12   2  /  2  页   跳转

[练习] 7月8日 日志分析 练习9

收藏
本主题由 大版主 lqqk7 于 2009-7-8 16:13:14 执行 设置高亮 操作
merrk_chuan
头像
飘泊而立狮
  • 帖子:845
  • 注册: 2009-06-07
  • 来自:
发表于: 2009-07-10 12:02 | 短消息 资料
字号: 11楼

回复:7月8日 日志分析 练习9

这个日志没发现问题啊
gototop
 
基牛
头像
强壮不惑狮
  • 帖子:841
  • 注册: 2009-06-19
  • 来自:
发表于: 2009-07-10 13:15 | 短消息 资料
字号: 12楼

回复:7月8日 日志分析 练习9

总感觉他的这个富士驱动 很可疑。  要是我的话 必删!
gototop
 
基牛
头像
强壮不惑狮
  • 帖子:841
  • 注册: 2009-06-19
  • 来自:
发表于: 2009-07-10 13:15 | 短消息 资料
字号: 13楼

回复:7月8日 日志分析 练习9

??? 我的个性签名不见了
gototop
 
学飞的龙
头像
飘泊而立狮
  • 帖子:541
  • 注册: 2009-06-25
  • 来自:杭州
发表于: 2009-07-10 15:16 | 短消息 资料
字号: 14楼

回复: 7月8日 日志分析 练习9



引用:
原帖由 phoenixeagle 于 2009-7-8 23:22:00 发表
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserC......



这个没问题,老师说过,这几个都是正常信息,看到后无需判断
1.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
2.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
3.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
4.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
5.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
6.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
7.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
8.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
9.<PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [N/A]
10.<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [N/A]
11.<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
没有生而知之,只有学而知之!
gototop
 
Dongi_Wu
头像
拙长孩提狮
  • 帖子:117
  • 注册: 2009-06-11
  • 来自:四川成都
发表于: 2009-07-10 15:45 | 短消息 资料
字号: 15楼

回复:7月8日 日志分析 练习9

看着头疼, 有没有什么标准或者参考答案之类的标准呢 ?
  研究半天,结果自己都还搞不明白到底哪错那对?
gototop
 
零度的穷浪漫
头像
自信弱冠狮
  • 帖子:499
  • 注册: 2009-06-25
  • 来自:
09欢乐圣诞
发表于: 2009-07-29 04:05 | 短消息 资料
字号: 16楼

回复:7月8日 日志分析 练习9

1.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]为什么每篇日志里这项总是丢失啊?
2.垃圾问题不想再重复了,还有进程被很多.dll加载
这个FujiFilm是什么东东啊?
3.进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 520, D:\FUJIFILM\FRONTIER\BIN\EZMAIN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 884, D:\FUJIFILM\DNACOMMON\BIN\EZTMR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 280, D:\FUJIFILM\DNACOMMON\BIN\DNAACNETSVR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1120, D:\FUJIFILM\DNACOMMON\BIN\DNADEVINFOMGR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 964, D:\FUJIFILM\DNACOMMON\BIN\EZERR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1800, D:\FUJIFILM\DNACOMMON\BIN\DNAJOBQUEMGR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 236, D:\FUJIFILM\DNACOMMON\BIN\EZERRWND.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 572, D:\FUJIFILM\DNAAPPS\Q0\BIN\WFINIT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 592, D:\FUJIFILM\DNAAPPS\Q0\BIN\WFMONITOR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1644, D:\FUJIFILM\DNAAPPS\Q0\BIN\WFA.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1680, D:\FUJIFILM\FRONTIER\BIN\EZOPE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1640, D:\FUJIFILM\STGLAYER\PROGRAMS\FDMSTGMGR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1824, D:\FUJIFILM\FRONTIER\BIN\SHINOPEGUI.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1668, D:\FUJIFILM\FRONTIER\BIN\SHOPSETTINGBAR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1736, D:\FUJIFILM\STGLAYER\MODULES\DSCFS.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 784, D:\FUJIFILM\STGLAYER\MODULES\DSCFS_FDIACONV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1208, D:\FUJIFILM\STGLAYER\MODULES\MULTISPOOL.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 796, D:\FUJIFILM\STGLAYER\MODULES\NETSPOOLFS.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1584, D:\FUJIFILM\STGLAYER\MODULES\NETSPOOLFS_P0P1.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1600, D:\FUJIFILM\STGLAYER\MODULES\PDDSCFS.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1732, D:\FUJIFILM\STGLAYER\MODULES\PDDSCFS_FDIACONV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 664, D:\FUJIFILM\STGLAYER\MODULES\PDR8BUFR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1676, D:\FUJIFILM\STGLAYER\MODULES\PDR8MEMS.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1188, D:\FUJIFILM\STGLAYER\MODULES\PDR8NETSPOOLFR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1036, D:\FUJIFILM\STGLAYER\MODULES\SRGBFILE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2076, D:\FUJIFILM\STGLAYER\MODULES\SRGBFILE_LEGACY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2108, D:\FUJIFILM\STGLAYER\MODULES\SRGBJPEGNETSPOOLFR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2140, D:\FUJIFILM\STGLAYER\MODULES\SRGBR8NETSPOOLFR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2172, D:\FUJIFILM\FRONTIER\BIN\IEFSWEEPER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2184, D:\FUJIFILM\FRONTIER\BIN\EZSEQ.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2208, D:\FUJIFILM\FRONTIER\BIN\EZSEQCMD.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2220, D:\FUJIFILM\FRONTIER\BIN\EZSEQJGN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2232, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2244, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2292, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2304, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2316, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2328, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2340, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2400, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2880, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2900, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2920, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3072, D:\FUJIFILM\FRONTIER\BIN\EZPRINT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3084, D:\FUJIFILM\DNAAPPS\P6\AC_IMGCONV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3096, D:\FUJIFILM\DNAAPPS\P6\AC_CDROUT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3108, D:\FUJIFILM\FRONTIER\BIN\TERMAC.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3192, D:\FUJIFILM\FRONTIER\BIN\EXECLSEQOBJ.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2444, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3932, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3968, D:\FUJIFILM\STGLAYER\PROGRAMS\SOFTENGINEPROC.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3592, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3652, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3060, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2288, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]这么多都不认识
gototop
 
