收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 VIRUS(373楼更新)
1 ...45678910111213... 38下一页
返回列表 发新帖
楼主: kurakimai
 收起左侧

[病毒样本] VIRUS(373楼更新)

  [复制链接]
hx1997
发表于 2011-4-17 13:28:14 | 显示全部楼层
2011-04-17 13:25:20    创建文件      操作:阻止
进程路径:G:\Documents and Settings\Administrator.HX-C0987054243B\桌面\BestAntivirus2011.exe
文件路径:G:\Sandbox\HX\Virus\user\all\Application Data\iJa24500cOhEj24500\iJa24500cOhEj24500.exe
触发规则:所有程序规则->高危目录->*\Application Data*\*.exe

回复

举报

kurakimai
 楼主| 发表于 2011-4-17 13:36:11 | 显示全部楼层
回复 81楼 hx1997 的帖子

谢谢

回复

举报

hx1997
发表于 2011-4-17 13:44:10 | 显示全部楼层
回复 82楼 kurakimai 的帖子

68L比我还早...
回复

举报

kurakimai
 楼主| 发表于 2011-4-17 13:47:45 | 显示全部楼层
回复 83楼 hx1997 的帖子

5:54就起来了

回复

举报

kurakimai
 楼主| 发表于 2011-4-17 13:48:41 | 显示全部楼层
回复 83楼 hx1997 的帖子

对了

我问一下

NOD32你上报一般怎样上报?

