in 0.098545 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表