123   3  /  3  页   跳转

[求助] adware.win32/rugo怎么杀?急!!!

收藏
本主题由 版主 天月来了 于 2009-7-28 14:32:12 执行 合并主题 操作
daemonz
头像
飘泊而立狮
  • 帖子:563
  • 注册: 2009-05-15
  • 来自:
发表于: 2009-07-28 15:30 | 短消息 资料
字号: 21楼

回复: adware.win32/rugo怎么杀?急!!!

呃,没用过vista
试试把这两个文件删除(做好备份):
c:\windows\system32\b5a3.dll
c:\windows\downlo~1\885b.dll
gototop
 
浪漫纸箱
头像
锋芒艾服狮
  • 帖子:2140
  • 注册: 2008-07-05
  • 来自:
论坛8周年活动礼物祖国六十华诞09欢乐圣诞10温馨圣诞十周年
发表于: 2009-07-28 15:58 | 短消息 资料
字号: 22楼

回复:adware.win32/rugo怎么杀?急!!!

三个文件比较可疑:
C:\Windows\system32\ctc6.exe
c:\windows\system32\b5a3.dll
c:\windows\downlo~1\885b.dll
楼主将文件放到我签名处的第一个网站上看看。报回有几款软件报毒。
纸箱签名处:
如何截图及以附件形式上传至论坛
gototop
 
笑看山河
头像
初生襁褓狮
  • 帖子:37
  • 注册: 2009-07-27
  • 来自:
发表于: 2009-07-29 13:21 | 只看楼主 短消息 资料
字号: 23楼

回复: adware.win32/rugo怎么杀?急!!!

C:\Windows\system32\ctc6.exe分析结果:
反病毒引擎版本最后更新扫描结果
a-squared4.5.0.242009.07.28Trojan.Win32.Jhee!IK
AhnLab-V35.0.0.22009.07.28-
AntiVir7.9.0.2282009.07.28-
Antiy-AVL2.0.3.72009.07.28-
Authentium5.1.2.42009.07.27-
Avast4.8.1335.02009.07.27Win32:BHO-WD
AVG8.5.0.3872009.07.27-
BitDefender7.22009.07.28Trojan.Crypt.HY
CAT-QuickHeal10.002009.07.28-
ClamAV0.94.12009.07.28-
Comodo17912009.07.28-
DrWeb5.0.0.121822009.07.28Trojan.DownLoader.origin
eSafe7.0.17.02009.07.27-
eTrust-Vet31.6.66422009.07.27Win32/Gnuro!generic
F-Prot4.4.4.562009.07.27-
F-Secure8.0.14470.02009.07.28-
Fortinet3.120.0.02009.07.28-
GData192009.07.28Trojan.Crypt.HY
IkarusT3.1.1.64.02009.07.28Trojan.Win32.Jhee
Jiangmin11.0.8002009.07.28Adware/MsLock.jy
K7AntiVirus7.10.8032009.07.27-
Kaspersky7.0.0.1252009.07.28Trojan.Win32.BHO.xsg
McAfee56902009.07.27-
McAfee+Artemis56902009.07.27Artemis!F39923544744
McAfee-GW-Edition6.8.52009.07.28Heuristic.BehavesLike.Win32.Downloader.H
Microsoft1.49032009.07.28Trojan:Win32/Jhee.V
NOD3242832009.07.28a variant of Win32/Adware.BHO.GBP
Norman6.01.092009.07.27-
nProtect2009.1.8.02009.07.27-
Panda10.0.0.142009.07.27Generic Trojan
PCTools4.4.2.02009.07.27-
Prevx3.02009.07.28-
Rising21.40.11.002009.07.28-
Sophos4.44.02009.07.28-
Sunbelt3.2.1858.22009.07.28-
Symantec1.4.4.122009.07.28-
TheHacker6.3.4.3.3752009.07.28-
TrendMicro8.950.0.10942009.07.28-
VBA323.12.10.92009.07.28-
ViRobot2009.7.28.18562009.07.28-
VirusBuster4.6.5.02009.07.27-
附加信息
File size: 122880 bytes
MD5  : f399235447443b579ee8dd9494168430
SHA1  : 737c6456a7ba7518930521af5cce8ffb85e7a2ce
SHA256: 97ec680a159f7a8e9a66ec0fd2ddabd04ee89c38b4cd8e603647bd495d2d0124
PEInfo: PE Structure information
       