网页上报,可行吗?
回复

举报

hx1997
发表于 2011-4-17 13:56:34 | 显示全部楼层
回复 85楼 kurakimai 的帖子

我都是网页上报,会处理的
就是ESET处理有点慢,处理完了也不会通知你的
回复

举报

hx1997
发表于 2011-4-17 14:00:56 | 显示全部楼层
回复 85楼 kurakimai 的帖子

对了,补充一下
如果你用邮件上报,有时会通知你处理完成的,还会告诉你病毒名
回复

举报

kurakimai
 楼主| 发表于 2011-4-17 14:10:24 | 显示全部楼层
回复 87楼 hx1997 的帖子

邮箱和网页上报,谁快一点呢?
回复

举报

hx1997
发表于 2011-4-17 14:14:28 | 显示全部楼层
回复 88楼 kurakimai 的帖子

貌似是邮件上报处理速度快,请看此帖
http://bbs.kafan.cn/forum.php?mod=viewthread&tid=743004
回复

举报

CCKIS
发表于 2011-4-17 14:18:46 | 显示全部楼层
2011-04-17 14:14:10 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\sechost.dll C:\Windows\System32\sechost.dll
2011-04-17 14:14:10 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\sechost.dll C:\Windows\System32\sechost.dll
2011-04-17 14:14:10 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\pdh.dll C:\Windows\System32\pdh.dll
2011-04-17 14:14:10 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\imm32.dll C:\Windows\System32\imm32.dll
2011-04-17 14:14:10 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Program Files\Common Files\Kingsoft\kiscommon\security\ksde\kisdcom.dll C:\Program Files\Common Files\Kingsoft\kiscommon\security\ksde\kisdcom.dll
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\IPHLPAPI.DLL C:\Windows\System32\IPHLPAPI.DLL
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\winnsi.dll C:\Windows\System32\winnsi.dll
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\msimg32.dll C:\Windows\System32\msimg32.dll
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\version.dll C:\Windows\System32\version.dll
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建文件C:\KSafeBox\66EAB9A1\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011 C:\KSafeBox\66EAB9A1\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写文件C:\KSafeBox\66EAB9A1\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011 C:\KSafeBox\66EAB9A1\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\dhcpcsvc.dll C:\Windows\System32\dhcpcsvc.dll
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建文件C:\KSafeBox\66EAB9A1\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011 C:\KSafeBox\66EAB9A1\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写文件C:\KSafeBox\66EAB9A1\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011 C:\KSafeBox\66EAB9A1\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\profapi.dll C:\Windows\System32\profapi.dll
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建文件C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\ C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建文件C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写文件C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe删除文件C:\KSafeBox\66EAB9A1\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011 C:\KSafeBox\66EAB9A1\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\apphelp.dll C:\Windows\System32\apphelp.dll
2011-04-17 14:14:11 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\sechost.dll C:\Windows\System32\sechost.dll
2011-04-17 14:14:11 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\pdh.dll C:\Windows\System32\pdh.dll
2011-04-17 14:14:11 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\imm32.dll C:\Windows\System32\imm32.dll
2011-04-17 14:14:11 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建进程C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe
2011-04-17 14:14:11 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Program Files\Common Files\Kingsoft\kiscommon\security\ksde\kisdcom.dll C:\Program Files\Common Files\Kingsoft\kiscommon\security\ksde\kisdcom.dll
2011-04-17 14:14:12 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\sechost.dll C:\Windows\System32\sechost.dll
2011-04-17 14:14:12 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\pdh.dll C:\Windows\System32\pdh.dll
2011-04-17 14:14:12 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\secur32.dll C:\Windows\System32\secur32.dll
2011-04-17 14:14:12 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\sspicli.dll C:\Windows\System32\sspicli.dll
2011-04-17 14:14:12 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建注册表键值HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
2011-04-17 14:14:12 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\imm32.dll C:\Windows\System32\imm32.dll
2011-04-17 14:14:12 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建进程C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe
2011-04-17 14:14:12 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Program Files\Common Files\Kingsoft\kiscommon\security\ksde\kisdcom.dll C:\Program Files\Common Files\Kingsoft\kiscommon\security\ksde\kisdcom.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写文件C:\KSafeBox\66EAB9A1\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat C:\KSafeBox\66EAB9A1\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写文件C:\KSafeBox\66EAB9A1\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\index.dat C:\KSafeBox\66EAB9A1\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写文件C:\KSafeBox\66EAB9A1\Users\Administrator\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat C:\KSafeBox\66EAB9A1\Users\Administrator\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\dnsapi.dll C:\Windows\System32\dnsapi.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\PeerDist.dll C:\Windows\System32\PeerDist.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\userenv.dll C:\Windows\System32\userenv.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\authz.dll C:\Windows\System32\authz.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建注册表键值HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\rasapi32.dll C:\Windows\System32\rasapi32.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\rasman.dll C:\Windows\System32\rasman.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\rtutils.dll C:\Windows\System32\rtutils.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32 HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32 HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32 HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32 HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32 HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32 HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32 HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASAPI32
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建注册表键值HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建注册表键值HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建注册表键值HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\nlaapi.dll C:\Windows\System32\nlaapi.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BestAntivirus2011_RASMANCS
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建注册表键值HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\rasadhlp.dll C:\Windows\System32\rasadhlp.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\ntmarta.dll C:\Windows\System32\ntmarta.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写文件C:\KSafeBox\66EAB9A1\Users\Administrator\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat C:\KSafeBox\66EAB9A1\Users\Administrator\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe写注册表HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\mswsock.dll C:\Windows\System32\mswsock.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\wshqos.dll C:\Windows\System32\wshqos.dll
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\WSHTCPIP.DLL C:\Windows\System32\WSHTCPIP.DLL
2011-04-17 14:14:13 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe加载库文件C:\Windows\System32\wship6.dll C:\Windows\System32\wship6.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\IPHLPAPI.DLL C:\Windows\System32\IPHLPAPI.DLL
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\winnsi.dll C:\Windows\System32\winnsi.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\msimg32.dll C:\Windows\System32\msimg32.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\version.dll C:\Windows\System32\version.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写文件C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\dhcpcsvc.dll C:\Windows\System32\dhcpcsvc.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\profapi.dll C:\Windows\System32\profapi.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\secur32.dll C:\Windows\System32\secur32.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\sspicli.dll C:\Windows\System32\sspicli.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe创建注册表键值HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\dnsapi.dll C:\Windows\System32\dnsapi.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\PeerDist.dll C:\Windows\System32\PeerDist.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\userenv.dll C:\Windows\System32\userenv.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\authz.dll C:\Windows\System32\authz.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe创建注册表键值HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\rasapi32.dll C:\Windows\System32\rasapi32.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\rasman.dll C:\Windows\System32\rasman.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\rtutils.dll C:\Windows\System32\rtutils.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32 HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32 HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32 HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32 HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32 HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32 HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32 HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASAPI32
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe创建注册表键值HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe创建注册表键值HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe创建注册表键值HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\nlaapi.dll C:\Windows\System32\nlaapi.dll
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe创建注册表键值HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS
2011-04-17 14:14:13 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS HKEY_LOCAL_MACHINE\SOFTWARE\Kingsoft\KSBReg\66EAB9A1\HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bLf24500dOhKl24500_RASMANCS
2011-04-17 14:14:14 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe创建注册表键值HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness
2011-04-17 14:14:14 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\rasadhlp.dll C:\Windows\System32\rasadhlp.dll
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\ntmarta.dll C:\Windows\System32\ntmarta.dll
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写注册表HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap HKEY_USERS\S-1-5-21-36198984-1365156548-2941730569-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\mswsock.dll C:\Windows\System32\mswsock.dll
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\wshqos.dll C:\Windows\System32\wshqos.dll
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\WSHTCPIP.DLL C:\Windows\System32\WSHTCPIP.DLL
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\wship6.dll C:\Windows\System32\wship6.dll
2011-04-17 14:14:15 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建文件C:\KSafeBox\66EAB9A1\Users\Administrator\AppData\Local\Temp\a1C4.tmp C:\KSafeBox\66EAB9A1\Users\Administrator\AppData\Local\Temp\a1C4.tmp
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\IPHLPAPI.DLL C:\Windows\System32\IPHLPAPI.DLL
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\winnsi.dll C:\Windows\System32\winnsi.dll
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\msimg32.dll C:\Windows\System32\msimg32.dll
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\version.dll C:\Windows\System32\version.dll
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\dhcpcsvc.dll C:\Windows\System32\dhcpcsvc.dll
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写文件C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\profapi.dll C:\Windows\System32\profapi.dll
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe加载库文件C:\Windows\System32\apphelp.dll C:\Windows\System32\apphelp.dll
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe写虚拟内存C:\Windows\explorer.exe C:\Windows\explorer.exe
2011-04-17 14:14:15 C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe远程注入C:\Windows\explorer.exe C:\Windows\explorer.exe
2011-04-17 14:14:15 结束进程C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe
2011-04-17 14:14:16 结束进程C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe C:\KSafeBox\66EAB9A1\ProgramData\bLf24500dOhKl24500\bLf24500dOhKl24500.exe
2011-04-17 14:14:18 C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe创建文件C:\KSafeBox\66EAB9A1\Users\Administrator\AppData\Local\Temp\a1C4.tmp C:\KSafeBox\66EAB9A1\Users\Administrator\AppData\Local\Temp\a1C4.tmp
2011-04-17 14:14:18 结束进程C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe C:\Users\Administrator\Desktop\新建文件夹\BestAntivirus2011\BestAntivirus2011.exe
回复

举报

下一页 »
1 ...45678910111213... 38下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-6-3 01:24 , Processed in 0.093396 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表