收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 卡巴不报!MD5: FCC8C6
12345678下一页
返回列表 发新帖
楼主: tiancun
 收起左侧

[病毒样本] 卡巴不报!MD5: FCC8C6

[复制链接]
SONGBOWEN
发表于 2007-11-6 13:45:09 | 显示全部楼层
  1. 2007-11-06 13:32:30    创建注册表值      操作:允许
  2. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  3. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe
  4. 注册表名称:[Key]
  5. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  8. 2007-11-06 13:32:30    创建注册表值      操作:允许
  9. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  10. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe
  11. 注册表名称:Debugger
  12. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  13. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  16. 2007-11-06 13:32:30    创建注册表值      操作:允许
  17. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  18. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe
  19. 注册表名称:[Key]
  20. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  23. 2007-11-06 13:32:30    创建注册表值      操作:允许
  24. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  25. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe
  26. 注册表名称:Debugger
  27. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  28. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  31. 2007-11-06 13:32:31    创建注册表值      操作:允许
  32. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  33. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe
  34. 注册表名称:[Key]
  35. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  38. 2007-11-06 13:32:31    创建注册表值      操作:允许
  39. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  40. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe
  41. 注册表名称:Debugger
  42. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  43. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  46. 2007-11-06 13:32:31    创建注册表值      操作:允许
  47. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  48. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KaScrScn.SCR
  49. 注册表名称:[Key]
  50. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  53. 2007-11-06 13:32:31    创建注册表值      操作:允许
  54. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  55. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KaScrScn.SCR
  56. 注册表名称:Debugger
  57. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  58. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  61. 2007-11-06 13:32:32    创建注册表值      操作:允许
  62. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  63. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe
  64. 注册表名称:[Key]
  65. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  68. 2007-11-06 13:32:32    创建注册表值      操作:允许
  69. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  70. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe
  71. 注册表名称:Debugger
  72. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  73. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  76. 2007-11-06 13:32:32    创建注册表值      操作:允许
  77. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  78. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe
  79. 注册表名称:[Key]
  80. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  83. 2007-11-06 13:32:32    创建注册表值      操作:允许
  84. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  85. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe
  86. 注册表名称:Debugger
  87. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  88. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  91. 2007-11-06 13:32:33    创建注册表值      操作:允许
  92. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  93. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe
  94. 注册表名称:[Key]
  95. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  98. 2007-11-06 13:32:33    创建注册表值      操作:允许
  99. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  100. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe
  101. 注册表名称:Debugger
  102. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  103. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  106. 2007-11-06 13:32:33    创建注册表值      操作:允许
  107. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  108. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe
  109. 注册表名称:[Key]
  110. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  113. 2007-11-06 13:32:34    创建注册表值      操作:允许
  114. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  115. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe
  116. 注册表名称:Debugger
  117. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  118. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  121. 2007-11-06 13:32:34    创建注册表值      操作:允许
  122. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  123. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe
  124. 注册表名称:[Key]
  125. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  128. 2007-11-06 13:32:34    创建注册表值      操作:允许
  129. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  130. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe
  131. 注册表名称:Debugger
  132. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  133. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  136. 2007-11-06 13:32:34    创建注册表值      操作:允许
  137. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  138. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe
  139. 注册表名称:[Key]
  140. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  143. 2007-11-06 13:32:35    创建注册表值      操作:允许
  144. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  145. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe
  146. 注册表名称:Debugger
  147. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  148. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  151. 2007-11-06 13:32:35    创建注册表值      操作:允许
  152. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  153. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe
  154. 注册表名称:[Key]
  155. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  158. 2007-11-06 13:32:35    创建注册表值      操作:允许
  159. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  160. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe
  161. 注册表名称:Debugger
  162. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  163. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  166. 2007-11-06 13:32:35    创建注册表值      操作:允许
  167. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  168. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe
  169. 注册表名称:[Key]
  170. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*
复制代码
回复

举报

SONGBOWEN
发表于 2007-11-6 13:45:30 | 显示全部楼层
  1. 2007-11-06 13:32:35    创建注册表值      操作:允许
  2. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  3. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe
  4. 注册表名称:Debugger
  5. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  6. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  9. 2007-11-06 13:32:36    创建注册表值      操作:允许
  10. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  11. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe
  12. 注册表名称:[Key]
  13. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  16. 2007-11-06 13:32:36    创建注册表值      操作:允许
  17. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  18. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe
  19. 注册表名称:Debugger
  20. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  21. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  24. 2007-11-06 13:32:36    创建注册表值      操作:允许
  25. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  26. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe
  27. 注册表名称:[Key]
  28. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  31. 2007-11-06 13:32:36    创建注册表值      操作:允许
  32. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  33. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe
  34. 注册表名称:Debugger
  35. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  36. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  39. 2007-11-06 13:32:37    修改注册表内容      操作:允许
  40. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  41. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe
  42. 注册表名称:Debugger
  43. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  44. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  47. 2007-11-06 13:32:37    创建注册表值      操作:允许
  48. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  49. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe
  50. 注册表名称:[Key]
  51. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  54. 2007-11-06 13:32:37    创建注册表值      操作:允许
  55. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  56. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe
  57. 注册表名称:Debugger
  58. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  59. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  62. 2007-11-06 13:32:37    修改注册表内容      操作:允许
  63. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  64. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPfwSvc.exe
  65. 注册表名称:Debugger
  66. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  67. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  70. 2007-11-06 13:32:38    创建注册表值      操作:允许
  71. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  72. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe
  73. 注册表名称:[Key]
  74. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  77. 2007-11-06 13:32:38    创建注册表值      操作:允许
  78. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  79. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe
  80. 注册表名称:Debugger
  81. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  82. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  85. 2007-11-06 13:32:38    创建注册表值      操作:允许
  86. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  87. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe
  88. 注册表名称:[Key]
  89. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  92. 2007-11-06 13:32:38    创建注册表值      操作:允许
  93. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  94. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe
  95. 注册表名称:Debugger
  96. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  97. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  100. 2007-11-06 13:32:38    创建注册表值      操作:允许
  101. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  102. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVCenter.kxp
  103. 注册表名称:[Key]
  104. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  107. 2007-11-06 13:32:39    创建注册表值      操作:允许
  108. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  109. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVCenter.kxp
  110. 注册表名称:Debugger
  111. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  112. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  115. 2007-11-06 13:32:39    创建注册表值      操作:允许
  116. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  117. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe
  118. 注册表名称:[Key]
  119. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  122. 2007-11-06 13:32:39    创建注册表值      操作:允许
  123. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  124. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe
  125. 注册表名称:Debugger
  126. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  127. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  130. 2007-11-06 13:32:39    创建注册表值      操作:允许
  131. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  132. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe
  133. 注册表名称:[Key]
  134. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  137. 2007-11-06 13:32:39    创建注册表值      操作:允许
  138. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  139. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe
  140. 注册表名称:Debugger
  141. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  142. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  145. 2007-11-06 13:32:40    创建注册表值      操作:允许
  146. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  147. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp
  148. 注册表名称:[Key]
  149. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  152. 2007-11-06 13:32:40    创建注册表值      操作:允许
  153. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  154. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp
  155. 注册表名称:Debugger
  156. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  157. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  160. 2007-11-06 13:32:40    创建注册表值      操作:允许
  161. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  162. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP_1.kxp
  163. 注册表名称:[Key]
  164. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  167. 2007-11-06 13:32:40    创建注册表值      操作:允许
  168. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  169. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP_1.kxp
  170. 注册表名称:Debugger
  171. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  172. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  175. 2007-11-06 13:32:40    创建注册表值      操作:允许
  176. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  177. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe
  178. 注册表名称:[Key]
  179. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  182. 2007-11-06 13:32:41    创建注册表值      操作:允许
  183. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  184. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe
  185. 注册表名称:Debugger
  186. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  187. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*
复制代码
回复

