载入中…

 | 网站首页 | 文章中心 | 下载中心 | 图片中心 | 反木马论坛 |日志分析|样本上传|求助| | 

您现在的位置: 反木马在线 >> 文章中心 >> 木马查杀 >> 文章正文
分析日志[AV终结者和Delf.epw]
作者:佚名    文章来源:本站原创    点击数:    更新时间:2008-3-17
\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 1360 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1460 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.125] [PID: 1608 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16608 (vista_gdr.071204-1500)] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.125] [PID: 1644 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [Intel Corporation, 9, 0, 2, 11] [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 2, 11] [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 2, 11] [PID: 1752 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [Intel Corporation , 9, 0, 2, 11] [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 2, 11] [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 2, 11] [PID: 1840 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 2040 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16608 (vista_gdr.071204-1500)] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 416 / yuyu][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16608 (vista_gdr.071204-1500)] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16608 (vista_gdr.071204-1500)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [D:\xunlei\Components\ResWorker\DsBho_00.dll] [, 1, 0, 0, 17] [D:\xunlei\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\PROGRA~1\Sony\IMAGEC~1\CtxMenu.dll] [ , 1, 4, 0, 07130] [C:\WINDOWS\system32\igfxpph.dll] [Intel Corporation, 3.0.0.4363] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4363] [C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4363] [C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 3.0.0.4363] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4363] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\ShellEx.dll] [Kaspersky Lab, 7.0.0.125] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.42] [PID: 656 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.125] [PID: 1668 / yuyu][C:\Program Files\Apoint\Apoint.exe] [Alps Electric Co., Ltd., 5.5.7.139] [C:\WINDOWS\system32\VXDIF.DLL] [Alps Electric Co., Ltd., 6.0.3.4] [C:\Program Files\Apoint\ApWheel.dll] [ALPS ELECTRIC CO., LTD., 4.2.0.9] [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16608 (vista_gdr.071204-1500)] [C:\Program Files\Apoint\Apoint.DLL] [Alps Electric Co., Ltd., 5.5.6.187] [C:\Program Files\Apoint\ApRes.dll] [Alps Electric Co., Ltd., 5.5.6.18] [C:\Program Files\Apoint\EzAuto.dll] [Alps Electric Co., Ltd., 5.5.1.85] [C:\Program Files\Apoint\EzLaunch.DLL] [Alps Electric Co., Ltd., 5.5.1.66] [PID: 1768 / yuyu][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.4363] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4363]

上一页  [1] [2] [3] [4] [5] [6] [7] [8] [9] 下一页

发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口
 
  • 上一篇文章:

  • 下一篇文章:
    • 相关新闻
    AV终结者查杀
    一个类似AV终结者的新病毒的分析
    论坛新帖
    新 闻 TOP 10
  • 没有热点文章
    		•
    点击申请点击申请点击申请点击申请点击申请点击申请点击申请
    点击申请点击申请点击申请点击申请点击申请点击申请点击申请点击申请
    文字链接: 热门下说网
    Copyright © 2008 FanMuMa.com All Rights Reserved
    客服邮箱:fanmuma#126.com(将#换为@) 站长:Fisco 联系电话:15802671439 联系QQ:337803 
    捍卫属于个人的一切--