still刀刀
头像
自信弱冠狮
  • 帖子:478
  • 注册: 2009-07-02
  • 来自:一些狗一些事
发表于: 2009-07-30 01:58 | 短消息 资料
字号: 17楼

回复:7月8日 日志分析 练习9

驱动程序
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
==================================
没有公司签名
浏览器加载项

[Yahoo! Companion BHO]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} <, >
没有公司签名
==================================
正在运行的进程



    [C:\WINDOWS\system32\eswia7a.dll]  [SEIKO EPSON CORP., 1.73]

    [D:\FujiFilm\Frontier\Dll\ShOpKeyHook.dll]  [, 1, 0, 0, 1]
    [D:\Fujifilm\PC-COM1\dll\Common.dll]  [N/A, ]
    [D:\Fujifilm\DNACommon\bin\LogMan.dll]  [N/A, ]
    [D:\Fujifilm\DNACommon\bin\TShotComm.dll]  [N/A, ]
    [D:\FujiFilm\Frontier\Dll\ShOpKeyEvent.dll]  [, 1, 0, 0, 1]
    [D:\FujiFilm\Frontier\Dll\MngKey.dll]  [N/A, ]
    [D:\Fujifilm\DNACommon\bin\CMemMan.dll]  [N/A, ]
    [D:\Fujifilm\DNACommon\bin\DNACommonLib.dll]  [N/A, ]
    [D:\Fujifilm\DNACommon\bin\LogRec.dll]  [N/A, ]
    [D:\Fujifilm\PC-COM1\dll\FileDirAcc.dll]  [N/A, ]
    [D:\FujiFilm\StgLayer\Programs\StgIpc.dll]  [N/A, ]
    [D:\FujiFilm\StgLayer\Programs\FileUrl.dll]  [N/A, ]
    [D:\FujiFilm\StgLayer\Programs\ImgUrl.dll]  [N/A, ]
    [D:\FujiFilm\StgLayer\Programs\StgErr.dll]  [N/A, ]
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 520, D:\FUJIFILM\FRONTIER\BIN\EZMAIN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 884, D:\FUJIFILM\DNACOMMON\BIN\EZTMR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 280, D:\FUJIFILM\DNACOMMON\BIN\DNAACNETSVR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1120, D:\FUJIFILM\DNACOMMON\BIN\DNADEVINFOMGR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 964, D:\FUJIFILM\DNACOMMON\BIN\EZERR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1800, D:\FUJIFILM\DNACOMMON\BIN\DNAJOBQUEMGR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 236, D:\FUJIFILM\DNACOMMON\BIN\EZERRWND.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 572, D:\FUJIFILM\DNAAPPS\Q0\BIN\WFINIT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 592, D:\FUJIFILM\DNAAPPS\Q0\BIN\WFMONITOR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1644, D:\FUJIFILM\DNAAPPS\Q0\BIN\WFA.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1680, D:\FUJIFILM\FRONTIER\BIN\EZOPE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1640, D:\FUJIFILM\STGLAYER\PROGRAMS\FDMSTGMGR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1824, D:\FUJIFILM\FRONTIER\BIN\SHINOPEGUI.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1668, D:\FUJIFILM\FRONTIER\BIN\SHOPSETTINGBAR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1736, D:\FUJIFILM\STGLAYER\MODULES\DSCFS.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 784, D:\FUJIFILM\STGLAYER\MODULES\DSCFS_FDIACONV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1208, D:\FUJIFILM\STGLAYER\MODULES\MULTISPOOL.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 796, D:\FUJIFILM\STGLAYER\MODULES\NETSPOOLFS.