举报

SONGBOWEN
发表于 2007-11-6 13:46:00 | 显示全部楼层
  1. 2007-11-06 13:32:41    创建注册表值      操作:允许
  2. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  3. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe
  4. 注册表名称:[Key]
  5. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  8. 2007-11-06 13:32:41    创建注册表值      操作:允许
  9. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  10. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe
  11. 注册表名称:Debugger
  12. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  13. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  16. 2007-11-06 13:32:41    创建注册表值      操作:允许
  17. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  18. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVScan.kxp
  19. 注册表名称:[Key]
  20. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  23. 2007-11-06 13:32:41    创建注册表值      操作:允许
  24. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  25. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVScan.kxp
  26. 注册表名称:Debugger
  27. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  28. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  31. 2007-11-06 13:32:42    创建注册表值      操作:允许
  32. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  33. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe
  34. 注册表名称:[Key]
  35. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  38. 2007-11-06 13:32:42    创建注册表值      操作:允许
  39. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  40. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe
  41. 注册表名称:Debugger
  42. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  43. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  46. 2007-11-06 13:32:42    创建注册表值      操作:允许
  47. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  48. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVStub.kxp
  49. 注册表名称:[Key]
  50. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  53. 2007-11-06 13:32:43    创建注册表值      操作:允许
  54. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  55. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVStub.kxp
  56. 注册表名称:Debugger
  57. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  58. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  61. 2007-11-06 13:32:43    创建注册表值      操作:允许
  62. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  63. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe
  64. 注册表名称:[Key]
  65. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  68. 2007-11-06 13:32:43    创建注册表值      操作:允许
  69. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  70. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe
  71. 注册表名称:Debugger
  72. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  73. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  76. 2007-11-06 13:32:43    创建注册表值      操作:允许
  77. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  78. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe
  79. 注册表名称:[Key]
  80. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  83. 2007-11-06 13:32:44    创建注册表值      操作:允许
  84. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  85. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe
  86. 注册表名称:Debugger
  87. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  88. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  91. 2007-11-06 13:32:45    创建注册表值      操作:允许
  92. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  93. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp
  94. 注册表名称:[Key]
  95. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  98. 2007-11-06 13:32:45    创建注册表值      操作:允许
  99. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  100. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp
  101. 注册表名称:Debugger
  102. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  103. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  106. 2007-11-06 13:32:45    创建注册表值      操作:允许
  107. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  108. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP_1.kxp
  109. 注册表名称:[Key]
  110. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  113. 2007-11-06 13:32:45    创建注册表值      操作:允许
  114. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  115. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP_1.kxp
  116. 注册表名称:Debugger
  117. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  118. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  121. 2007-11-06 13:32:45    创建注册表值      操作:允许
  122. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  123. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe
  124. 注册表名称:[Key]
  125. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  128. 2007-11-06 13:32:46    创建注册表值      操作:允许
  129. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  130. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe
  131. 注册表名称:Debugger
  132. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  133. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  136. 2007-11-06 13:32:46    创建注册表值      操作:允许
  137. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  138. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe
  139. 注册表名称:[Key]
  140. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  143. 2007-11-06 13:32:46    创建注册表值      操作:允许
  144. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  145. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe
  146. 注册表名称:Debugger
  147. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  148. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  151. 2007-11-06 13:32:46    创建注册表值      操作:允许
  152. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  153. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe
  154. 注册表名称:[Key]
  155. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  158. 2007-11-06 13:32:46    创建注册表值      操作:允许
  159. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  160. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe
  161. 注册表名称:Debugger
  162. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  163. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  166. 2007-11-06 13:32:47    创建注册表值      操作:允许
  167. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  168. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loaddll.exe
  169. 注册表名称:[Key]
  170. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  173. 2007-11-06 13:32:47    创建注册表值      操作:允许
  174. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  175. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loaddll.exe
  176. 注册表名称:Debugger
  177. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  178. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  181. 2007-11-06 13:32:47    创建注册表值      操作:允许
  182. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  183. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe
  184. 注册表名称:[Key]
  185. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  188. 2007-11-06 13:32:47    创建注册表值      操作:允许
  189. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  190. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe
  191. 注册表名称:Debugger
  192. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  193. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  196. 2007-11-06 13:32:47    创建注册表值      操作:允许
  197. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  198. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe
  199. 注册表名称:[Key]
  200. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  203. 2007-11-06 13:32:48    创建注册表值      操作:允许
  204. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  205. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe
  206. 注册表名称:Debugger
  207. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  208. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  211. 2007-11-06 13:32:48    创建注册表值      操作:允许
  212. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  213. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe
  214. 注册表名称:[Key]
  215. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  218. 2007-11-06 13:32:48    创建注册表值      操作:允许
  219. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  220. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe
  221. 注册表名称:Debugger
  222. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  223. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  226. 2007-11-06 13:32:48    创建注册表值      操作:允许
  227. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  228. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe
  229. 注册表名称:[Key]
  230. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  233. 2007-11-06 13:32:48    创建注册表值      操作:允许
  234. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  235. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe
  236. 注册表名称:Debugger
  237. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  238. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*
复制代码
回复