        ( base data )
        entrypointaddress.: 0xE1AE
        timedatestamp.....: 0x4A6D0545 (Mon Jul 27 03:39:17 2009)
        machinetype.......: 0x14C (Intel I386)
       
        ( 4 sections )
        name viradd virsiz rawdsiz ntrpy md5
        .text 0x1000 0x160A5 0x17000 6.50 6c80037a7c7ec52a6e5a0b93cbbbbf23
.rdata 0x18000 0x2BC2 0x3000 4.46 059c42e52e893d7896c5a1ed60c29287
.data 0x1B000 0x41E8 0x2000 3.60 d590fa267fa92ed6d06644667261a67c
.rsrc 0x20000 0x3F8 0x1000 1.09 8d24a71953224e1fc7ff56f3f47629b0
       
        ( 6 imports )
       
>advapi32.dll: RegisterServiceCtrlHandlerA, RegQueryValueExA,SetServiceStatus, StartServiceCtrlDispatcherA, ControlService,DeleteService, StartServiceA, QueryServiceStatus, CreateServiceA,ChangeServiceConfig2A, RegCreateKeyA, RegSetValueExA, OpenSCManagerA,OpenServiceA, CloseServiceHandle, DeregisterEventSource, RegSetValueA,GetUserNameA, CreateProcessAsUserA, OpenProcessToken,RegNotifyChangeKeyValue, RegOpenKeyA, RegEnumValueA, RegOpenKeyExA,RegCloseKey, RegQueryInfoKeyA
> kernel32.dll: GetTempFileNameA,GetTempPathA, ReadFile, CreateFileA, DeviceIoControl, GetModuleHandleA,Sleep, GetLocalTime, lstrlenA, MultiByteToWideChar,WideCharToMultiByte, LocalFree, SetEndOfFile, SetStdHandle,IsBadCodePtr, GetLastError, GetModuleFileNameA, GetProcessHeap,CreateDirectoryA, GetSystemDirectoryA, GetShortPathNameA,GetLogicalDrives, GetVolumeInformationA, OpenMutexA,CreateToolhelp32Snapshot, Process32First, Process32Next, OpenProcess,GetFileAttributesA, DeleteFileA, CreateProcessA, WaitForSingleObject,CloseHandle, SetFileAttributesA, CopyFileA, SetPriorityClass,LoadLibraryA, GetProcAddress, GetVersionExA, FreeLibrary,GetWindowsDirectoryA, IsBadReadPtr, GetStringTypeW, GetStringTypeA,FlushFileBuffers, SetFilePointer, IsBadWritePtr, VirtualAlloc,WriteFile, VirtualFree, HeapCreate, HeapDestroy, GetStartupInfoA,GetFileType, GetStdHandle, SetHandleCount, GetEnvironmentStringsW,GetEnvironmentStrings, FreeEnvironmentStringsW,FreeEnvironmentStringsA, UnhandledExceptionFilter, RtlUnwind,GetTimeZoneInformation, GetSystemTime, RaiseException, GetCommandLineA,GetVersion, ExitProcess, HeapFree, HeapAlloc, HeapReAlloc,TerminateProcess, GetCurrentProcess, LCMapStringA, LCMapStringW,GetCPInfo, CompareStringA, CompareStringW, HeapSize, GetACP, GetOEMCP,SetUnhandledExceptionFilter, SetEnvironmentVariableA
> ole32.dll: CoUninitialize, CoGetClassObject, CoInitialize, StringFromCLSID
> oleaut32.dll: -
> urlmon.dll: URLDownloadToFileA
>wininet.dll: InternetOpenA, InternetCrackUrlA,InternetGetConnectedState, DeleteUrlCacheEntry, InternetConnectA,HttpSendRequestA, HttpOpenRequestA, InternetReadFile,InternetCloseHandle
       
        ( 0 exports )
       