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1584, D:\FUJIFILM\STGLAYER\MODULES\NETSPOOLFS_P0P1.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1600, D:\FUJIFILM\STGLAYER\MODULES\PDDSCFS.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1732, D:\FUJIFILM\STGLAYER\MODULES\PDDSCFS_FDIACONV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 664, D:\FUJIFILM\STGLAYER\MODULES\PDR8BUFR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1676, D:\FUJIFILM\STGLAYER\MODULES\PDR8MEMS.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1188, D:\FUJIFILM\STGLAYER\MODULES\PDR8NETSPOOLFR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1036, D:\FUJIFILM\STGLAYER\MODULES\SRGBFILE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2076, D:\FUJIFILM\STGLAYER\MODULES\SRGBFILE_LEGACY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2108, D:\FUJIFILM\STGLAYER\MODULES\SRGBJPEGNETSPOOLFR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2140, D:\FUJIFILM\STGLAYER\MODULES\SRGBR8NETSPOOLFR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2172, D:\FUJIFILM\FRONTIER\BIN\IEFSWEEPER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2184, D:\FUJIFILM\FRONTIER\BIN\EZSEQ.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2208, D:\FUJIFILM\FRONTIER\BIN\EZSEQCMD.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2220, D:\FUJIFILM\FRONTIER\BIN\EZSEQJGN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2232, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2244, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2292, D:\FUJIFILM\FRONTIER\BIN\EZSEQJPR.EXE]
没有问题?感觉疑惑
gototop
 
乐陶猪
头像
拙长孩提狮
  • 帖子:127
  • 注册: 2009-07-02
  • 来自:
发表于: 2009-08-04 22:37 | 短消息 资料
字号: 18楼

回复:7月8日 日志分析 练习9

==================================
驱动程序
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>

PID: 684 / FRONTIER][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\FujiFilm\Frontier\Dll\ShOpKeyHook.dll]  [, 1, 0, 0, 1]
    [D:\Fujifilm\PC-COM1\dll\Common.dll]  [N/A, ]
    [D:\Fujifilm\DNACommon\bin\LogMan.dll]  [N/A, ]
    [D:\Fujifilm\DNACommon\bin\TShotComm.dll]  [N/A, ]
    [D:\FujiFilm\Frontier\Dll\ShOpKeyEvent.dll]  [, 1, 0, 0, 1]
    [D:\FujiFilm\Frontier\Dll\MngKey.dll]  [N/A, ]
    [D:\Fujifilm\DNACommon\bin\CMemMan.dll]  [N/A, ]
    [D:\Fujifilm\DNACommon\bin\DNACommonLib.dll]  [N/A, ]
    [D:\Fujifilm\DNACommon\bin\LogRec.dll]  [N/A, ]
    [D:\Fujifilm\DNACommon\bin\VMMAP.dll]  [N/A, ]
    [D:\FujiFilm\Frontier\Dll\ComData.dll]  [N/A, ]
    [C:\WINDOWS\system32\icm32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]

==================================
进程特权扫描也有问题!!

莫非这就是因为系统漏洞而引起的毒霸?
gototop
 
乐陶猪
头像
拙长孩提狮
  • 帖子:127
  • 注册: 2009-07-02
  • 来自:
发表于: 2009-08-04 22:39 | 短消息 资料
字号: 19楼

回复:7月8日 日志分析 练习9

看完参考答案,正能用一个字形容,晕 …………
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT