U148 Archive

Markdown archive served by Next.js

迷宫。发散的脑细胞

来源: BlogBus 原始链接: http://bbwww.blogbus.com:80/logs/2006/01/1854281.html 存档链接: https://web.archive.org/web/20060212074353id_/http://bbwww.blogbus.com:80/logs/2006/01/1854281.html

<< torpark 真的很有效果 杀万众传媒可以只要杀掉DLL就可以删除的. >> 看个小强代价未免太大了点。。。。 2006-01-23, by bbwww 上海网视天地网络信息科技有限公司 ( NTV ) 文件: 安装程序:1,605,105 字节 安装目录大小:7.57 MB (7,946,965 字节) 2006-01-23 21:56 . 2006-01-23 21:56 .. 2006-01-13 15:43 708 categ.xml 2006-01-12 17:27 214 conf.xml 2006-01-23 21:36 emag 2006-01-23 14:19 4,298,752 EMagZone.exe 2006-01-15 19:58 552,960 libemag.dll 2006-01-13 15:30 80 mag.xml 2006-01-20 02:51 1,427,968 Reader.exe 2006-01-23 21:36 smag 2006-01-06 22:03 443,392 smag.dll 2006-01-17 10:35 211 sys.xml 2006-01-23 21:36 1,740 unins000.dat 2006-01-23 21:33 657,677 unins000.exe 2006-01-09 22:53 63 update.ini 2006-01-22 23:52 563,200 updater.exe 12个文件 7,947,041 字节 4 个目录 2,174,640,128 可用字节 增加键:20

HKLM\SOFTWARE\Classes\Applications\EMagReader.exe HKLM\SOFTWARE\Classes\Applications\EMagReader.exe\DefaultIcon HKLM\SOFTWARE\Classes\Applications\EMagReader.exe\shell HKLM\SOFTWARE\Classes\Applications\EMagReader.exe\shell\open HKLM\SOFTWARE\Classes\Applications\EMagReader.exe\shell\open\command HKLM\SOFTWARE\Classes\Applications\EMagZone.exe HKLM\SOFTWARE\Classes\Applications\EMagZone.exe\DefaultIcon HKLM\SOFTWARE\Classes\Applications\EMagZone.exe\path HKLM\SOFTWARE\Classes\Applications\EMagZone.exe\shell HKLM\SOFTWARE\Classes\Applications\EMagZone.exe\shell\open HKLM\SOFTWARE\Classes\Applications\EMagZone.exe\shell\open\command HKLM\SOFTWARE\Classes\CLSID{3D898C55-74CC-4B7C-B5F1-45913F368388} HKLM\SOFTWARE\Classes\CLSID{3D898C55-74CC-4B7C-B5F1-45913F368388}\InprocServer32 HKLM\SOFTWARE\Classes\CLSID{3D898C55-74CC-4B7C-B5F1-45913F368388}\ProgID HKLM\SOFTWARE\Classes.emag HKLM\SOFTWARE\Classes.smag HKLM\SOFTWARE\Classes\smag.iehelper HKLM\SOFTWARE\Classes\smag.iehelper\Clsid HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{3D898C55-74CC-4B7C-B5F1-45913F368388} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1

增加值:32

HKLM\SOFTWARE\Classes\Applications\EMagReader.exe\shell\open\command: "C:\Program Files\EMag\reader.exe %1" HKLM\SOFTWARE\Classes\Applications\EMagReader.exe\DefaultIcon: "C:\Program Files\EMag\reader.exe,1" HKLM\SOFTWARE\Classes\Applications\EMagZone.exe\shell\open\command: "C:\Program Files\EMag\EMagZone.exe %1" HKLM\SOFTWARE\Classes\Applications\EMagZone.exe\path: "C:\Program Files\EMag" HKLM\SOFTWARE\Classes\Applications\EMagZone.exe\DefaultIcon: "C:\Program Files\EMag\EMagZone.exe,1" HKLM\SOFTWARE\Classes\CLSID{3D898C55-74CC-4B7C-B5F1-45913F368388}\ProgID: "smag.iehelper" HKLM\SOFTWARE\Classes\CLSID{3D898C55-74CC-4B7C-B5F1-45913F368388}\InprocServer32: "C:\PROGRA~1\EMag\smag.dll" HKLM\SOFTWARE\Classes\CLSID{3D898C55-74CC-4B7C-B5F1-45913F368388}\InprocServer32\ThreadingModel: "Apartment" HKLM\SOFTWARE\Classes\CLSID{3D898C55-74CC-4B7C-B5F1-45913F368388}: "" HKLM\SOFTWARE\Classes.emag: "Applications\EMagReader.exe" HKLM\SOFTWARE\Classes.smag: "Applications\EMagZone.exe" HKLM\SOFTWARE\Classes\smag.iehelper\Clsid: "{3D898C55-74CC-4B7C-B5F1-45913F368388}" HKLM\SOFTWARE\Classes\smag.iehelper: "" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\EMagZone: "C:\Program Files\EMag\updater.exe" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\Inno Setup: Setup Version: "5.1.5" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\Inno Setup: App Path: "C:\Program Files\EMag" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\InstallLocation: "C:\Program Files\EMag" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\Inno Setup: Icon Group: "万众阅读器" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\Inno Setup: User: "841505" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\Inno Setup: Selected Tasks: "desktopicon" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\Inno Setup: Deselected Tasks: "" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\DisplayName: "万众阅读器 Beta版本" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\UninstallString: ""C:\Program Files\EMag\unins000.exe"" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\QuietUninstallString: ""C:\Program Files\EMag\unins000.exe" /SILENT" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\Publisher: "上海网视天地网络信息科技有限公司 ( NTV )" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\URLInfoAbout: " http://www.magraden.com " HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\HelpLink: " http://www.magraden.com " HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\URLUpdateInfo: " http://www.magraden.com " HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\NoModify: 0x00000001 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\万众阅读器_is1\NoRepair: 0x00000001 HKU\S-1-5-21-1268305875-2397372426-2522078310-1001\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Program Files\EMag\updater.exe: "updater" HKU\S-1-5-21-1268305875-2397372426-2522078310-1001\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Program Files\EMag\emagzone.exe: "emagzone"

Logfile of HijackThis v1.99.1 Scan saved at 21:41:00, on 2006-1-23 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) O2 - BHO: (no name) - {3D898C55-74CC-4B7C-B5F1-45913F368388} - C:\PROGRA~1\EMag\smag.dll O4 - HKLM..\Run: [EMagZone] C:\Program Files\EMag\updater.exe 勉强还算2流的流氓。只是技术没3721等老流氓毒辣而已。 发布于: 21:49:26 | 分类: 小强历险记 流氓软件 | 引用(2) | 编辑 1 条评论: 小强不乖 , 2006-01-25 22:08:16 小强历险记-小强不乖-反.带三个表 按摩乳按摩的是腐乳? 添加评论