TrID  : File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
ssdeep: 3072:FjSC44f3QE3zf3c8VF8oF3X12+OnIyYzAFWoWI:Fj3gYsGV2+OnasFo
PEiD  : Armadillo v1.71
RDS  : NSRL Reference Data Set
-
gototop
 
笑看山河
头像
初生襁褓狮
  • 帖子:37
  • 注册: 2009-07-27
  • 来自:
发表于: 2009-07-29 13:25 | 只看楼主 短消息 资料
字号: 24楼

回复: adware.win32/rugo怎么杀?急!!!

c:\windows\system32\b5a3.dll分析结果:
反病毒引擎版本最后更新扫描结果
a-squared4.5.0.242009.07.28AdWare.Bdsearch!IK
AhnLab-V35.0.0.22009.07.28-
AntiVir7.9.0.2282009.07.28TR/Agent.49152
Antiy-AVL2.0.3.72009.07.28-
Authentium5.1.2.42009.07.28W32/AdAgent.I.gen!Eldorado
Avast4.8.1335.02009.07.27Win32:Agent-GRW
AVG8.5.0.3872009.07.28-
BitDefender7.22009.07.28Gen:Adware.Heur.Hu8@GmhJoiob
CAT-QuickHeal10.002009.07.28-
ClamAV0.94.12009.07.28-
Comodo17902009.07.28-
DrWeb5.0.0.121822009.07.28Trojan.DownLoader.origin
eSafe7.0.17.02009.07.27-
eTrust-Vet31.6.66432009.07.28-
F-Prot4.4.4.562009.07.28W32/AdAgent.I.gen!Eldorado
F-Secure8.0.14470.02009.07.28-
Fortinet3.120.0.02009.07.28-
GData192009.07.28Gen:Adware.Heur.Hu8@GmhJoiob
IkarusT3.1.1.64.02009.07.28AdWare.Bdsearch
Jiangmin11.0.8002009.07.28Heur:Adware/MsLock
K7AntiVirus7.10.8032009.07.27-
Kaspersky7.0.0.1252009.07.28-
McAfee56902009.07.27-
McAfee+Artemis56902009.07.27-
McAfee-GW-Edition6.8.52009.07.28Heuristic.LooksLike.Trojan.Agent.J
Microsoft1.49032009.07.28Adware:Win32/Rugo
NOD3242842009.07.28-
Norman
2009.07.28-
nProtect2009.1.8.02009.07.28-
Panda10.0.0.142009.07.28-
PCTools4.4.2.02009.07.28-
Prevx3.02009.07.28-
Rising21.40.13.002009.07.28-
Sophos4.44.02009.07.28Rugo
Sunbelt3.2.1858.22009.07.28AdWare.Win32.WSearch
Symantec1.4.4.122009.07.28-
TheHacker6.3.4.3.3752009.07.28-
TrendMicro8.950.0.10942009.07.28-
VBA323.12.10.92009.07.28-
ViRobot2009.7.28.18572009.07.28-
VirusBuster4.6.5.02009.07.27-
附加信息
File size: 548864 bytes
MD5  : ce4fc2ef676974113422feb7ce7abbf2
SHA1  : d6bcd97e4dccd327e852fa6014132b422fcfb26e
SHA256: f4754159614ae61f4a64a2217a7d733020ac9d99dbc08260164981e5ec53a02e
PEInfo: PE Structure information
       
        ( base data )
        entrypointaddress.: 0x3DD33
        timedatestamp.....: 0x4A6E4EFE (Tue Jul 28 03:06:06 2009)
        machinetype.......: 0x14C (Intel I386)
       
        ( 5 sections )
        name viradd virsiz rawdsiz ntrpy md5
        .text 0x1000 0x63966 0x64000 6.69 01dfb99cc9916195644974e70eecae5e
.rdata 0x65000 0xD8EA 0xE000 4.86 16faf3b10eb25f5d4077a8b2ba35e746
.data 0x73000 0x531CC 0x5000 5.39 0fd0b48c28b6a079a85330da810e360b
.rsrc 0xC7000 0x1288 0x2000 3.03 6967db2044f6677da6611f3ec1f19b0b
.reloc 0xC9000 0xB152 0xC000 5.66 b85c193034ec9ee805a6d8f918114913
       
