收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 原创工具区 发现病毒scrsys16_070510.scr,winsys32_070510.dll,wins ...
返回列表 发新帖
查看: 2848|回复: 6
收起左侧

发现病毒scrsys16_070510.scr,winsys32_070510.dll,winsys16_070510.dll七楼扫描报告

[复制链接]
cory1984
发表于 2007-5-16 12:47:14 | 显示全部楼层 |阅读模式
scrsys16_070510.scr,winsys32_070510.dll,winsys16_070510.dll

就这三个鬼东东咯


用卡巴查出来了,也杀了,但是过不了多久,就会再出现

在网上查了,也有人遇到过这种情况

请高手帮忙哈

[ 本帖最后由 cory1984 于 2007-5-17 16:24 编辑 ]
回复

举报

cory1984
 楼主| 发表于 2007-5-16 12:47:40 | 显示全部楼层
自己先顶起来吧~~~~~~~~~`高手一定要帮忙啊
回复

举报

zhaonimm
发表于 2007-5-16 14:35:23 | 显示全部楼层
用SRENG扫个报告来等高手分析把!!
回复

举报

army1221
发表于 2007-5-16 14:48:29 | 显示全部楼层
貌似和我有相似遭遇
回复

举报

cory1984
 楼主| 发表于 2007-5-17 10:47:04 | 显示全部楼层
昨天杀了一次,今天发现不见了~~~~~~~~~不过,还是理解不了

曾经杀N次都不行的
回复

举报

cory1984
 楼主| 发表于 2007-5-17 16:10:23 | 显示全部楼层
为什么机器重启了几次就又出现了呢?
回复

举报

cory1984
 楼主| 发表于 2007-5-17 16:22:13 | 显示全部楼层

用SRENG扫个报告



  3. 2007-05-17,16:18:01

  5. System Repair Engineer 2.4.12.806
  6. Smallfrogs ([url]http://www.KZTechs.com[/url])

  8. Windows XP Professional  (Build 2600) - Administrative User - Completed Functions Allowed

  10. Follow item(s) have been choosed:
  11.     All Boot Items (Including Registry, Startup Folders, Services and so on)
  12.     Browser Add-ons
  13.     Runing Processes (Including process model information)
  14.     File Associations
  15.     Winsock Provider
  16.     Autorun.Inf
  17.     HOSTS File


  20. Boot Items
  21. Registry
  22. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  23.     <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
  24. [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  25.     <load><>  [N/A]
  26. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  27.     <kis><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe">  [Kaspersky Lab]
  28. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  29.     <shell><Explorer.exe>  [(Verified)Microsoft Windows XP Publisher]
  30.     <Userinit><userinit.exe>  [(Verified)Microsoft Windows XP Publisher]
  31. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  32.     <AppInit_DLLs><C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll>  [Kaspersky Lab]
  33. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  34.     <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]
  35. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
  36.     <WinlogonNotify: klogon><C:\WINDOWS\System32\klogon.dll>  [Kaspersky Lab]
  37. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  38.     <ApabiAgent><; "C:\Program Files\Founder\Apabi Reader 3.0\ApabiAgent.exe">  []
  39. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  40.     <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows XP Publisher]
  41.     <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
  42. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  43.     <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows XP Publisher]
  44. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  45.     <MSPY2002><; C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)Microsoft Windows XP Publisher]
  46.     <PHIME2002A><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows XP Publisher]
  47.     <PHIME2002ASync><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows XP Publisher]
  48.     <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
  49.     <UnlockerAssistant><; "C:\Program Files\Unlocker\UnlockerAssistant.exe">  []
  50.     <WangWang><; >  [N/A]

  52. ==================================
  53. Startup Folders
  54. N/A

  56. ==================================
  57. Services
  58. [Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  59.   <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
  60. [ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  61.   <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
  62. [Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
  63.   <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
  64. [卡巴斯基互联网安全套装 6.0 / AVP][Running/Auto Start]
  65.   <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe -r><Kaspersky Lab>
  66. [dnWhoDisp / dnWhoDisp][Stopped/Manual Start]
  67.   <C:\Program Files\Rockwell Software\RSLINX\dnwhodisp.exe><>
  68. [Harmony / Harmony][Stopped/Manual Start]
  69.   <C:\PROGRA~1\ROCKWE~1\RSCOMMON\RSOBSERV.EXE><Rockwell Software Inc.>
  70. [Human Interface Device Access / HidServ][Stopped/Disabled]
  71.   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
  72. [MSSQLSERVER / MSSQLSERVER][Stopped/Manual Start]
  73.   <C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
  74. [MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  75.   <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
  76. [OPCEnum / OPCEnum][Stopped/Manual Start]
  77.   <C:\Program Files\Common Files\OPC Foundation\OPCENUM.EXE><>
  78. [RSLinx / RSLinx][Stopped/Manual Start]
  79.   <C:\PROGRA~1\ROCKWE~1\RSLINX\RSLINX.EXE /SERVICE><Rockwell Software, Inc.>
  80. [SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
  81.   <C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlagent.exe><Microsoft Corporation>
  82. [Visual Studio Analyzer RPC bridge / Visual Studio Analyzer RPC bridge][Stopped/Manual Start]
  83.   <C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe><Microsoft Corporation>

  85. ==================================
  86. Drivers
  87. [Rockwell Software 1784-KTC(X) Driver / ABKTCX][Stopped/Manual Start]
  88.   <\SystemRoot\System32\Drivers\ABKTCX.sys><Rockwell Software Inc.>
  89. [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
  90.   <system32\drivers\ac97intc.sys><Intel Corporation>
  91. [Apaidi / Apaidi][Running/Auto Start]
  92.   <\??\C:\WINDOWS\System32\drivers\Apaidi.sys><N/A>
  93. [D-Link DFE-530TX PCI Fast Ethernet Adapter Driver Service / FETNDISB][Running/Manual Start]
  94.   <System32\DRIVERS\dlkfet5b.sys><D-Link>
  95. [kl1 / kl1][Running/Boot Start]
  96.   <\SystemRoot\System32\drivers\kl1.sys><Kaspersky Lab>
  97. [klif / klif][Running/System Start]
  98.   <\??\C:\WINDOWS\System32\drivers\klif.sys><Kaspersky Lab>
  99. [npkcrypt / npkcrypt][Stopped/Auto Start]
  100.   <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
  101. [nv4 / nv4][Running/Manual Start]
  102.   <System32\DRIVERS\nv4.sys><NVIDIA Corporation>
  103. [PDRJNDL / PDRJNDL][Running/Auto Start]
  104.   <\??\E:\software\AB授权166个\PDRJNDL.SYS><Dekart>
  105. [PRVDISK / PRVDISK][Running/Auto Start]
  106.   <\??\E:\software\AB授权166个\PRVDISK.SYS><Dekart>
  107. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  108.   <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
  109. [RsiKtControl / RsiKtControl][Stopped/Manual Start]
  110.   <\SystemRoot\system32\RSIKT.SYS><Rockwell Software, Inc.>
  111. [RSLinx Serial Driver / RSSERIAL][Stopped/Manual Start]
  112.   <\SystemRoot\SYSTEM32\RSSERIAL.SYS><Rockwell Software Inc.>
  113. [RSLinx S-S SD/SD2 Device Driver / RS_SS_NT][Stopped/Manual Start]
  114.   <\SystemRoot\SYSTEM32\RS_SS_NT.SYS><Rockwell Software, Inc.>
  115. [Secdrv / Secdrv][Stopped/Manual Start]
  116.   <System32\DRIVERS\secdrv.sys><N/A>
  117. [A-B Virtual Backplane / VirtualBackplane][Running/System Start]
  118.   <\SystemRoot\System32\Drivers\VirtualBackplane.sys><Rockwell Automation>

  120. ==================================
  121. Browser Add-ons
  122. [Adobe PDF Reader Link Helper]
  123.   {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
  124. [Web反病毒保护]
  125.   {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>
  126. [信息检索(&R)]
  127.   {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
  128. [@shdoclc.dll,-866]
  129.   {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
  130. [QQ]
  131.   {c95fe080-8f5d-11d2-a20b-00aa003c157b} <, N/A>
  132. [&Radio]
  133.   {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, >
  134. [CEnroll Class]
  135.   {127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\Downloaded Program Files\xenroll.dll, Microsoft Corporation>
  136. [Windows Genuine Advantage Validation Tool]
  137.   {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\System32\LegitCheckControl.DLL, Microsoft Corporation>
  138. [SSReaderPlug]
  139.   {1DE88635-1C72-401E-B23B-93FA86D30F3B} <C:\WINDOWS\DOWNLO~1\SSREAD~1.DLL, 北京超星>
  140. [iTrusPTA Class]
  141.   {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\System32\aliedit\pta.dll, >
  142. [WUWebControl Class]
  143.   {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
  144. [Shockwave Flash Object]
  145.   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
  146. [上传到QQ网络硬盘]
  147.   <, N/A>
  148. [导出到 Microsoft Office Excel(&X)]
  149.   <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
  150. [添加到QQ自定义面板]
  151.   <, N/A>
  152. [添加到QQ表情]
  153.   <, N/A>
  154. [用QQ彩信发送该图片]
  155.   <, N/A>

  157. ==================================
  158. Running Processes
  159. [PID: 640][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  160. [PID: 696][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  161. [PID: 720][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  162.     [C:\WINDOWS\System32\klogon.dll]  [Kaspersky Lab, 6.0.0.299]
  163.     [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
  164.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  165. [PID: 764][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  166. [PID: 776][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  167.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  168. [PID: 948][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  169.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  170. [PID: 1072][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  171.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  172.     [c:\windows\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.1557 (xpsp2_gdr.040517-1325)]
  173. [PID: 1192][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  174.     [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  175. [PID: 1204][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  176.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  177. [PID: 1596][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
  178.     [C:\WINDOWS\System32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
  179.     [C:\PROGRA~1\WINDOW~3\wmpband.dll]  [Microsoft Corporation, 10.00.00.3802]
  180.     [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.2.54.0]
  181.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  182.     [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
  183.     [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  184. [PID: 1712][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  185. [PID: 1792][C:\WINDOWS\System32\inetsrv\inetinfo.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  186.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  187.     [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll]  [Microsoft Corporation, 1.1.4322.573]
  188.     [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
  189. [PID: 1916][C:\WINDOWS\System32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
  190. [PID: 356][C:\Documents and Settings\Lee\Desktop\ipmsg.exe]  [Azhi.net, 2.03]
  191.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  192. [PID: 200][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
  193.     [C:\WINDOWS\System32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
  194.     [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.9.2006121800]
  195.     [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
  196.     [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
  197.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
  198.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
  199.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
  200.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
  201.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.299]
  202.     [c:\program files\kaspersky lab\kaspersky internet security 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
  203.     [c:\program files\kaspersky lab\kaspersky internet security 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
  204.     [c:\program files\kaspersky lab\kaspersky internet security 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
  205.     [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
  206.     [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  207.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  208.     [c:\program files\kaspersky lab\kaspersky internet security 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
  209.     [c:\program files\kaspersky lab\kaspersky internet security 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
  210.     [C:\WINDOWS\System32\IMSC40A.IME]  [Microsoft Corporation, 6.0.0.2527]
  211.     [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL]  [Microsoft Corporation, 9.0.5510.0]
  212.     [C:\WINDOWS\System32\WINWB86.IME]  [Microsoft Corporation, 4.00.950]
  213. [PID: 852][C:\DOCUME~1\Lee\LOCALS~1\Temp\Rar$EX00.860\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
  214.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]

  216. ==================================
  217. File Associations
  218. .TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  219. .EXE  OK. ["%1" %*]
  220. .COM  OK. ["%1" %*]
  221. .PIF  OK. ["%1" %*]
  222. .REG  OK. [regedit.exe "%1"]
  223. .BAT  OK. ["%1" %*]
  224. .SCR  Error. [AutoCADScriptFile]
  225. .CHM  OK. ["C:\WINDOWS\hh.exe" %1]
  226. .HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
  227. .INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
  228. .INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
  229. .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  230. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  231. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]

  233. ==================================
  234. Winsock Provider
  235. N/A

  237. ==================================
  238. Autorun.Inf
  239. N/A

  241. ==================================
  242. HOSTS File
  243. 127.0.0.1       localhost

  245. ==================================
  246. API HOOK
  247. RVA Error:  LoadLibraryA (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF8471B25)
  248. RVA Error:  LoadLibraryExA (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF8471D67)
  249. RVA Error:  LoadLibraryExW (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF8471F0B)
  250. RVA Error:  LoadLibraryW (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF8471C49)
  251. RVA Error:  GetProcAddress (Dangerous Level: High,  Hooked by Module: Dest Addr: 0xF8471E8F)

  253. ==================================
  254. Hidden Process
  255. N/A

  257. ==================================


复制代码
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-3-18 13:48 , Processed in 0.136915 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表