[C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Ahead\Lib\NMIndexingServicePS.dll] [Nero AG, 2,0,13,0]
[C:\Program Files\Common Files\Ahead\Lib\NMLogCxx.dll] [Nero AG, 2,0,13,0]
[C:\Program Files\Common Files\Ahead\Lib\log4cxx.dll] [Nero AG, 1, 0, 0, 0]
[C:\Program Files\Common Files\Ahead\Lib\NMDataServices.dll] [Nero AG, 2,0,13,0]
[PID: 1312 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 4024 / Administrator][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.4: 2007051502]
[C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.4: 2007051502]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.4: 2007051502]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIMhook.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
[C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.4: 2007051502]
[C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.4: 2007051502]
[C:\PROGRA~1\MOZILL~1\extensions\talkback@mozilla.org\components\qfaservices.dll] [Mozilla Foundation, 1.8.1.4: 2007051502]
[C:\PROGRA~1\MOZILL~1\extensions\talkback@mozilla.org\components\FULLSOFT.DLL] [Full Circle Software, Inc., 2.2.unofficial]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.62]
[C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.4: 2007051502]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCTIP.DLL] [Microsoft Corporation, 12.0.4518.1014]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME12\SHARED\IMETIP.DLL] [Microsoft Corporation, 12.0.4518.1014]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCCORE.DLL] [Microsoft Corporation, 12.0.4518.1014]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCCFG.DLL] [Microsoft Corporation, 12.0.4518.1014]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME12\SHARED\IMELM.DLL] [Microsoft Corporation, 12.0.4518.1014]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME12\SHARED\MSCAND20.DLL] [Microsoft Corporation, 12.0.4518.1014]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\Program Files\Inventec\Dreye\PeaDict\Api\dictnt.dll] [IES, 1, 0, 0, 1]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME12\SHARED\IMECFM.DLL] [Microsoft Corporation, 12.0.4518.1014]
[PID: 3328 / Administrator][D:\utorrent.exe] [N/A, ]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIMhook.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scrchpg.dll] [Kaspersky Lab, 6.0.2.621]
[C:\Program Files\Inventec\Dreye\PeaDict\Api\dictnt.dll] [IES, 1, 0, 0, 1]
[PID: 2356 / Administrator][C:\Program Files\FlashGet\FlashGet.exe] [FlashGet.com, 1, 8, 6, 1008]
[C:\Program Files\FlashGet\FGBTCORE.dll] [, 1, 0, 0, 36]
[C:\Program Files\FlashGet\FGEMCORE.dll] [, 1, 0, 2, 1002]
[C:\Program Files\FlashGet\debugrpt.dll] [flashget, 1, 0, 0, 1006]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIMhook.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll] [Kaspersky Lab, 6.0.2.621]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scrchpg.dll] [Kaspersky Lab, 6.0.2.621]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\Program Files\FlashGet\fgupdate.dll] [www.flashget.com, 1, 8, 1, 1003]
[C:\Program Files\Inventec\Dreye\PeaDict\Api\dictnt.dll] [IES, 1, 0, 0, 1]
[PID: 2456 / Administrator][C:\Program Files\Inventec\Dreye\Dreye.exe] [Inventec Online, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\DreyeCtlU.dll] [Inventec, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\DreyeWndU.dll] [Inventec, 8, 0, 2007, 0]
[C:\WINDOWS\system32\DreyeSkinCtrls80U.dll] [, 1, 0, 0, 1]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIMhook.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\DrLanENU.dll] [Inventec, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\Peadict\DreyeBase.dll] [IES, 8, 0, 2007, 0]
[C:\WINDOWS\system32\PEADDX32.dll] [INVENTEC, 4, 0, 2000, 0]
