载入中…

 | 网站首页 | 文章中心 | 下载中心 | 图片中心 | 反木马论坛 |日志分析|样本上传|求助| | 

您现在的位置: 反木马在线 >> 文章中心 >> 木马查杀 >> 文章正文
分析日志[AV终结者和Delf.epw]
作者:佚名    文章来源:本站原创    点击数:    更新时间:2008-3-17
ponents\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation] [HKEY_CURRENT_USER\Control Panel\Desktop] <SCRNSAVE.EXE><C:\WINDOWS\System32\cameravj.scr> [Sony Corporation] ================================== 启动文件夹 [腾讯QQ] <C:\Documents and Settings\yuyu\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\QQ\QQ.exe [TENCENT]><N> ================================== 服务 [Application Management / AppMgmt][Stopped/Manual Start] <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A> [ASP.NET State Service / aspnet_state][Stopped/Manual Start] <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation> [卡巴斯基反病毒软件 7.0 / AVP][Running/Auto Start] <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r><Kaspersky Lab> [EvtEng / EvtEng][Running/Auto Start] <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation> [Human Interface Device Access / HidServ][Stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [Image Converter video recording monitor for VAIO Entertainment / Image Converter video recording monitor for VAIO Entertainment][Stopped/Manual Start] <C:\Program Files\Sony\Image Converter 2\IcVzMon.exe><Sony Corporation> [MSCSPTISRV / MSCSPTISRV][Stopped/Manual Start] <C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe><Sony Corporation> [PACSPTISVR / PACSPTISVR][Stopped/Manual Start] <C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe><Sony Corporation> [RegSrvc / RegSrvc][Running/Auto Start] <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation> [Spectrum24 Event Monitor / S24EventMonitor][Running/Auto Start] <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation> [Sony SPTI Service / SPTISRV][Stopped/Manual Start] <C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe><Sony Corporation> [SonicStage SCSI Service / SSScsiSV][Stopped/Manual Start] <C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe><Sony Corporation> [Symantec Core LC / Symantec Core LC][Stopped/Manual Start] <"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"><Symantec Corporation> [VAIO Entertainment Aggregation and Control Service / VAIO Entertainment Aggregation and Control Service][Running/Manual Start] <"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe"><Sony Corporation> [VAIO Entertainment Task Scheduler / VAIO Entertainment Task Scheduler][Stopped/Manual Start] <"C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe"><Sony Corporation> [VAIO Entertainment TV Device Arbitration Service / VAIO Entertainment TV Device Arbitration Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe"><Sony Corporation> [VAIO Event Service / VAIO Event Service][Running/Auto Start] <C:\Program Files\Sony\VAIO Event Service\VESMgr.exe><Sony Corporation> [VAIO Media Integrated Server / VAIOMediaPlatform-IntegratedServer-AppServer][Stopped/Manual Start] <C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe><Sony Corporation> [VAIO Media Integrated Server (HTTP) / VAIOMediaPlatform-IntegratedServer-HTTP][Stopped/Manual Start] <"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP"><Sony Corporation> [VAIO Media Integrated Server (UPnP) / VAIOMediaPlatform-IntegratedServer-UPnP][Stopped/Manual Start] <C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe><Sony Corporation> [VAIO Media Gateway Server / VAIOMediaPlatform-Mobile-Gateway][Stopped/Manual Start] <"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegE

上一页  [1] [2] [3] [4] [5] [6] [7] [8] [9] 下一页

发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口
 
  • 上一篇文章:

  • 下一篇文章:
    • 相关新闻
    AV终结者查杀
    一个类似AV终结者的新病毒的分析
    论坛新帖
    新 闻 TOP 10
  • 没有热点文章
    		•
    点击申请点击申请点击申请点击申请点击申请点击申请点击申请
    点击申请点击申请点击申请点击申请点击申请点击申请点击申请点击申请
    文字链接: 热门下说网
    Copyright © 2008 FanMuMa.com All Rights Reserved
    客服邮箱:fanmuma#126.com(将#换为@) 站长:Fisco 联系电话:15802671439 联系QQ:337803 
    捍卫属于个人的一切--