        ( 10 imports )
       
>advapi32.dll: RegQueryValueExA, InitializeSecurityDescriptor,RegOpenKeyA, RegSetValueExA, RegCreateKeyA, GetUserNameA,RegCreateKeyExA, RegQueryValueA, RegSetValueA, RegDeleteKeyA,RegDeleteValueA, RegOpenKeyExA, RegQueryInfoKeyA, RegEnumKeyExA,SetSecurityDescriptorDacl, RegCloseKey
> gdi32.dll: DeleteObject,CreateRectRgn, GetPixel, GetTextExtentPoint32A, CreateSolidBrush,GetStockObject, GetObjectA, GetDeviceCaps, BitBlt,CreateCompatibleBitmap, DeleteDC, SelectObject, CreateCompatibleDC,SaveDC, RestoreDC, CombineRgn
> kernel32.dll:DeleteCriticalSection, GetLocalTime, CloseHandle, UnmapViewOfFile,MapViewOfFile, CreateFileMappingA, OpenFileMappingA, ReleaseMutex,FlushViewOfFile, WaitForSingleObject, CreateMutexA, FindClose,FindFirstFileA, GetLastError, GetSystemTimeAsFileTime, SetErrorMode,MultiByteToWideChar, GetShortPathNameA, GetTempFileNameA, GetTempPathA,Sleep, CopyFileA, SetFileAttributesA, GetWindowsDirectoryA,DeleteFileA, GetVolumeInformationA, GetSystemDirectoryA, lstrcmpA,FindNextFileA, lstrcatA, lstrcpyA, CreateDirectoryA, GetVersionExA,SetProcessWorkingSetSize, GetCurrentProcess, GetTickCount,InterlockedExchange, GetACP, GetLocaleInfoA, GetThreadLocale,EnterCriticalSection, LeaveCriticalSection, FlushInstructionCache,HeapFree, GetProcessHeap, HeapAlloc, WideCharToMultiByte,InterlockedDecrement, lstrlenA, GetCurrentThreadId, GlobalUnlock,GlobalLock, GlobalAlloc, lstrlenW, MulDiv, InterlockedIncrement,GetModuleFileNameA, GetModuleHandleA, FreeLibrary, SizeofResource,LoadResource, FindResourceA, InitializeCriticalSection, lstrcmpiA,lstrcpynA, IsDBCSLeadByte, GetProcAddress, LoadLibraryA, CreateThread,SetEvent, OpenEventA, CreateProcessA, WaitForMultipleObjects,CreateEventA, Module32Next, Module32First, CreateToolhelp32Snapshot,GetCurrentDirectoryA, Process32Next, Process32First, ReadFile,CreateFileA, TerminateProcess, DeviceIoControl, GetFileAttributesA,VirtualAlloc, VirtualFree, SetFilePointer, WriteFile, SetEndOfFile,GetStdHandle, QueryPerformanceCounter, SetUnhandledExceptionFilter,IsBadWritePtr, HeapCreate, HeapDestroy, TlsGetValue, RaiseException,TlsSetValue, TlsFree, SetLastError, TlsAlloc, GetOEMCP, GetCPInfo,LCMapStringW, LCMapStringA, RemoveDirectoryA, GetCommandLineA,HeapReAlloc, VirtualQuery, GetSystemInfo, VirtualProtect,GetDriveTypeA, FileTimeToLocalFileTime, FileTimeToSystemTime,ExitProcess, RtlUnwind, HeapSize, GetFullPathNameA, FlushFileBuffers,SetHandleCount, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA,GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW,UnhandledExceptionFilter, GetTimeZoneInformation, GetStringTypeA,GetStringTypeW, GetUserDefaultLCID, EnumSystemLocalesA, IsValidLocale,IsValidCodePage, IsBadReadPtr, IsBadCodePtr, SetStdHandle,GetLocaleInfoW, CompareStringA, CompareStringW,SetEnvironmentVariableA, LocalFree, LoadLibraryExA, GetCurrentProcessId
>ole32.dll: CoTaskMemRealloc, CLSIDFromString, CLSIDFromProgID,CoGetClassObject, OleLockRunning, CoTaskMemAlloc, StringFromGUID2,OleUninitialize, OleInitialize, CreateStreamOnHGlobal,CoCreateInstance, CoUninitialize, CoInitialize, CoTaskMemFree
> oleaut32.dll: -, -, -, -, -, -, -, -, -, -, -, -
> shell32.dll: SHGetFolderPathA
> urlmon.dll: URLDownloadToFileA
>user32.dll: GetForegroundWindow, SetForegroundWindow,SystemParametersInfoA, MapWindowPoints, ShowWindow, UpdateWindow,PeekMessageA, GetMessageA, TranslateMessage, EnumWindows,AdjustWindowRectEx, FindWindowExA, PostMessageA,CreateAcceleratorTableA, CharNextA, GetParent, GetClassNameA,RedrawWindow, GetDlgItem, IsWindow, DestroyAcceleratorTable, GetFocus,DispatchMessageA, IsChild, GetWindow, SetFocus, BeginPaint, EndPaint,GetDesktopWindow, InvalidateRgn, InvalidateRect, FillRect, SetCapture,ReleaseCapture, GetSysColor, CreateWindowExA, CallWindowProcA,RegisterWindowMessageA, RegisterClassExA, GetWindowTextLengthA,GetWindowTextA, DefWindowProcA, SetActiveWindow, LoadCursorA,GetClassInfoExA, KillTimer, SetTimer, SetWindowPos, MoveWindow,SetWindowTextA, SendMessageA, GetWindowLongA, SetWindowLongA,DestroyWindow, PostQuitMessage, wsprintfA, SetWindowRgn, ReleaseDC,GetWindowRect, GetClientRect, GetSystemMetrics, LoadImageA,UnregisterClassA, GetDC
> wininet.dll: InternetReadFile,HttpSendRequestA, FindFirstUrlCacheEntryA, FindNextUrlCacheEntryA,GetUrlCacheEntryInfoA, InternetCrackUrlA, InternetOpenA,InternetConnectA, InternetCloseHandle, HttpOpenRequestA,DeleteUrlCacheEntry
> ws2_32.dll: -, -, -
       