举报

SONGBOWEN
发表于 2007-11-6 13:46:20 | 显示全部楼层
  1. 2007-11-06 13:32:49    创建注册表值      操作:允许
  2. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  3. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe
  4. 注册表名称:[Key]
  5. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  8. 2007-11-06 13:32:49    创建注册表值      操作:允许
  9. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  10. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe
  11. 注册表名称:Debugger
  12. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  13. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  16. 2007-11-06 13:32:49    创建注册表值      操作:允许
  17. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  18. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe
  19. 注册表名称:[Key]
  20. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  23. 2007-11-06 13:32:49    创建注册表值      操作:允许
  24. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  25. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe
  26. 注册表名称:Debugger
  27. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  28. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  31. 2007-11-06 13:32:49    创建注册表值      操作:允许
  32. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  33. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe
  34. 注册表名称:[Key]
  35. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  38. 2007-11-06 13:32:50    创建注册表值      操作:允许
  39. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  40. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe
  41. 注册表名称:Debugger
  42. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  43. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  46. 2007-11-06 13:32:50    创建注册表值      操作:允许
  47. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  48. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe
  49. 注册表名称:[Key]
  50. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  53. 2007-11-06 13:32:50    创建注册表值      操作:允许
  54. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  55. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe
  56. 注册表名称:Debugger
  57. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  58. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  61. 2007-11-06 13:32:50    创建注册表值      操作:允许
  62. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  63. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe
  64. 注册表名称:[Key]
  65. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  68. 2007-11-06 13:32:50    创建注册表值      操作:允许
  69. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  70. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe
  71. 注册表名称:Debugger
  72. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  73. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  76. 2007-11-06 13:32:51    创建注册表值      操作:允许
  77. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  78. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe
  79. 注册表名称:[Key]
  80. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  83. 2007-11-06 13:32:51    创建注册表值      操作:允许
  84. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  85. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe
  86. 注册表名称:Debugger
  87. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  88. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  91. 2007-11-06 13:32:51    修改注册表内容      操作:允许
  92. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  93. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.exe
  94. 注册表名称:Debugger
  95. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  96. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  99. 2007-11-06 13:32:51    创建注册表值      操作:允许
  100. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  101. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe
  102. 注册表名称:[Key]
  103. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  106. 2007-11-06 13:32:51    创建注册表值      操作:允许
  107. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  108. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe
  109. 注册表名称:Debugger
  110. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  111. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  114. 2007-11-06 13:32:52    创建注册表值      操作:允许
  115. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  116. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe
  117. 注册表名称:[Key]
  118. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  121. 2007-11-06 13:32:52    创建注册表值      操作:允许
  122. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  123. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe
  124. 注册表名称:Debugger
  125. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  126. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  129. 2007-11-06 13:32:52    创建注册表值      操作:允许
  130. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  131. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe
  132. 注册表名称:[Key]
  133. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  136. 2007-11-06 13:32:52    创建注册表值      操作:允许
  137. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  138. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe
  139. 注册表名称:Debugger
  140. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  141. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  144. 2007-11-06 13:32:52    创建注册表值      操作:允许
  145. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  146. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\irsetup.exe
  147. 注册表名称:[Key]
  148. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  151. 2007-11-06 13:32:53    创建注册表值      操作:允许
  152. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  153. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\irsetup.exe
  154. 注册表名称:Debugger
  155. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  156. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  159. 2007-11-06 13:32:53    创建注册表值      操作:允许
  160. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  161. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe
  162. 注册表名称:[Key]
  163. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  166. 2007-11-06 13:32:53    创建注册表值      操作:允许
  167. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  168. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe
  169. 注册表名称:Debugger
  170. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  171. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  174. 2007-11-06 13:32:53    创建注册表值      操作:允许
  175. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  176. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe
  177. 注册表名称:[Key]
  178. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  181. 2007-11-06 13:32:53    创建注册表值      操作:允许
  182. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  183. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe
  184. 注册表名称:Debugger
  185. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  186. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  189. 2007-11-06 13:32:54    创建注册表值      操作:允许
  190. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  191. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe
  192. 注册表名称:[Key]
  193. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  196. 2007-11-06 13:32:54    创建注册表值      操作:允许
  197. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  198. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe
  199. 注册表名称:Debugger
  200. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  201. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  204. 2007-11-06 13:32:54    创建注册表值      操作:允许
  205. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  206. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.EXE
  207. 注册表名称:[Key]
  208. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  211. 2007-11-06 13:32:54    创建注册表值      操作:允许
  212. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  213. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.EXE
  214. 注册表名称:Debugger
  215. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  216. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  219. 2007-11-06 13:32:55    创建注册表值      操作:允许
  220. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  221. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe
  222. 注册表名称:[Key]
  223. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  226. 2007-11-06 13:32:55    创建注册表值      操作:允许
  227. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  228. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe
  229. 注册表名称:Debugger
  230. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  231. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  234. 2007-11-06 13:32:55    创建注册表值      操作:允许
  235. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  236. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe
  237. 注册表名称:[Key]
  238. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  241. 2007-11-06 13:32:55    创建注册表值      操作:允许
  242. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  243. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe
  244. 注册表名称:Debugger
  245. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  246. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  249. 2007-11-06 13:32:55    创建注册表值      操作:允许
  250. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  251. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe
  252. 注册表名称:[Key]
  253. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  256. 2007-11-06 13:32:56    创建注册表值      操作:允许
  257. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  258. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe
  259. 注册表名称:Debugger
  260. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  261. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  264. 2007-11-06 13:32:56    创建注册表值      操作:允许
  265. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  266. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe
  267. 注册表名称:[Key]
  268. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  271. 2007-11-06 13:32:56    创建注册表值      操作:允许
  272. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  273. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe
  274. 注册表名称:Debugger
  275. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  276. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*
复制代码
回复

