[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 892][C:\kav2005\KMailMon.EXE] [Kingsoft Corporation, 2007, 2, 25, 948]
[C:\kav2005\KAntiSpm.dll] [Kingsoft Corporation, 2007, 2, 25, 129]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\kav2005\KAECall2.DLL] [Kingsoft Corporation, 2004, 12, 28, 7]
[C:\kav2005\KAEPlat.DLL] [Kingsoft Corp., 2007, 2, 4, 61]
[C:\kav2005\KAEMem.DAT] [Kingsoft, 2006, 9, 25, 16]
[C:\kav2005\KAEUnpack.DAT] [Kingsoft Corp., 2007, 5, 9, 120]
[C:\kav2005\KAConfig.DLL] [Kingsoft Corporation, 2007, 1, 11, 41]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[PID: 944][C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe] [N/A, ]
[C:\Program Files\Lenovo\EnergyCut\HookLib.dll] [N/A, ]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 1156][C:\Program Files\Lenovo\IGRS EasyShare\IncTray.exe] [联想集团有限公司, 1, 0, 0, 13]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\Program Files\360safe\safemon\safemon.dll] [, 3, 4, 0, 1001]
[PID: 1580][C:\Program Files\360safe\safemon\360Tray.exe] [奇虎网, 3, 4, 0, 1001]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\Program Files\360safe\safemon\safemon.dll] [, 3, 4, 0, 1001]
[C:\Program Files\360safe\safemon\SafeKrnl.dll] [奇虎网, 3, 4, 0, 1001]
[C:\Program Files\360safe\AntiAdwa.dll] [360Safe.com, 3, 4, 0, 1001]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[PID: 1640][C:\WINDOWS\system32\igfxext.exe] [Intel Corporation, 3.0.0.4543]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\IGFXEXPS.DLL] [Intel Corporation, 3.0.0.4543]
[PID: 2056][C:\kav2005\KPFW32.EXE] [Kingsoft Corporation, 2007, 2, 2, 687]
[C:\kav2005\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\360safe\safemon\safemon.dll] [, 3, 4, 0, 1001]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[C:\kav2005\KAVIPC2.DLL] [Kingsoft Corporation, 2007, 1, 15, 30]
[C:\kav2005\KAConfig.DLL] [Kingsoft Corporation, 2007, 1, 11, 41]
[C:\kav2005\FiltList.dll] [N/A, ]
[C:\kav2005\KAVPassp.DLL] [Kingsoft Corporation, 2006, 12, 30, 271]
[C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll] [联想集团有限公司, 1, 0, 2, 65]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[PID: 2100][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\360safe\safemon\safemon.dll] [, 3, 4, 0, 1001]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
[PID: 2972][E:\日志扫描器\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\Program Files\360safe\safemon\safemon.dll] [, 3, 4, 0, 1001]
[C:\kav2005\KMailOEBand.dll] [Kingsoft Corporation, 2006, 12, 1, 139]
[C:\kav2005\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\kav2005\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\kav2005\KASocket.dll] [Kingsoft Corporation, 2006, 12, 21, 241]
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP Error. [C:\WINDOWS\system32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
N/A
==================================
API HOOK
入口点错误:LoadLibraryExW (危险等级: 一般, 被下面模块所HOOK: C:\kav2005\KASocket.dll)
入口点错误:CreateProcessA (危险等级: 一般, 被下面模块所HOOK: C:\Program Files\360safe\safemon\safemon.dll)
入口点错误:CreateProcessW (危险等级: 一般, 被下面模块所HOOK: C:\Program Files\360safe\safemon\safemon.dll)
==================================
隐藏进程
N/A
==================================
[/CODE]
