看看有没有中奖的!
本帖最后由 a1065809672 于 2018-12-3 11:40 编辑行为描述:联网打开网
详情信息:InternetOpenUrlA: http://5y****cn/config/5yyw.exe, hInternet = 0x00cc0008, Flags = 0x80000002
行为描述:连接指定站点
详情信息:InternetConnectA: ServerName = 5y****cn, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000InternetConnectA: ServerName = 5y****cn, PORT = 80, UserName = , Password = , hSession = 0x00cc0008, hConnect = 0x00cc000c, Flags = 0x80000002
行为描述:打开HTTP连接
详情信息:InternetOpenA: UserAgent: HTTPREAD, hSession = 0x00cc0008
行为描述:建立到一个指定的套接字连接
详情信息:URL: 5y****cn, IP: **.133.40.**:80, SOCKET = 0x00000284URL: 5y****cn, IP: **.133.40.**:80, SOCKET = 0x000001e8
行为描述:读取网络文件
详情信息:hFile = 0x00cc000c, BytesToRead =1024, BytesRead = 1024.hFile = 0x00cc0010, BytesToRead =2048, BytesRead = 2048.
行为描述:发送HTTP包
详情信息:GET /config/5yyw.txt HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727) CometHTTP Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Referer: http://5yyw.cn/config/5yyw.txt Accept-Language: zh-cn Host: 5y****cnGET /config/5yyw.exe HTTP/1.1 User-Agent: HTTPREAD Host: 5y****cn Cache-Control: no-cache
行为描述:打开HTTP请求
详情信息:HttpOpenRequestA: 5y****cn:80/config/5yyw.txt, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x0000c400HttpOpenRequestA: 5y****cn:80/config/5yyw.exe, hConnect = 0x00cc000c, hRequest = 0x00cc0010, Verb: GET, Referer: , Flags = 0x80000002
行为描述:按名称获取主机地址
详情信息:
附哈勃
- -这什么 ----------------------这是什么 楼主我电脑被远控了,有啥办法去掉没 疑似远控。,。。
页:
[1]