举报

SONGBOWEN
发表于 2007-11-6 13:46:44 | 显示全部楼层
  1. 2007-11-06 13:32:49    创建注册表值      操作:允许
  2. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  3. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe
  4. 注册表名称:[Key]
  5. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  8. 2007-11-06 13:32:49    创建注册表值      操作:允许
  9. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  10. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe
  11. 注册表名称:Debugger
  12. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  13. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  16. 2007-11-06 13:32:49    创建注册表值      操作:允许
  17. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  18. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe
  19. 注册表名称:[Key]
  20. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  23. 2007-11-06 13:32:49    创建注册表值      操作:允许
  24. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  25. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe
  26. 注册表名称:Debugger
  27. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  28. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  31. 2007-11-06 13:32:49    创建注册表值      操作:允许
  32. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  33. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe
  34. 注册表名称:[Key]
  35. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  38. 2007-11-06 13:32:50    创建注册表值      操作:允许
  39. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  40. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe
  41. 注册表名称:Debugger
  42. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  43. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  46. 2007-11-06 13:32:50    创建注册表值      操作:允许
  47. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  48. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe
  49. 注册表名称:[Key]
  50. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  53. 2007-11-06 13:32:50    创建注册表值      操作:允许
  54. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  55. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe
  56. 注册表名称:Debugger
  57. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  58. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  61. 2007-11-06 13:32:50    创建注册表值      操作:允许
  62. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  63. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe
  64. 注册表名称:[Key]
  65. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  68. 2007-11-06 13:32:50    创建注册表值      操作:允许
  69. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  70. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe
  71. 注册表名称:Debugger
  72. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  73. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  76. 2007-11-06 13:32:51    创建注册表值      操作:允许
  77. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  78. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe
  79. 注册表名称:[Key]
  80. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  83. 2007-11-06 13:32:51    创建注册表值      操作:允许
  84. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  85. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe
  86. 注册表名称:Debugger
  87. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  88. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  91. 2007-11-06 13:32:51    修改注册表内容      操作:允许
  92. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  93. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.exe
  94. 注册表名称:Debugger
  95. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  96. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  99. 2007-11-06 13:32:51    创建注册表值      操作:允许
  100. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  101. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe
  102. 注册表名称:[Key]
  103. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  106. 2007-11-06 13:32:51    创建注册表值      操作:允许
  107. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  108. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe
  109. 注册表名称:Debugger
  110. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  111. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  114. 2007-11-06 13:32:52    创建注册表值      操作:允许
  115. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  116. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe
  117. 注册表名称:[Key]
  118. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  121. 2007-11-06 13:32:52    创建注册表值      操作:允许
  122. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  123. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe
  124. 注册表名称:Debugger
  125. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  126. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  129. 2007-11-06 13:32:52    创建注册表值      操作:允许
  130. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  131. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe
  132. 注册表名称:[Key]
  133. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  136. 2007-11-06 13:32:52    创建注册表值      操作:允许
  137. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  138. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe
  139. 注册表名称:Debugger
  140. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  141. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  144. 2007-11-06 13:32:52    创建注册表值      操作:允许
  145. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  146. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\irsetup.exe
  147. 注册表名称:[Key]
  148. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  151. 2007-11-06 13:32:53    创建注册表值      操作:允许
  152. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  153. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\irsetup.exe
  154. 注册表名称:Debugger
  155. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  156. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  159. 2007-11-06 13:32:53    创建注册表值      操作:允许
  160. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  161. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe
  162. 注册表名称:[Key]
  163. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  166. 2007-11-06 13:32:53    创建注册表值      操作:允许
  167. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  168. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe
  169. 注册表名称:Debugger
  170. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  171. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  174. 2007-11-06 13:32:53    创建注册表值      操作:允许
  175. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  176. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe
  177. 注册表名称:[Key]
  178. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  181. 2007-11-06 13:32:53    创建注册表值      操作:允许
  182. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  183. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe
  184. 注册表名称:Debugger
  185. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  186. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  189. 2007-11-06 13:32:54    创建注册表值      操作:允许
  190. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  191. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe
  192. 注册表名称:[Key]
  193. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  196. 2007-11-06 13:32:54    创建注册表值      操作:允许
  197. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  198. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe
  199. 注册表名称:Debugger
  200. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  201. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  204. 2007-11-06 13:32:54    创建注册表值      操作:允许
  205. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  206. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.EXE
  207. 注册表名称:[Key]
  208. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  211. 2007-11-06 13:32:54    创建注册表值      操作:允许
  212. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  213. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.EXE
  214. 注册表名称:Debugger
  215. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  216. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  219. 2007-11-06 13:32:55    创建注册表值      操作:允许
  220. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  221. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe
  222. 注册表名称:[Key]
  223. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  226. 2007-11-06 13:32:55    创建注册表值      操作:允许
  227. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  228. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe
  229. 注册表名称:Debugger
  230. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  231. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  234. 2007-11-06 13:32:55    创建注册表值      操作:允许
  235. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  236. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe
  237. 注册表名称:[Key]
  238. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  241. 2007-11-06 13:32:55    创建注册表值      操作:允许
  242. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  243. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe
  244. 注册表名称:Debugger
  245. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  246. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  249. 2007-11-06 13:32:55    创建注册表值      操作:允许
  250. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  251. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe
  252. 注册表名称:[Key]
  253. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  256. 2007-11-06 13:32:56    创建注册表值      操作:允许
  257. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  258. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe
  259. 注册表名称:Debugger
  260. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  261. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  264. 2007-11-06 13:32:56    创建注册表值      操作:允许
  265. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  266. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe
  267. 注册表名称:[Key]
  268. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  271. 2007-11-06 13:32:56    创建注册表值      操作:允许
  272. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  273. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe
  274. 注册表名称:Debugger
  275. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  276. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*
复制代码
回复

