每台机器用360机器狗专杀查出 PopularMalware 恶性干扰对象
每台机器用360机器狗专杀查出 PopularMalware 恶性干扰对象 - 死性不改's Blog~http://www.clxp.net.cn/article.asp?id=1406
本店用的是信佑铁克虚拟盘+东方网点记费系统。用360机器狗专杀查出有PopularMalware 恶性干扰对象
经过检查发现,是360误报信佑铁克虚拟盘和东方网点记费系统保护程序。
http://www.clxp.net.cn/images/code.gif程序代码
日期时间:2008/7/31 18:01:03,2008/7/31 18:01:21
计算机名:C036 , C036
使用者名: ,
----------------------------------
删除键:6
----------------------------------
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\Security
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\Enum
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\Security
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\Enum
----------------------------------
增加键:6
----------------------------------
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TORJANFW
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TORJANFW\0000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TORJANFW\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TORJANFW
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TORJANFW\0000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TORJANFW\0000\Control
----------------------------------
删除值:23
----------------------------------
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\updater: "D:\Soft\Updater\updater.exe"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\Enum\0: "Root\LEGACY_GUARDER\0000"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\Enum\Count: 0x00000001
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\Enum\NextInstance: 0x00000001
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\Security\Security: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\Type: 0x00000010
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\Start: 0x00000003
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\ErrorControl: 0x00000001
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\ImagePath: "C:\WINDOWS\system32\wbem\svchost.exe"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\DisplayName: "Guarder"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\ObjectName: "LocalSystem"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Guarder\Description: "EastdaybarGuarderService"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\Enum\0: "Root\LEGACY_GUARDER\0000"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\Enum\Count: 0x00000001
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\Enum\NextInstance: 0x00000001
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\Security\Security: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\Type: 0x00000010
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\Start: 0x00000003
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\ErrorControl: 0x00000001
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\ImagePath: "C:\WINDOWS\system32\wbem\svchost.exe"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\DisplayName: "Guarder"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\ObjectName: "LocalSystem"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Guarder\Description: "EastdaybarGuarderService"
----------------------------------
增加值:19
----------------------------------
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\ak360Kill_r: ""C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\LRZPZKOE\SuperKiller.exe" -checksafe"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TORJANFW\0000\Control\*NewlyCreated*: 0x00000000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TORJANFW\0000\Control\ActiveService: "TorjanFW"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TORJANFW\0000\Service: "TorjanFW"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TORJANFW\0000\Legacy: 0x00000001
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TORJANFW\0000\ConfigFlags: 0x00000000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TORJANFW\0000\Class: "LegacyDriver"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TORJANFW\0000\ClassGUID: "{8ECC055D-047F-11D1-A537-0000F8753ED1}"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TORJANFW\0000\DeviceDesc: "TorjanFW"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TORJANFW\NextInstance: 0x00000001
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TORJANFW\0000\Control\*NewlyCreated*: 0x00000000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TORJANFW\0000\Control\ActiveService: "TorjanFW"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TORJANFW\0000\Service: "TorjanFW"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TORJANFW\0000\Legacy: 0x00000001
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TORJANFW\0000\ConfigFlags: 0x00000000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TORJANFW\0000\Class: "LegacyDriver"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TORJANFW\0000\ClassGUID: "{8ECC055D-047F-11D1-A537-0000F8753ED1}"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TORJANFW\0000\DeviceDesc: "TorjanFW"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TORJANFW\NextInstance: 0x00000001 学习下,谢谢LZ
页:
[1]