        ( 1 exports )
       
> Always, DSDD_YUNJ_DOSS, GetPlayerVersion, playAdk
TrID  : File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
ssdeep: 12288:ddfAJ5ChL/XI1W5WRU04L15D4Q/CYz4hBV7j9H6d1fzaXIRpZ9InBJaol1UNFRR2:d9KChLACK+PD9/Urj96XaXIRpZ9InBJf
PEiD  : -
RDS  : NSRL Reference Data Set
-
gototop
 
笑看山河
头像
初生襁褓狮
  • 帖子:37
  • 注册: 2009-07-27
  • 来自:
发表于: 2009-07-29 13:26 | 只看楼主 短消息 资料
字号: 25楼

回复: adware.win32/rugo怎么杀?急!!!

c:\windows\downlo~1\885b.dll分析结果:
反病毒引擎版本最后更新扫描结果
a-squared4.5.0.242009.07.28Virus.Win32.Agent.GRW!IK
AhnLab-V35.0.0.22009.07.28-
AntiVir7.9.0.2282009.07.28TR/Agent.49152
Antiy-AVL2.0.3.72009.07.28-
Authentium5.1.2.42009.07.27W32/Heuristic-KPP!Eldorado
Avast4.8.1335.02009.07.27Win32:Agent-GRW
AVG8.5.0.3872009.07.27Generic4.IEQ
BitDefender7.22009.07.28Adware.BDSearch.1
CAT-QuickHeal10.002009.07.28-
ClamAV0.94.12009.07.28-
Comodo17912009.07.28-
DrWeb5.0.0.121822009.07.28DLOADER.Trojan
eSafe7.0.17.02009.07.27-
eTrust-Vet31.6.66422009.07.27Win32/Jhee.H
F-Prot4.4.4.562009.07.27W32/Heuristic-KPP!Eldorado
F-Secure8.0.14470.02009.07.28-
Fortinet3.120.0.02009.07.28PossibleThreat
GData192009.07.28Adware.BDSearch.1
IkarusT3.1.1.64.02009.07.28Virus.Win32.Agent.GRW
Jiangmin11.0.8002009.07.28Heur:TrojanDownloader.Agent
K7AntiVirus7.10.8032009.07.27-
Kaspersky7.0.0.1252009.07.28Trojan-Downloader.Win32.Adik.y
McAfee56902009.07.27-
McAfee+Artemis56902009.07.27Artemis!421E5539D12E
McAfee-GW-Edition6.8.52009.07.28Heuristic.LooksLike.Trojan.Agent.L
Microsoft1.49032009.07.28Trojan:Win32/Jhee.G
NOD3242832009.07.28probably a variant of Win32/Adware.WSearch
Norman6.01.092009.07.27-
nProtect2009.1.8.02009.07.28-
Panda10.0.0.142009.07.27Trj/CI.A
PCTools4.4.2.02009.07.27-
Prevx3.02009.07.28-
Rising21.40.11.002009.07.28-
Sophos4.44.02009.07.28Sus/Behav-1012
Sunbelt3.2.1858.22009.07.28-
Symantec1.4.4.122009.07.28-
TheHacker6.3.4.3.3752009.07.28-
TrendMicro8.950.0.10942009.07.28-
VBA323.12.10.92009.07.28-
ViRobot2009.7.28.18572009.07.28-
VirusBuster4.6.5.02009.07.27-
附加信息
File size: 45056 bytes
MD5  : 421e5539d12ed32076af6e18c07e5a1e
SHA1  : 8d8f1988547c74bf9a95126eda16c07d236fbb12
SHA256: 1ad6e387be64f34737ca007508f7c4210c5ca181f7259be030f6f26c90348212
PEInfo: PE Structure information
       
        ( base data )
        entrypointaddress.: 0x470F
        timedatestamp.....: 0x4A6D0F73 (Mon Jul 27 04:22:43 2009)
        machinetype.......: 0x14C (Intel I386)
       
        ( 5 sections )
        name viradd virsiz rawdsiz ntrpy md5
        .text 0x1000 0x3AE3 0x4000 5.92 e5e5569384fc561058954793a6572bbd
.rdata 0x5000 0x1962 0x2000 4.42 e5a5efc06079f327bdb7ed98c4fea3cf
.data 0x7000 0x1510 0x2000 5.44 0aa1eb0568a2ef8e003b60ffe30eb8c0
.rsrc 0x9000 0x468 0x1000 1.18 45702b89006fe2629964f9d243ecc6a0
.reloc 0xA000 0x8A0 0x1000 3.11 fcf7e11c87a0a07b71ffdcc322bf4f13
       
        ( 8 imports )
       