举报

SONGBOWEN
发表于 2007-11-6 13:48:19 | 显示全部楼层
  1. 2007-11-06 13:32:56    创建注册表值      操作:允许
  2. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  3. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.kxp
  4. 注册表名称:[Key]
  5. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  8. 2007-11-06 13:32:57    创建注册表值      操作:允许
  9. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  10. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.kxp
  11. 注册表名称:Debugger
  12. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  13. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  16. 2007-11-06 13:32:57    创建注册表值      操作:允许
  17. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  18. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIHost.exe
  19. 注册表名称:[Key]
  20. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  23. 2007-11-06 13:32:57    创建注册表值      操作:允许
  24. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  25. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIHost.exe
  26. 注册表名称:Debugger
  27. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  28. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  31. 2007-11-06 13:32:57    创建注册表值      操作:允许
  32. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  33. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAgent.exe
  34. 注册表名称:[Key]
  35. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  38. 2007-11-06 13:32:58    创建注册表值      操作:允许
  39. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  40. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAgent.exe
  41. 注册表名称:Debugger
  42. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  43. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  46. 2007-11-06 13:32:58    创建注册表值      操作:允许
  47. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  48. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAttachment.exe
  49. 注册表名称:[Key]
  50. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  53. 2007-11-06 13:32:58    创建注册表值      操作:允许
  54. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  55. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAttachment.exe
  56. 注册表名称:Debugger
  57. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  58. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  61. 2007-11-06 13:32:58    创建注册表值      操作:允许
  62. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  63. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxCfg.exe
  64. 注册表名称:[Key]
  65. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  68. 2007-11-06 13:32:58    创建注册表值      操作:允许
  69. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  70. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxCfg.exe
  71. 注册表名称:Debugger
  72. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  73. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  76. 2007-11-06 13:32:58    创建注册表值      操作:允许
  77. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  78. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxFwHlp.exe
  79. 注册表名称:[Key]
  80. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  83. 2007-11-06 13:32:59    创建注册表值      操作:允许
  84. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  85. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxFwHlp.exe
  86. 注册表名称:Debugger
  87. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  88. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  91. 2007-11-06 13:32:59    创建注册表值      操作:允许
  92. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  93. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxPol.exe
  94. 注册表名称:[Key]
  95. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  98. 2007-11-06 13:32:59    创建注册表值      操作:允许
  99. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  100. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxPol.exe
  101. 注册表名称:Debugger
  102. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  103. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  106. 2007-11-06 13:32:59    创建注册表值      操作:允许
  107. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  108. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpLive.exe
  109. 注册表名称:[Key]
  110. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  113. 2007-11-06 13:33:00    创建注册表值      操作:允许
  114. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  115. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpLive.exe
  116. 注册表名称:Debugger
  117. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  118. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  121. 2007-11-06 13:33:00    创建注册表值      操作:允许
  122. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  123. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upiea.exe
  124. 注册表名称:[Key]
  125. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  128. 2007-11-06 13:33:00    创建注册表值      操作:允许
  129. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  130. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upiea.exe
  131. 注册表名称:Debugger
  132. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  133. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  136. 2007-11-06 13:33:00    创建注册表值      操作:允许
