瑞星卡卡安全论坛
woodhen - 2006-12-9 9:27:00
本人中了Trojan.VB.vtj,系统症状: 每次双击盘符出现一个新窗口 windows任务管理器出现了一个Excel的程序 鼠标右键点盘符出现"Auto"字样 无发显示隐藏文件 系统变慢,CPU经常100% 。经过多次使用最新版瑞星查杀后还是出现,请教高手们怎样才能根治这个病毒,先谢谢各位了。
woodhen - 2006-12-9 9:38:00
求大侠们出手相助了
高歌猛进 - 2006-12-9 9:44:00
贴日志上来
woodhen - 2006-12-9 10:31:00
请问日志具体是那些?我看见别人的日志很长很复杂,我不知道在哪里招这些日志,还望指教,很急,望高手相助,谢谢了
woodhen - 2006-12-9 10:42:00
进程名称 路径 数值名称 数值数据 操作日期 操作方式 操作结果
F:\安装文件\winamp5093_pro.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN WinampAgent C:\Program Files\Winamp\winampa.exe 2006-12-04 13:19 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\StormCodec6.04.08.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN StormCodec_Helper "C:\Program Files\Ringz Studio\Storm Codec\StormSe 2006-12-04 13:21 修改 同意修改
F:\安装文件\Media Player.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE wextract_cleanup0 rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNo 2006-12-04 13:21 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\IXP000.TMP\setup_wm.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE WMC_RebootCheck C:\WINDOWS\inf\unregmp2.exe /FixUps 2006-12-04 13:21 修改 同意修改
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Device Detector DevDetect.exe -autorun 2006-12-04 13:22 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\nsd11D.tmp\sxe124.tmp HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.google.com 2006-12-04 13:23 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\nsd11D.tmp\sxe124.tmp HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://www.google.com/ie 2006-12-04 13:23 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\nsd11D.tmp\sxe124.tmp HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-04 13:23 添加 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\nsd11D.tmp\sxe124.tmp HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL http://www.google.com/keyword/%s 2006-12-04 13:23 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\nsd11D.tmp\sxe124.tmp HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-04 13:23 添加 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\nsd11D.tmp\sxe124.tmp HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL provider gogl 2006-12-04 13:23 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\nsd11D.tmp\sxe124.tmp HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH SearchAssistant http://www.google.com/ie 2006-12-04 13:23 修改 同意修改
C:\WINDOWS\System32\msiexec.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE WinSideBySideSetupCleanup 812521 rundll32 sxs.dll,SxspRunDllDeleteDirectory C:\WIND 2006-12-04 13:25 修改 同意修改
C:\WINDOWS\System32\msiexec.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE WinSideBySideSetupCleanup 818212 rundll32 sxs.dll,SxspRunDllDeleteDirectory C:\WIND 2006-12-04 13:26 修改 同意修改
C:\WINDOWS\System32\msiexec.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE WinSideBySideSetupCleanup 818714 rundll32 sxs.dll,SxspRunDllDeleteDirectory C:\WIND 2006-12-04 13:26 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\TEMP\KUGOU_~1.EXE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/sr 2006-12-04 13:26 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\TEMP\KUGOU_~1.EXE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN CnsMin Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll 2006-12-04 13:27 修改 同意修改
C:\WINDOWS\system32\rundll32.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN CTFMON.EXE C:\WINDOWS\system32\CTFMON.EXE 2006-12-04 13:29 修改 同意修改
C:\Program Files\Winamp\winampa.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN WinampAgent 2006-12-04 13:32 删除 同意修改
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Device Detector 2006-12-04 13:41 删除 同意修改
woodhen - 2006-12-9 10:44:00
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH CustomizeSearch http://seek.3721.com/srchcust.htm 2006-12-04 13:46 修改 同意修改
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH SearchAssistant http://seek.3721.com/srchasst.htm 2006-12-04 13:46 修改 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-04 13:46 修改 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-04 13:46 修改 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-04 13:46 添加 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL provider 粐茨��?�� 2006-12-04 13:46 修改 同意修改
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN helper.dll C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\ 2006-12-04 13:46 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\Rar$EX00.469\daemon408-x86.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE default 2006-12-04 13:58 添加 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-04 14:00 添加 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL ???�? 2006-12-04 14:00 修改 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-04 14:00 添加 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\Rar$EX00.469\daemon408-x86.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN DAEMON Tools "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1 2006-12-04 14:00 修改 同意修改
C:\Program Files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN DaemonTools_WhenUSave_Installer C:\Program Files\DaemonTools_WhenUSave_Installer\D 2006-12-04 14:00 修改 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-04 14:16 添加 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-04 14:16 添加 同意修改
C:\Documents and Settings\woodhen\Local Settings\Temporary Internet Files\Content.IE5\MHSR6LU1\vagaa_net_setup[1].exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE wextract_cleanup0 rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNo 2006-12-05 00:09 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\is-VULRC.tmp\is-2NNNQ.tmp HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Vagaa "d:\Vagaa\Vagaa_2.6.4.1.exe" -tray 2006-12-05 00:10 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\F0\setup.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH SearchAssistant http://client.jogo.cn/cdn/browser/sidesearch/sides 2006-12-05 00:11 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\F0\setup.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH CustomizeSearch http://client.jogo.cn/cdn/browser/customsearch/cus 2006-12-05 00:11 修改 同意修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\F0\setup.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN CdnCtr C:\Program Files\CNNIC\Cdn\cdnup.exe 2006-12-05 00:11 修改 同意修改