[C:\Program Files\Inventec\Dreye\DreyeCNV\DreyeCNV.dll] [IES, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\DreyeAid\DrLetter.dll] [IES, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\DreyeMT\DrMarkTrans.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\DreyeMIM\DreyeMIM.dll] [IOL, 7, 0, 2005, 0]
[C:\Program Files\Inventec\Dreye\DreyeML\DreyeML.dll] [IOS, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\PeaDict\DreyeMLB.dll] [IES, 8, 0, 2007, 0]
[C:\WINDOWS\system32\DrEyeAPI.dll] [INVENTEC, 1, 0, 3, 0]
[C:\Program Files\Inventec\Dreye\DreyeMT\DrTrans.dll] [Inventec, 1, 0, 0, 3]
[C:\Program Files\Inventec\Dreye\DreyeMT\WebPageTran.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\mttrans.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\MTDLL32.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\DreyeMT\WebPageCHA.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\DreyePSH\DreyePSH.dll] [IES, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\DreyePSH\DreyeReg.dll] [IES, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\DreyeSA\DreyeSA.dll] [Inventec, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\DreyeSA\DreyeTTS\CTTSPlusGB.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Inventec\Dreye\DreyeSA\DreyeTTS\Tv_Eng32.dll] [Centigram Communications Corp., 5, 1, 0, 14]
[C:\Program Files\Inventec\Dreye\DreyeSA\DreyeTTS\DrTtsChn.dll] [INVENTEC, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\DreyeSA\DreyeTTS\DrTtsPRC.dll] [INVENTEC, 1, 0, 0, 1]
[C:\WINDOWS\system32\F5BkTts.dll] [富士通株式会社, 2, 1, 1, 1]
[C:\WINDOWS\system32\F5BKLNG.dll] [富士通株式会社, 2, 1, 1, 1]
[C:\WINDOWS\system32\F5BKSYN.dll] [富士通株式会社, 2, 1, 1, 1]
[C:\Program Files\Inventec\Dreye\DreyeSentence\DrSenten.dll] [IES, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\DreyeVR\DreyeVR.dll] [IES, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\DreyeWord\DrRtWord.dll] [IES, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\Peadict\DrWdNote.dll] [IES, 8, 0, 2007, 0]
[C:\Program Files\Inventec\Dreye\DreyeMT\DrMTCP.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\DreyeMT\DrMTPC.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\DreyeMT\DrHJMT.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\PeaDict\Api\dictnt.dll] [IES, 1, 0, 0, 1]
[PID: 1172 / Administrator][C:\Program Files\Inventec\Dreye\PeaDict\RtDict.exe] [, 8, 0, 0, 0]
[C:\WINDOWS\system32\AddToNote.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\PeaDict\WordSearch.dll] [IES, 8, 0, 2007, 0]
[C:\WINDOWS\system32\DrEyeDB.dll] [INVENTEC, 1, 0, 1, 0]
[C:\Program Files\Inventec\Dreye\PeaDict\DictView.dll] [N/A, ]
[C:\WINDOWS\system32\DreyeSkinCtrls80U.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\PeaDict\EBDMgr.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\PeaDict\DreyeEBD.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\PeaDict\Login.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\drwss.dll] [, 0, 0, 0, 4]
[C:\WINDOWS\system32\DrEyeAPI.dll] [INVENTEC, 1, 0, 3, 0]
[C:\WINDOWS\system32\DreyeDBW.dll] [N/A, ]
[C:\WINDOWS\system32\DreyeDBU.dll] [N/A, ]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIMhook.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
[C:\WINDOWS\system32\Peaddx32.dll] [INVENTEC, 4, 0, 2000, 0]
[C:\Program Files\Inventec\Dreye\PeaDict\Trace.dll] [, 8, 0, 0, 0]
[C:\Program Files\Inventec\Dreye\PeaDict\DlgDll.dll] [, 8, 0, 0, 0]
[C:\Program Files\Inventec\Dreye\PeaDict\Books.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\PeaDict\IolDbApi.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\PeaDict\View0001.dll] [IES, 6, 0, 0, 0]
[C:\Program Files\Inventec\Dreye\PeaDict\MathMK.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\DictInfo.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\PeaDict\ExtShow.dll] [IES, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\PeaDict\PlaySnd.dll] [, 1, 1, 0, 1]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scrchpg.dll] [Kaspersky Lab, 6.0.2.621]