  137. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  138. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AST.exe
  139. 注册表名称:[Key]
  140. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  143. 2007-11-06 13:33:00    创建注册表值      操作:允许
  144. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  145. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AST.exe
  146. 注册表名称:Debugger
  147. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  148. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  151. 2007-11-06 13:33:01    创建注册表值      操作:允许
  152. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  153. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ArSwp.exe
  154. 注册表名称:[Key]
  155. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  158. 2007-11-06 13:33:01    创建注册表值      操作:允许
  159. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  160. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ArSwp.exe
  161. 注册表名称:Debugger
  162. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  163. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  166. 2007-11-06 13:33:01    创建注册表值      操作:允许
  167. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  168. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\USBCleaner.exe
  169. 注册表名称:[Key]
  170. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  173. 2007-11-06 13:33:01    创建注册表值      操作:允许
  174. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  175. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\USBCleaner.exe
  176. 注册表名称:Debugger
  177. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  178. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  181. 2007-11-06 13:33:01    创建注册表值      操作:允许
  182. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  183. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe
  184. 注册表名称:[Key]
  185. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  188. 2007-11-06 13:33:02    创建注册表值      操作:允许
  189. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  190. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe
  191. 注册表名称:Debugger
  192. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  193. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  196. 2007-11-06 13:33:02    创建注册表值      操作:允许
  197. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  198. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvReport.kxp
  199. 注册表名称:[Key]
  200. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  203. 2007-11-06 13:33:02    创建注册表值      操作:允许
  204. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  205. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvReport.kxp
  206. 注册表名称:Debugger
  207. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  208. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  211. 2007-11-06 13:33:02    创建注册表值      操作:允许
  212. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  213. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQSC.exe
  214. 注册表名称:[Key]
  215. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  218. 2007-11-06 13:33:02    创建注册表值      操作:允许
  219. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  220. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQSC.exe
  221. 注册表名称:Debugger
  222. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  223. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  226. 2007-11-06 13:33:03    创建注册表值      操作:允许
  227. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  228. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ghost.exe
  229. 注册表名称:[Key]
  230. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  233. 2007-11-06 13:33:03    创建注册表值      操作:允许
  234. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  235. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ghost.exe
  236. 注册表名称:Debugger
  237. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  238. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  241. 2007-11-06 13:33:03    创建注册表值      操作:允许
  242. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  243. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvastU3.exe
  244. 注册表名称:[Key]
  245. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  248. 2007-11-06 13:33:03    创建注册表值      操作:允许
  249. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  250. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvastU3.exe
  251. 注册表名称:Debugger
  252. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  253. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  256. 2007-11-06 13:33:04    创建注册表值      操作:允许
  257. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  258. 注册表路径:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRepair.com
  259. 注册表名称:[Key]
  260. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  263. 2007-11-06 13:33:04    创建注册表值      操作:允许
  264. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  265. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRepair.com
  266. 注册表名称:Debugger
  267. 注册表数据:C:\Program Files\Common Files\Microsoft Shared\cmvrsaw.exe
  268. 触发规则:所有程序规则->系统设置->HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*