C:\WINDOWS\system32\rundll32.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH CustomizeSearch_sb http://client.jogo.cn/cdn/browser/customsearch/cus 2006-12-05 01:35 修改 同意修改
C:\WINDOWS\system32\rundll32.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH CustomizeSearch http://bar.baidu.com/sobar/defaultsearch.html 2006-12-05 01:35 修改 同意修改
C:\WINDOWS\system32\rundll32.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH SearchAssistant_sb http://client.jogo.cn/cdn/browser/sidesearch/sides 2006-12-05 01:35 修改 同意修改
C:\WINDOWS\system32\rundll32.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH SearchAssistant http://bar.baidu.com/sobar/defaultsearch.html 2006-12-05 01:35 修改 同意修改
woodhen - 2006-12-9 10:44:00
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 01:38 添加 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 01:38 添加 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 01:52 添加 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 02:15 添加 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-05 02:26 修改 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-05 02:26 修改 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 02:26 添加 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-05 07:42 修改 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-05 07:42 修改 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 07:42 添加 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL provider 2006-12-05 07:42 修改 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-05 07:53 修改 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-05 07:53 修改 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 07:53 添加 同意修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL provider 2006-12-05 07:53 修改 同意修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 07:53 添加 同意修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL provider gogl 2006-12-05 07:53 修改 同意修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://www.google.com/ie 2006-12-05 07:53 修改 同意修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.google.com 2006-12-05 07:53 修改 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 07:53 添加 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 07:53 添加 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.google.com 2006-12-05 07:53 修改 拒绝修改
C:\WINDOWS\SoftwareDistribution\Download\Install\WindowsXP-KB923789-x86-CHS.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE wextract_cleanup0 rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNo 2006-12-05 14:42 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-05 18:18 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 18:18 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 18:18 添加 拒绝修改
woodhen - 2006-12-9 10:45:00
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-05 21:31 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 21:31 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-05 21:31 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-06 12:06 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:06 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:06 添加 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:51 添加 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:51 添加 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://www.google.com/ie 2006-12-06 12:51 修改 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.google.com 2006-12-06 12:51 修改 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:51 添加 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:51 添加 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:51 添加 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:51 添加 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://www.google.com/ie 2006-12-06 12:51 修改 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.google.com 2006-12-06 12:51 修改 拒绝修改
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:51 添加 拒绝修改
woodhen - 2006-12-9 10:46:00
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:58 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:58 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:58 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 12:58 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 16:34 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 16:34 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 16:34 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 16:34 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 16:35 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 16:35 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 16:35 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 16:35 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 17:09 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 17:09 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 17:09 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 17:09 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 18:58 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 18:58 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 18:58 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 18:58 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 22:35 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 22:35 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 22:35 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-06 22:35 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 12:04 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 12:04 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 12:04 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 12:04 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 17:07 添加 拒绝修改
woodhen - 2006-12-9 10:47:00
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 17:07 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 17:07 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 17:07 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 17:27 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 17:27 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 17:27 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 17:27 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 20:51 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 20:51 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 20:51 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-07 20:51 添加 拒绝修改
