12.exe过毒霸

显示全部楼层 · 发表于 2010-12-29 20:04:09

to MSE
https://www.microsoft.com/securi ... a6037678281&n=1

显示全部楼层 · 发表于 2010-12-29 20:57:42

毒霸越来越差了，现在漏杀现象很严重

显示全部楼层 · 发表于 2010-12-29 22:04:08

"";"C:\Users\Administrator\Downloads\12.rar:\12.exe:\tmp.exe";"广告软件 Generic4.AXFR";"已移至病毒库"
"";"C:\Users\Administrator\Downloads\12.rar:\12.exe";"广告软件 Generic4.AXFR";"已移至病毒库"

显示全部楼层 · 发表于 2010-12-30 05:53:10

12.rar > 12.exe 危险
CRC32: CE8EFF94
该文件有可疑行为. 会透过一个系统漏洞侵入.
删除.
删除已执行.

显示全部楼层 · 发表于 2010-12-30 12:45:18

显示全部楼层 · 发表于 2010-12-30 12:58:03

在文件“I:\virus\12.exe”中检测到病毒或
恶意程序“TR/Drop.Cadro.dxs [trojan]”。
执行的操作:拒绝访问

显示全部楼层 · 发表于 2010-12-30 13:42:07

没有过毒霸啊：毒霸Kill

以下是金山安全沙箱行为分析：
2010-12-30 13:36:53 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\WINDOWS\system32\mfc42.dll C:\WINDOWS\system32\mfc42.dll
2010-12-30 13:36:53 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\WINDOWS\system32\setupapi.dll C:\WINDOWS\system32\setupapi.dll
2010-12-30 13:36:53 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\WINDOWS\system32\msvcp60.dll C:\WINDOWS\system32\msvcp60.dll
2010-12-30 13:36:53 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\WINDOWS\system32\imm32.dll C:\WINDOWS\system32\imm32.dll
2010-12-30 13:36:53 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\WINDOWS\system32\mfc42loc.dll C:\WINDOWS\system32\mfc42loc.dll
2010-12-30 13:36:53 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\Program Files\Common Files\Kingsoft\kiscommon\security\ksde\kisdcom.dll C:\Program Files\Common Files\Kingsoft\kiscommon\security\ksde\kisdcom.dll
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建文件D:\KSafeBox\2C2BC1D3\Temp\yste\ D:\KSafeBox\2C2BC1D3\Temp\yste\
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建文件D:\KSafeBox\2C2BC1D3\Temp\yste\2.tmp D:\KSafeBox\2C2BC1D3\Temp\yste\2.tmp
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写文件D:\KSafeBox\2C2BC1D3\Temp\yste\2.tmp D:\KSafeBox\2C2BC1D3\Temp\yste\2.tmp
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建文件D:\KSafeBox\2C2BC1D3\Temp\yste\_uninstall D:\KSafeBox\2C2BC1D3\Temp\yste\_uninstall
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建文件D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe.tmp D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe.tmp
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写文件D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe.tmp D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe.tmp
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\WINDOWS\system32\cabinet.dll C:\WINDOWS\system32\cabinet.dll
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建文件D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写文件D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe删除文件D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe.tmp D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe.tmp
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建文件D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写文件D:\KSafeBox\2C2BC1D3\Temp\yste\_uninstall D:\KSafeBox\2C2BC1D3\Temp\yste\_uninstall
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe删除文件D:\KSafeBox\2C2BC1D3\Temp\yste\2.tmp D:\KSafeBox\2C2BC1D3\Temp\yste\2.tmp
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建文件C:\KSafeBox\2C2BC1D3\windows\temp\tmp.exe C:\KSafeBox\2C2BC1D3\windows\temp\tmp.exe
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\uxtheme.dll
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件D:\Program Files\KSafe\ksfmon.dll D:\Program Files\KSafe\ksfmon.dll
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\WINDOWS\system32\MSCTF.dll C:\WINDOWS\system32\MSCTF.dll
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\WINDOWS\system32\clbcatq.dll C:\WINDOWS\system32\clbcatq.dll
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\WINDOWS\system32\comres.dll C:\WINDOWS\system32\comres.dll
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe打开设备\Device\MountPointManager \Device\MountPointManager
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3 HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003 HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建文件C:\KSafeBox\2C2BC1D3\Documents and Settings\All Users\「开始」菜单\程序\启动\ktv.lnk C:\KSafeBox\2C2BC1D3\Documents and Settings\All Users\「开始」菜单\程序\启动\ktv.lnk
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_USERS\S-1-5-21-602162358-329068152-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe加载库文件C:\WINDOWS\system32\netapi32.dll C:\WINDOWS\system32\netapi32.dll
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Kingsoft\KSBReg\2C2BC1D3\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写注册表HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe写文件C:\KSafeBox\2C2BC1D3\Documents and Settings\All Users\「开始」菜单\程序\启动\ktv.lnk C:\KSafeBox\2C2BC1D3\Documents and Settings\All Users\「开始」菜单\程序\启动\ktv.lnk
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe删除文件D:\KSafeBox\2C2BC1D3\Temp\yste\_uninstall D:\KSafeBox\2C2BC1D3\Temp\yste\_uninstall
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe删除文件D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe D:\KSafeBox\2C2BC1D3\Temp\yste\tmp.exe
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe删除文件D:\KSafeBox\2C2BC1D3\Temp\yste\ D:\KSafeBox\2C2BC1D3\Temp\yste\
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe发送消息C:\WINDOWS\explorer.exe C:\WINDOWS\explorer.exe
2010-12-30 13:36:54 C:\Documents and Settings\YongGuang\桌面\12\12.exe发送消息C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
2010-12-30 13:36:54 结束进程C:\Documents and Settings\YongGuang\桌面\12\12.exe C:\Documents and Settings\YongGuang\桌面\12\12.exe

显示全部楼层 · 发表于 2010-12-30 14:49:05

毒霸的漏杀率还是很高的啊

显示全部楼层 · 发表于 2010-12-30 14:50:29

毛豆和毒霸报毒

[病毒样本] 12.exe过毒霸

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块