  271. 2007-11-06 13:33:04    修改注册表内容      操作:允许
  272. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  273. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  274. 注册表名称:*
  275. 触发规则:所有程序规则->系统自动运行->*\SOFTWARE\Microsoft\Windows\CurrentVersion\Run*


  278. 2007-11-06 13:33:04    修改注册表内容      操作:允许
  279. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  280. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  281. 注册表名称:*
  282. 触发规则:所有程序规则->系统自动运行->*\SOFTWARE\Microsoft\Windows\CurrentVersion\Run*


  285. 2007-11-06 13:33:04    删除注册表      操作:允许
  286. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  287. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  288. 注册表名称:AVP
  289. 触发规则:所有程序规则->系统自动运行->*\SOFTWARE\Microsoft\Windows\CurrentVersion\Run*


  292. 2007-11-06 13:33:05    删除注册表      操作:允许
  293. 进程路径:C:\Program Files\Common Files\System\lxpbnfn.exe
  294. 注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  295. 注册表名称:KVMON
  296. 触发规则:所有程序规则->系统自动运行->*\SOFTWARE\Microsoft\Windows\CurrentVersion\Run*
复制代码
以上就是全部的监控日志!
为了大家看得方便,另外上传日志文件!!!

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

驭龙
发表于 2007-11-6 14:02:05 | 显示全部楼层
A-Squared  Found nothing
AntiVir  Found TR/Delphi.Downloader.Gen  
ArcaVir  Found nothing
Avast  Found Win32:AutoRun-FI  
AVG Antivirus  Found Win32/PEMask  
BitDefender  Found Generic.Malware.SP!Pk!g.518BE9DB  
ClamAV  Found Trojan.Delf-818  
CPsecure  Found nothing
Dr.Web  Found DLOADER.Trojan (probable variant)  
F-Prot Antivirus  Found Possibly a new variant of W32/Threat-HLLPEM-based!Maximus  
F-Secure Anti-Virus  Found Worm:W32/Agent.BTQ, Virus.Win32.AutoRun.aat  
Fortinet  Found nothing
Kaspersky Anti-Virus  Found Virus.Win32.AutoRun.aat  
NOD32  Found probably a variant of Win32/Delf.NDF (probable variant)  
Norman Virus Control  Found nothing
Panda Antivirus  Found Generic  
Rising Antivirus  Found nothing
Sophos Antivirus  Found Mal/EncPk-AP  
VirusBuster  Found nothing
VBA32  Found nothing


我的卡巴7报告是已删除:病毒 Virus.Win32.AutoRun.aat        文件 : C:\TDDOWNLOAD\今天中的毒.rar/rommabp.exe//ASPack//PE_Patch.MaskPE

但我的nis08却没有报告
回复

举报

googlehack
发表于 2007-11-6 14:03:43 | 显示全部楼层
不错啊,是个avkiller,厉害!
回复

举报

秋叶濛濛
发表于 2007-11-6 14:10:45 | 显示全部楼层
F:\Virus\今天中的毒.rar » RAR » rommabp.exe - probably a variant of Win32/Delf.NDF worm
回复

举报

a256886572008
发表于 2007-11-6 14:27:04 | 显示全部楼层

回复 66楼 SONGBOWEN 的帖子

隱藏文件你沒測到嗎

[ 本帖最后由 a256886572008 于 2007-11-6 14:32 编辑 ]
回复

举报

下一页 »
12345678下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-21 05:11 , Processed in 0.110330 second(s), 16 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表