C:\DOCUME~1\woodhen\LOCALS~1\Temp\smss.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN mhs2 C:\DOCUME~1\woodhen\LOCALS~1\Temp\smss.exe 2006-12-08 07:52 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-08 12:58 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-08 12:58 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 12:58 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 12:58 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-08 17:21 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-08 17:21 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 17:21 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 17:21 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-08 21:49 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-08 21:49 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 21:49 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 21:49 添加 拒绝修改
I:\tel.xls.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN ASocksrv SocksA.exe 2006-12-08 22:02 修改 拒绝修改
I:\tel.xls.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN BSserver FileKan.exe 2006-12-08 22:02 修改 拒绝修改
woodhen - 2006-12-9 10:47:00
C:\WINDOWS\system32\algsrv.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN ASocksrv SocksA.exe 2006-12-08 22:02 修改 拒绝修改
C:\WINDOWS\system32\algsrv.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN BSserver FileKan.exe 2006-12-08 22:02 修改 拒绝修改
I:\tel.xls.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN ASocksrv SocksA.exe 2006-12-08 22:07 修改 拒绝修改
C:\Program Files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN DaemonTools_WhenUSave_Installer 2006-12-08 22:10 删除 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-08 22:17 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-08 22:17 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 22:17 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 22:17 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-08 22:24 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-08 22:24 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 22:24 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 22:24 添加 拒绝修改
D:\tel.xls.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN ASocksrv SocksA.exe 2006-12-08 22:27 修改 拒绝修改
D:\tel.xls.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN BSserver FileKan.exe 2006-12-08 22:27 修改 拒绝修改
D:\tel.xls.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN ASocksrv SocksA.exe 2006-12-08 22:27 修改 拒绝修改
D:\tel.xls.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN BSserver FileKan.exe 2006-12-08 22:27 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-08 22:35 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-08 22:35 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 22:35 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 22:35 添加 拒绝修改
D:\tel.xls.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN ASocksrv SocksA.exe 2006-12-08 22:36 修改 拒绝修改
C:\tel.xls.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN ASocksrv SocksA.exe 2006-12-08 22:36 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-08 22:38 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-08 22:38 修改 拒绝修改
woodhen - 2006-12-9 10:48:00
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 22:38 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-08 22:38 添加 拒绝修改
C:\WINDOWS\system32\EXPLORER.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN wsctf.exe wsctf.exe 2006-12-09 00:38 修改 拒绝修改
C:\WINDOWS\system32\EXPLORER.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN EXPLORER.EXE EXPLORER.EXE 2006-12-09 00:38 修改 拒绝修改
C:\WINDOWS\system32\EXPLORER.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN wsctf.exe wsctf.exe 2006-12-09 00:38 修改 拒绝修改
C:\WINDOWS\system32\EXPLORER.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN EXPLORER.EXE EXPLORER.EXE 2006-12-09 00:38 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-09 01:12 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-09 01:12 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-09 01:12 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-09 01:12 添加 拒绝修改
E:\tel.xls.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN ASocksrv SocksA.exe 2006-12-09 01:22 修改 拒绝修改
E:\tel.xls.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN BSserver FileKan.exe 2006-12-09 01:22 修改 拒绝修改
C:\WINDOWS\System32\nvsvc32.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN NvCplDaemon RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStart 2006-12-09 01:50 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-09 01:50 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-09 01:50 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-09 01:50 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-09 01:50 添加 拒绝修改
C:\WINDOWS\System32\nvsvc32.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN NvCplDaemon RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStart 2006-12-09 08:52 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-09 08:52 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-09 08:52 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-09 08:52 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-09 08:52 添加 拒绝修改
woodhen - 2006-12-9 10:48:00
F:\tel.xls.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN ASocksrv SocksA.exe 2006-12-09 08:57 修改 同意修改
F:\tel.xls.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN BSserver FileKan.exe 2006-12-09 08:57 修改 同意修改
C:\WINDOWS\System32\nvsvc32.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN NvCplDaemon RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStart 2006-12-09 08:58 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Page http://www.yahoo.com.cn 2006-12-09 08:58 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Search Bar http://seek.3721.com/srchasst.htm 2006-12-09 08:58 修改 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-09 08:58 添加 拒绝修改
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL default 2006-12-09 08:58 添加 拒绝修改
C:\WINDOWS\System32\nvsvc32.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN NvCplDaemon RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStart 2006-12-09 10:07 修改 拒绝修改
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Device Detector DevDetect.exe -autorun 2006-12-09 10:14 修改 同意修改
woodhen - 2006-12-9 10:48:00
不知道是不是这些
1
© 2000 - 2026 Rising Corp. Ltd.