[C:\WINDOWS\system32\DrEyeDic.dll] [INVENTEC, 1, 0, 2, 0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Inventec\Dreye\PeaDict\Api\VoiceMgr.dll] [N/A, ]
[PID: 784 / Administrator][C:\Program Files\Inventec\Dreye\Peadict\Dict.exe] [Inventect Group, 3, 1, 1000, 428]
[C:\WINDOWS\system32\AddToNote.dll] [N/A, ]
[C:\WINDOWS\system32\PEADDX32.dll] [INVENTEC, 4, 0, 2000, 0]
[C:\Program Files\Inventec\Dreye\Peadict\WordSearch.dll] [IES, 8, 0, 2007, 0]
[C:\WINDOWS\system32\DrEyeDB.dll] [INVENTEC, 1, 0, 1, 0]
[C:\Program Files\Inventec\Dreye\Peadict\EBDMgr.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\Peadict\DreyeEBD.dll] [N/A, ]
[C:\WINDOWS\system32\DreyeMT.dll] [N/A, ]
[C:\WINDOWS\system32\DrEyeAPI.dll] [INVENTEC, 1, 0, 3, 0]
[C:\WINDOWS\system32\DreyeDBW.dll] [N/A, ]
[C:\WINDOWS\system32\DreyeDBU.dll] [N/A, ]
[C:\WINDOWS\system32\voice.dll] [, 1, 0, 0, 1]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIMhook.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\DrEyeDic.dll] [INVENTEC, 1, 0, 2, 0]
[C:\Program Files\Inventec\Dreye\Peadict\RBHook.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\PeaDict\Api\Word32.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\PeaDict\Api\dictnt.dll] [IES, 1, 0, 0, 1]
[C:\WINDOWS\system32\ITToolTip.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\PeaDict\Api\Spell.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\PeaDict\Api\Phrase.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\DreyeMT\DrHJMT.dll] [N/A, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1692 / Administrator][c:\windows\explorer.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIMhook.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scrchpg.dll] [Kaspersky Lab, 6.0.2.621]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll] [Kaspersky Lab, 6.0.2.621]
[C:\Program Files\Inventec\Dreye\PeaDict\Api\dictnt.dll] [IES, 1, 0, 0, 1]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll] [Nero AG, 2, 9, 1, 0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ShellEx.dll] [Kaspersky Lab, 6.0.2.621]
[C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll] [Nero AG, 2, 9, 1, 0]
[C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[PID: 1032 / Administrator][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIMhook.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
[PID: 1584 / Administrator][C:\Documents and Settings\Administrator\桌面\sreng2\SREngPS.com] [Smallfrogs Studio, 2.5.16.900]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIMhook.dll] [, 1, 0, 0, 1]
[C:\Program Files\Inventec\Dreye\DreyeMT\DreyeMT.dll] [N/A, ]
[C:\Program Files\Inventec\Dreye\PeaDict\Api\dictnt.dll] [IES, 1, 0, 0, 1]
[C:\Documents and Settings\Administrator\桌面\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll] [Kaspersky Lab, 6.0.2.621]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scrchpg.dll] [Kaspersky Lab, 6.0.2.621]
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1944, C:\PROGRAM FILES\INVENTEC\DREYE\DREYEMT\DREYEIMPLUGIN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3328, D:\UTORRENT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2356, C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2456, C:\PROGRAM FILES\INVENTEC\DREYE\DREYE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1172, C:\PROGRAM FILES\INVENTEC\DREYE\PEADICT\RTDICT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 784, C:\PROGRAM FILES\INVENTEC\DREYE\PEADICT\DICT.EXE]
API HOOK
RVA 错误: LoadLibraryA (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA 错误: LoadLibraryExA (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA 错误: LoadLibraryExW (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA 错误: LoadLibraryW (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA 错误: GetProcAddress (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
隐藏进程
N/A |