Trojan.Win32.Generic!SB.0

显示全部楼层 · 发表于 2010-12-18 20:49:32

大蜘蛛clean，已上报

显示全部楼层 · 发表于 2010-12-18 20:49:57

回复 5楼 62590423 的帖子

您使用大蜘蛛检测后，上报了么？

显示全部楼层 · 发表于 2010-12-18 21:22:18

回复 2楼 listen1 的帖子

乃的MD呢

--------------------------------------------------------------------------------------------------------------------------

2010-12-18 21:12:52 创建新进程允许
进程: c:\windows\explorer.exe
目标: d:\我的文档\viurs test\sxcpasetup_1105687\sxcpasetup_1105687.exe
命令行: "d:\我的文档\viurs test\SXCPASETUP_1105687\SXCPASETUP_1105687.EXE"
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [子应用程序]d:\我的文档\*

2010-12-18 21:12:56 创建新进程允许
进程: d:\我的文档\viurs test\sxcpasetup_1105687\sxcpasetup_1105687.exe
目标: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
命令行: "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-9ECM3.tmp\SXCPASETUP_1105687.tmp" /SL5="$1A044A,58880,58880,d:\我的文档\viurs test\SXCPASETUP_1105687\SXCPASETUP_1105687.EXE"
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [子应用程序]?:\documents and settings\*\local settings\temp\*

2010-12-18 21:13:01 创建文件允许
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temp\is-7BAU5.tmp\_isetup\_shfoldr.dll
规则: [文件组]Documents and Settings_阻止 -> [文件]?:\documents and settings\*; *.dll

2010-12-18 21:13:03 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
值: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:13:04 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cookies
值: C:\Documents and Settings\Administrator\Cookies
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:13:05 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\History
值: C:\Documents and Settings\Administrator\Local Settings\History
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:13:05 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:13:05 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:13:08 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common AppData
值: C:\Documents and Settings\All Users\Application Data
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:13:08 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:13:09 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData
值: C:\Documents and Settings\Administrator\Application Data
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:13:09 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:13:09 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:13:10 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData
值: C:\Documents and Settings\Administrator\Application Data
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:13:26 创建文件允许
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temp\is-7BAU5.tmp\SXCPASETUP_1105687.EXE
规则: [文件组]Documents and Settings_阻止 -> [文件]?:\documents and settings\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetup[1].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetup[2].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetup[3].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetup[4].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetup[5].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetup[6].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetup[7].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetup[8].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetup[9].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetup[10].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetup[11].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLC.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGU.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NO.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVX.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RD.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YU.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GM.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTL.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZ.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPP.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNI.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRF.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9N.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FC.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\SXSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XS.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\XSetupCAVIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCI.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\VIZDLCCABTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1L.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\BTPEK3CAL0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\L0ZLGUCAIW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2D.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

显示全部楼层 · 发表于 2010-12-18 21:22:41

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\IW50NOCAS9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\S9DXVXCARNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RY.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\RNHRR5CA3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9Z.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\3020RDCAS4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7P.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\S4M5YUCA7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQN.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\7QF6GMCA1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7Q.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\1KDRTLCAKMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7QCA3GG83G.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\KMKUCZCAUDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7QCA3GG83GCA8M4JYR.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\UDUVPPCA9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7QCA3GG83GCA8M4JYRCAYLDCB3.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\9Z9ZNICALE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7QCA3GG83GCA8M4JYRCAYLDCB3CAAFSRLQ.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\LE7MRFCAUA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7QCA3GG83GCA8M4JYRCAYLDCB3CAAFSRLQCAW78046.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\UA0O9NCATT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7QCA3GG83GCA8M4JYRCAYLDCB3CAAFSRLQCAW78046CA5Y561U.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\TT55FCCADXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7QCA3GG83GCA8M4JYRCAYLDCB3CAAFSRLQCAW78046CA5Y561UCASA24ZC.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\DXA5XSCAK3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7QCA3GG83GCA8M4JYRCAYLDCB3CAAFSRLQCAW78046CA5Y561UCASA24ZCCAQKECFM.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\K3LNCICAJR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7QCA3GG83GCA8M4JYRCAYLDCB3CAAFSRLQCAW78046CA5Y561UCASA24ZCCAQKECFMCA8MZTOG.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\JR0P1LCARLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7QCA3GG83GCA8M4JYRCAYLDCB3CAAFSRLQCAW78046CA5Y561UCASA24ZCCAQKECFMCA8MZTOGCAXDPUHV.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\RLS5G2CA5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7QCA3GG83GCA8M4JYRCAYLDCB3CAAFSRLQCAW78046CA5Y561UCASA24ZCCAQKECFMCA8MZTOGCAXDPUHVCAWTE0AZ.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:13:32 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IHL3ZFHU\5ACF2DCARVBTO9CAAVP9RYCASOLV9ZCALE0W7PCAECBZQNCATZZH7QCA3GG83GCA8M4JYRCAYLDCB3CAAFSRLQCAW78046CA5Y561UCASA24ZCCAQKECFMCA8MZTOGCAXDPUHVCAWTE0AZCAS14BDX.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:15:24 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\wkssvc
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:15:24 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\wkssvc
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:15:24 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\wkssvc
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:15:24 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\wkssvc
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:15:27 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Personal
值: d:\我的文档
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:15:28 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common Documents
值: C:\Documents and Settings\All Users\Documents
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:15:29 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Desktop
值: C:\Documents and Settings\Administrator\桌面
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:15:30 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common Desktop
值: C:\Documents and Settings\All Users\桌面
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:15:34 创建新进程允许
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: c:\documents and settings\administrator\local settings\temp\is-7bau5.tmp\sxcpasetup_1105687.exe
命令行: "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-7BAU5.tmp\SXCPASETUP_1105687.EXE"
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [子应用程序]?:\documents and settings\*\local settings\temp\*

2010-12-18 21:15:40 创建文件夹阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Program Files\Common Files\DcomServer
规则: [文件组]全局写入询问 -> [文件]?:\program files\*

2010-12-18 21:15:40 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:15:41 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData
值: C:\Documents and Settings\Administrator\Application Data
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:15:41 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:15:41 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:15:42 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData
值: C:\Documents and Settings\Administrator\Application Data
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:18:08 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:18:39 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData
值: C:\Documents and Settings\Administrator\Application Data
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:18:39 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:18:39 修改文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-18 21:18:39 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData
值: C:\Documents and Settings\Administrator\Application Data
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-18 21:19:01 创建文件允许
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temp\is-7BAU5.tmp\71Nwpgd1.exe
规则: [文件组]Documents and Settings_阻止 -> [文件]?:\documents and settings\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010[1].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010[2].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010[3].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010[4].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010[5].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010[6].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010[7].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010[8].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010[9].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010[10].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010[11].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NO.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GW.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8F.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZV.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498G.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZ.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWR.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YM.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BK.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLA.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPA.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UUSee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6G.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\USee_souxun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\xun_Setup_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58Y.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\p_2010CA0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\0638NOCAZ004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQG.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\Z004GWCAR55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WF.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\R55C8FCA0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\0CXIZVCASR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\SR498GCAF07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WI.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\F07ADZCAHQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\HQJXWRCAZ850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7Q.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\Z850YMCACMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\CMA0BKCA0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECS.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\0OJB64CAUVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECSCAQG1QH2.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\UVZCU3CAP7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECSCAQG1QH2CA348VX0.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\P7QNR2CA4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECSCAQG1QH2CA348VX0CAS112P9.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\4GPXLACAGFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECSCAQG1QH2CA348VX0CAS112P9CAIF08JK.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\GFKDPACAAUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECSCAQG1QH2CA348VX0CAS112P9CAIF08JKCAAAGIUY.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\AUXO6GCA8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECSCAQG1QH2CA348VX0CAS112P9CAIF08JKCAAAGIUYCAWV0TVZ.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\8DMC12CAVKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECSCAQG1QH2CA348VX0CAS112P9CAIF08JKCAAAGIUYCAWV0TVZCA7AOO1T.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\VKU58YCAOBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECSCAQG1QH2CA348VX0CAS112P9CAIF08JKCAAAGIUYCAWV0TVZCA7AOO1TCAVBICZS.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\OBK081CAWRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECSCAQG1QH2CA348VX0CAS112P9CAIF08JKCAAAGIUYCAWV0TVZCA7AOO1TCAVBICZSCAE2MTHF.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\WRNVQGCA9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECSCAQG1QH2CA348VX0CAS112P9CAIF08JKCAAAGIUYCAWV0TVZCA7AOO1TCAVBICZSCAE2MTHFCAARNT0J.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\9IJ2WFCA0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECSCAQG1QH2CA348VX0CAS112P9CAIF08JKCAAAGIUYCAWV0TVZCA7AOO1TCAVBICZSCAE2MTHFCAARNT0JCA4BJUOF.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-18 21:19:17 创建文件阻止
进程: c:\documents and settings\administrator\local settings\temp\is-9ecm3.tmp\sxcpasetup_1105687.tmp
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHRWLNWS\0WKKW3CAYSRMN6CAF3J3WICA5DDFA1CATTXA7QCAFQIU12CA3OYECSCAQG1QH2CA348VX0CAS112P9CAIF08JKCAAAGIUYCAWV0TVZCA7AOO1TCAVBICZSCAE2MTHFCAARNT0JCA4BJUOFCAEXJTZ3.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