>advapi32.dll: RegQueryInfoKeyA, RegSetValueA, RegSetKeySecurity,SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegCloseKey,RegQueryValueExA, RegOpenKeyA, RegCreateKeyA, OpenProcessToken,GetUserNameA, CreateProcessAsUserA, RegCreateKeyExA, RegSetValueExA,RegEnumValueA, RegDeleteValueA, RegQueryValueA
> kernel32.dll:CreateEventA, DeleteFileA, CreateProcessA, OpenMutexA,GetVolumeInformationA, OpenEventA, GetLastError, OpenFileMappingA,MapViewOfFile, GetProcessHeap, CloseHandle, VirtualFreeEx,WaitForSingleObject, CreateRemoteThread, GetProcAddress,GetModuleHandleA, WriteProcessMemory, VirtualAllocEx, lstrlenW,OpenProcess, lstrlenA, CreateToolhelp32Snapshot, Process32Next,Process32First, Sleep, GetModuleFileNameA, GetCurrentDirectoryA,CopyFileA, GetWindowsDirectoryA
> mfc42.dll: -, -, -, -, -, -, -
>msvcp60.dll:__0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@PBDABV_$allocator@D@1@@Z,___7_$basic_ifstream@DU_$char_traits@D@std@@@std@@6B@,_open@_$basic_filebuf@DU_$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z,_getline@std@@YAAAV_$basic_istream@DU_$char_traits@D@std@@@1@AAV21@AAV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@1@@Z,_close@_$basic_filebuf@DU_$char_traits@D@std@@@std@@QAEPAV12@XZ,___7_$basic_istream@DU_$char_traits@D@std@@@std@@6B@,__6std@@YAAAV_$basic_ostream@DU_$char_traits@D@std@@@0@AAV10@ABV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@@Z,__1_$basic_istream@DU_$char_traits@D@std@@@std@@UAE@XZ,___D_$basic_ifstream@DU_$char_traits@D@std@@@std@@QAEXXZ,___8_$basic_ofstream@DU_$char_traits@D@std@@@std@@7B@,__0ios_base@std@@IAE@XZ,___7_$basic_ios@DU_$char_traits@D@std@@@std@@6B@,__0_$basic_ostream@DU_$char_traits@D@std@@@std@@QAE@PAV_$basic_streambuf@DU_$char_traits@D@std@@@1@_N1@Z,__0_$basic_filebuf@DU_$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z,___7_$basic_ofstream@DU_$char_traits@D@std@@@std@@6B@,__Init@_$basic_filebuf@DU_$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z,_setstate@_$basic_ios@DU_$char_traits@D@std@@@std@@QAEXH_N@Z,_endl@std@@YAAAV_$basic_ostream@DU_$char_traits@D@std@@@1@AAV21@@Z,_clear@_$basic_ios@DU_$char_traits@D@std@@@std@@QAEXH_N@Z,__1_$basic_filebuf@DU_$char_traits@D@std@@@std@@UAE@XZ,___7_$basic_ostream@DU_$char_traits@D@std@@@std@@6B@,__1ios_base@std@@UAE@XZ,___8_$basic_ifstream@DU_$char_traits@D@std@@@std@@7B@,__0_$basic_ios@DU_$char_traits@D@std@@@std@@IAE@XZ,__Copy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z,__Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z,__Xlen@std@@YAXXZ,__C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB,_erase@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@II@Z,_assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z,_npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB,__Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z,__1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ,__Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z,_c_str@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEPBDXZ,__0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@ABV01@@Z,_assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@PBDI@Z,__1_$basic_ios@DU_$char_traits@D@std@@@std@@UAE@XZ,___D_$basic_ofstream@DU_$char_traits@D@std@@@std@@QAEXXZ,__1_$basic_ostream@DU_$char_traits@D@std@@@std@@UAE@XZ,__0_$basic_istream@DU_$char_traits@D@std@@@std@@QAE@PAV_$basic_streambuf@DU_$char_traits@D@std@@@1@_N@Z
>msvcrt.dll: _except_handler3, _stricmp, _access, _beginthreadex,strstr, sprintf, _strlwr, rand, time, srand, __CxxFrameHandler,_strupr, atol, _ltoa, fclose, __dllonexit, _onexit, free, _initterm,malloc, _adjust_fdiv
> urlmon.dll: URLDownloadToFileA
> user32.dll: wsprintfW
> wininet.dll: InternetGetConnectedState, DeleteUrlCacheEntry
       
        ( 1 exports )
       
> Run
TrID  : File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ssdeep: 384:Xj+VNo1SOw1LwJXyrM0s3BXzXAQ3bgWdVDB6AkzTOdfcx18RzpYxK2ugq+EWw7EQ:aVqaeR3AKbdVEAkzTsfsoiGgql0
PEiD  : Armadillo v1.xx - v2.xx
RDS  : NSRL Reference Data Set
-
gototop
 
笑看山河
头像
初生襁褓狮
  • 帖子:37
  • 注册: 2009-07-27
  • 来自:
发表于: 2009-07-29 16:08 | 只看楼主 短消息 资料
字号: 26楼

回复: adware.win32/rugo怎么杀?急!!!

VISTA不支持Icesword冰刃 中文版 1.22Windows清理助手vista支持但不顶用
SRENG2.7版也不顶用。
gototop
 
<<上一主题|下一主题>>
123   3  /  3  页   跳转
页面顶部
Powered by Discuz!NT