查看: 2847|回复: 6
收起左侧

发现病毒scrsys16_070510.scr,winsys32_070510.dll,winsys16_070510.dll七楼扫描报告

[复制链接]
cory1984
发表于 2007-5-16 12:47:14 | 显示全部楼层 |阅读模式
scrsys16_070510.scr,winsys32_070510.dll,winsys16_070510.dll

就这三个鬼东东咯


用卡巴查出来了,也杀了,但是过不了多久,就会再出现

在网上查了,也有人遇到过这种情况

请高手帮忙哈

[ 本帖最后由 cory1984 于 2007-5-17 16:24 编辑 ]
cory1984
 楼主| 发表于 2007-5-16 12:47:40 | 显示全部楼层
自己先顶起来吧~~~~~~~~~`高手一定要帮忙啊
zhaonimm
发表于 2007-5-16 14:35:23 | 显示全部楼层
用SRENG扫个报告来等高手分析把!!
army1221
发表于 2007-5-16 14:48:29 | 显示全部楼层
貌似和我有相似遭遇
cory1984
 楼主| 发表于 2007-5-17 10:47:04 | 显示全部楼层
昨天杀了一次,今天发现不见了~~~~~~~~~不过,还是理解不了

曾经杀N次都不行的
cory1984
 楼主| 发表于 2007-5-17 16:10:23 | 显示全部楼层
为什么机器重启了几次就又出现了呢?
cory1984
 楼主| 发表于 2007-5-17 16:22:13 | 显示全部楼层

用SRENG扫个报告



  1. 2007-05-17,16:18:01

  2. System Repair Engineer 2.4.12.806
  3. Smallfrogs ([url]http://www.KZTechs.com[/url])

  4. Windows XP Professional  (Build 2600) - Administrative User - Completed Functions Allowed

  5. Follow item(s) have been choosed:
  6.     All Boot Items (Including Registry, Startup Folders, Services and so on)
  7.     Browser Add-ons
  8.     Runing Processes (Including process model information)
  9.     File Associations
  10.     Winsock Provider
  11.     Autorun.Inf
  12.     HOSTS File


  13. Boot Items
  14. Registry
  15. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  16.     <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
  17. [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  18.     <load><>  [N/A]
  19. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  20.     <kis><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe">  [Kaspersky Lab]
  21. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  22.     <shell><Explorer.exe>  [(Verified)Microsoft Windows XP Publisher]
  23.     <Userinit><userinit.exe>  [(Verified)Microsoft Windows XP Publisher]
  24. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  25.     <AppInit_DLLs><C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll>  [Kaspersky Lab]
  26. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  27.     <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]
  28. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
  29.     <WinlogonNotify: klogon><C:\WINDOWS\System32\klogon.dll>  [Kaspersky Lab]
  30. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  31.     <ApabiAgent><; "C:\Program Files\Founder\Apabi Reader 3.0\ApabiAgent.exe">  []
  32. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  33.     <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows XP Publisher]
  34.     <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
  35. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  36.     <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows XP Publisher]
  37. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  38.     <MSPY2002><; C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)Microsoft Windows XP Publisher]
  39.     <PHIME2002A><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows XP Publisher]
  40.     <PHIME2002ASync><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows XP Publisher]
  41.     <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
  42.     <UnlockerAssistant><; "C:\Program Files\Unlocker\UnlockerAssistant.exe">  []
  43.     <WangWang><; >  [N/A]

  44. ==================================
  45. Startup Folders
  46. N/A

  47. ==================================
  48. Services
  49. [Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  50.   <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
  51. [ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  52.   <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
  53. [Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
  54.   <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
  55. [卡巴斯基互联网安全套装 6.0 / AVP][Running/Auto Start]
  56.   <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe -r><Kaspersky Lab>
  57. [dnWhoDisp / dnWhoDisp][Stopped/Manual Start]
  58.   <C:\Program Files\Rockwell Software\RSLINX\dnwhodisp.exe><>
  59. [Harmony / Harmony][Stopped/Manual Start]
  60.   <C:\PROGRA~1\ROCKWE~1\RSCOMMON\RSOBSERV.EXE><Rockwell Software Inc.>
  61. [Human Interface Device Access / HidServ][Stopped/Disabled]
  62.   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
  63. [MSSQLSERVER / MSSQLSERVER][Stopped/Manual Start]
  64.   <C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
  65. [MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  66.   <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
  67. [OPCEnum / OPCEnum][Stopped/Manual Start]
  68.   <C:\Program Files\Common Files\OPC Foundation\OPCENUM.EXE><>
  69. [RSLinx / RSLinx][Stopped/Manual Start]
  70.   <C:\PROGRA~1\ROCKWE~1\RSLINX\RSLINX.EXE /SERVICE><Rockwell Software, Inc.>
  71. [SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
  72.   <C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlagent.exe><Microsoft Corporation>
  73. [Visual Studio Analyzer RPC bridge / Visual Studio Analyzer RPC bridge][Stopped/Manual Start]
  74.   <C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe><Microsoft Corporation>