显示全部楼层 · 发表于 2010-12-18 21:26:42

哭死了。。。mse不报。。。刚从小a投奔到mse怎么会这么悲剧

显示全部楼层 · 发表于 2010-12-18 21:34:40

创建出文件名好长的文件。脑袋被门挤了，一看就是不正常。哪个病毒制造者搞得。

显示全部楼层 · 发表于 2010-12-18 22:29:12

已上報趨勢~

显示全部楼层 · 发表于 2010-12-18 22:41:00

2010-12-18 22:39:25 创建新进程允许
进程: c:\documents and settings\administrator\桌面\sxcpasetup_1105687\sxcpasetup_1105687.exe
目标: c:\documents and settings\administrator\local settings\temp\is-pfi6l.tmp\sxcpasetup_1105687.tmp
命令行: "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-PFI6L.tmp\SXCPASETUP_1105687.tmp" /SL5="$1402D0,58880,58880,C:\Documents and Settings\Administrator\桌面\SXCPASETUP_1105687\SXCPASETUP_1105687.EXE"
规则: [应用程序组]所有程序规则-外部程序执行规则 -> [应用程序]* -> [子应用程序]*temp\*.tmp

2010-12-18 22:39:26 从其他进程复制句柄阻止
进程: c:\windows\system32\svchost.exe
目标: c:\documents and settings\administrator\local settings\temp\is-pfi6l.tmp\sxcpasetup_1105687.tmp
句柄: (File) \Device\Afd\Endpoint
规则: [应用程序]c:\windows\system32\svchost.exe

2010-12-18 22:39:28 访问网络阻止
进程: c:\documents and settings\administrator\local settings\temp\is-pfi6l.tmp\sxcpasetup_1105687.tmp
目标: UDP [本机 : 1276] -> [61.191.63.9 : 8901]
规则: [应用程序组]4D规则-安装进程例外规则 -> [网络]任意协议 [本机 : 任意端口] <-> [任意地址 : 任意端口]

2010-12-18 22:39:29 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-pfi6l.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
值: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
规则: [注册表组]IE浏览器设置保护(询问) -> [注册表]*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders; Cache

2010-12-18 22:39:31 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-pfi6l.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cookies
值: C:\Documents and Settings\Administrator\Cookies
规则: [注册表组]IE浏览器设置保护(询问) -> [注册表]*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders; Cookies

2010-12-18 22:39:31 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-pfi6l.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\History
值: C:\Documents and Settings\Administrator\Local Settings\History
规则: [注册表组]IE浏览器设置保护(询问) -> [注册表]*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders; History

2010-12-18 22:39:32 从其他进程复制句柄阻止
进程: c:\windows\system32\svchost.exe
目标: c:\documents and settings\administrator\local settings\temp\is-pfi6l.tmp\sxcpasetup_1105687.tmp
句柄: (Key) \REGISTRY\USER\S-1-5-21-57989841-842925246-854245398-500\Software\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness
规则: [应用程序]c:\windows\system32\svchost.exe

2010-12-18 22:39:33 访问网络阻止
进程: c:\documents and settings\administrator\local settings\temp\is-pfi6l.tmp\sxcpasetup_1105687.tmp
目标: TCP [本机 : 1278] -> [122.228.197.162 : 21000]
规则: [应用程序组]4D规则-安装进程例外规则 -> [网络]任意协议 [本机 : 任意端口] <-> [任意地址 : 任意端口]

2010-12-18 22:39:33 修改注册表值阻止
进程: c:\documents and settings\administrator\local settings\temp\is-pfi6l.tmp\sxcpasetup_1105687.tmp
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-FFBSC.tmp\SXCPASETUP_1105687.EXE
值: SXCPASETUP_1105687
规则: [注册表组]系统关键设置保护(阻止) -> [注册表]*\SOFTWARE\Microsoft\Windows\ShellNoRoam\MUICache

显示全部楼层 · 发表于 2010-12-18 22:45:18

TO CIS

显示全部楼层 · 发表于 2010-12-18 23:26:27

毒霸不报

[病毒样本] Trojan.Win32.Generic!SB.0