  75. ==================================
  76. Drivers
  77. [Rockwell Software 1784-KTC(X) Driver / ABKTCX][Stopped/Manual Start]
  78.   <\SystemRoot\System32\Drivers\ABKTCX.sys><Rockwell Software Inc.>
  79. [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
  80.   <system32\drivers\ac97intc.sys><Intel Corporation>
  81. [Apaidi / Apaidi][Running/Auto Start]
  82.   <\??\C:\WINDOWS\System32\drivers\Apaidi.sys><N/A>
  83. [D-Link DFE-530TX PCI Fast Ethernet Adapter Driver Service / FETNDISB][Running/Manual Start]
  84.   <System32\DRIVERS\dlkfet5b.sys><D-Link>
  85. [kl1 / kl1][Running/Boot Start]
  86.   <\SystemRoot\System32\drivers\kl1.sys><Kaspersky Lab>
  87. [klif / klif][Running/System Start]
  88.   <\??\C:\WINDOWS\System32\drivers\klif.sys><Kaspersky Lab>
  89. [npkcrypt / npkcrypt][Stopped/Auto Start]
  90.   <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
  91. [nv4 / nv4][Running/Manual Start]
  92.   <System32\DRIVERS\nv4.sys><NVIDIA Corporation>
  93. [PDRJNDL / PDRJNDL][Running/Auto Start]
  94.   <\??\E:\software\AB授权166个\PDRJNDL.SYS><Dekart>
  95. [PRVDISK / PRVDISK][Running/Auto Start]
  96.   <\??\E:\software\AB授权166个\PRVDISK.SYS><Dekart>
  97. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  98.   <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
  99. [RsiKtControl / RsiKtControl][Stopped/Manual Start]
  100.   <\SystemRoot\system32\RSIKT.SYS><Rockwell Software, Inc.>
  101. [RSLinx Serial Driver / RSSERIAL][Stopped/Manual Start]
  102.   <\SystemRoot\SYSTEM32\RSSERIAL.SYS><Rockwell Software Inc.>
  103. [RSLinx S-S SD/SD2 Device Driver / RS_SS_NT][Stopped/Manual Start]
  104.   <\SystemRoot\SYSTEM32\RS_SS_NT.SYS><Rockwell Software, Inc.>
  105. [Secdrv / Secdrv][Stopped/Manual Start]
  106.   <System32\DRIVERS\secdrv.sys><N/A>
  107. [A-B Virtual Backplane / VirtualBackplane][Running/System Start]
  108.   <\SystemRoot\System32\Drivers\VirtualBackplane.sys><Rockwell Automation>

  109. ==================================
  110. Browser Add-ons
  111. [Adobe PDF Reader Link Helper]
  112.   {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
  113. [Web反病毒保护]
  114.   {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>
  115. [信息检索(&R)]
  116.   {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
  117. [@shdoclc.dll,-866]
  118.   {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
  119. [QQ]
  120.   {c95fe080-8f5d-11d2-a20b-00aa003c157b} <, N/A>
  121. [&Radio]
  122.   {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, >
  123. [CEnroll Class]
  124.   {127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\Downloaded Program Files\xenroll.dll, Microsoft Corporation>
  125. [Windows Genuine Advantage Validation Tool]
  126.   {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\System32\LegitCheckControl.DLL, Microsoft Corporation>
  127. [SSReaderPlug]
  128.   {1DE88635-1C72-401E-B23B-93FA86D30F3B} <C:\WINDOWS\DOWNLO~1\SSREAD~1.DLL, 北京超星>
  129. [iTrusPTA Class]
  130.   {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\System32\aliedit\pta.dll, >
  131. [WUWebControl Class]
  132.   {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
  133. [Shockwave Flash Object]
  134.   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
  135. [上传到QQ网络硬盘]
  136.   <, N/A>
  137. [导出到 Microsoft Office Excel(&X)]
  138.   <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
  139. [添加到QQ自定义面板]
  140.   <, N/A>
  141. [添加到QQ表情]
  142.   <, N/A>
  143. [用QQ彩信发送该图片]
  144.   <, N/A>

  145. ==================================
  146. Running Processes
  147. [PID: 640][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  148. [PID: 696][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  149. [PID: 720][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  150.     [C:\WINDOWS\System32\klogon.dll]  [Kaspersky Lab, 6.0.0.299]
  151.     [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
  152.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  153. [PID: 764][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  154. [PID: 776][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  155.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  156. [PID: 948][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  157.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  158. [PID: 1072][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  159.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  160.     [c:\windows\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.1557 (xpsp2_gdr.040517-1325)]
  161. [PID: 1192][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  162.     [C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  163. [PID: 1204][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  164.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  165. [PID: 1596][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
  166.     [C:\WINDOWS\System32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
  167.     [C:\PROGRA~1\WINDOW~3\wmpband.dll]  [Microsoft Corporation, 10.00.00.3802]
  168.     [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.2.54.0]
  169.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  170.     [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
  171.     [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  172. [PID: 1712][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  173. [PID: 1792][C:\WINDOWS\System32\inetsrv\inetinfo.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  174.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  175.     [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll]  [Microsoft Corporation, 1.1.4322.573]
  176.     [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
  177. [PID: 1916][C:\WINDOWS\System32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
  178. [PID: 356][C:\Documents and Settings\Lee\Desktop\ipmsg.exe]  [Azhi.net, 2.03]
  179.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  180. [PID: 200][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
  181.     [C:\WINDOWS\System32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
  182.     [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.9.2006121800]
  183.     [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
  184.     [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
  185.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
  186.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
  187.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
  188.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
  189.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.299]
  190.     [c:\program files\kaspersky lab\kaspersky internet security 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
  191.     [c:\program files\kaspersky lab\kaspersky internet security 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
  192.     [c:\program files\kaspersky lab\kaspersky internet security 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
  193.     [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
  194.     [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  195.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
  196.     [c:\program files\kaspersky lab\kaspersky internet security 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
  197.     [c:\program files\kaspersky lab\kaspersky internet security 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
  198.     [C:\WINDOWS\System32\IMSC40A.IME]  [Microsoft Corporation, 6.0.0.2527]
  199.     [C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL]  [Microsoft Corporation, 9.0.5510.0]
  200.     [C:\WINDOWS\System32\WINWB86.IME]  [Microsoft Corporation, 4.00.950]
  201. [PID: 852][C:\DOCUME~1\Lee\LOCALS~1\Temp\Rar$EX00.860\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
  202.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]

  203. ==================================
  204. File Associations
  205. .TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  206. .EXE  OK. ["%1" %*]
  207. .COM  OK. ["%1" %*]
  208. .PIF  OK. ["%1" %*]
  209. .REG  OK. [regedit.exe "%1"]
  210. .BAT  OK. ["%1" %*]
  211. .SCR  Error. [AutoCADScriptFile]
  212. .CHM  OK. ["C:\WINDOWS\hh.exe" %1]
  213. .HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
  214. .INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
  215. .INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
  216. .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  217. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  218. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]

  219. ==================================
  220. Winsock Provider
  221. N/A

  222. ==================================
  223. Autorun.Inf
  224. N/A

  225. ==================================
  226. HOSTS File
  227. 127.0.0.1       localhost

  228. ==================================
  229. API HOOK
  230. RVA Error:  LoadLibraryA (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF8471B25)
  231. RVA Error:  LoadLibraryExA (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF8471D67)
  232. RVA Error:  LoadLibraryExW (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF8471F0B)
  233. RVA Error:  LoadLibraryW (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF8471C49)
  234. RVA Error:  GetProcAddress (Dangerous Level: High,  Hooked by Module: Dest Addr: 0xF8471E8F)

  235. ==================================
  236. Hidden Process
  237. N/A

  238. ==================================


复制代码
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-3-18 11:28 , Processed in 0.142143 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表