收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 自制新病毒-2018-6-24-XiaoBa-test
1234下一页
返回列表 发新帖
查看: 6011|回复: 33
收起左侧

[病毒样本] 自制新病毒-2018-6-24-XiaoBa-test

[复制链接]
TheYuCheng
发表于 2018-6-23 20:51:31 | 显示全部楼层 |阅读模式
本帖最后由 TheYuCheng 于 2018-6-25 21:58 编辑

https://pan.baidu.com/s/1n1alcT_qFHjErERBA8viiw




test





回复

举报

ELOHIM
发表于 2018-6-23 20:56:28 | 显示全部楼层
Windows Defender scan miss all
回复

举报

Jerry.Lin
发表于 2018-6-23 20:58:31 | 显示全部楼层
本帖最后由 191196846 于 2018-6-23 21:00 编辑

Comodo Sandbox


并没有跑出什么东东


  1. <?xml version="1.0" encoding="ISO-8859-1"?>
  2. <vscope guid="202713604D4EF65B7A99B87F88E7903C" ver="2.0">
  3. <process parentpath="C:\Windows\System32\svchost.exe" isVirtualized="true" restrictionLevel="NoRestriction" detected="false" trusted="true" hashCrc32="704425029" sha1="01446BF2855732C2BE48D83DCC6C33D9C90E92A8" createtime="2018-06-23T12:56:10.002Z" cmdline="" path="C:\Windows\System32\OpenWith.exe" pid="8780">
  4. <activities>
  5. <activity id="254369" path="C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_fb3f961b30681c12\comctl32.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:09.971Z"/>
  6. <activity id="254370" path="C:\Windows\System32\imm32.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:09.971Z"/>
  7. <activity id="254371" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\OpenWith.exe.mui" type="LoadImageFile" timestamp="2018-06-23T12:56:09.987Z"/>
  8. <activity id="254372" path="C:\Windows\WindowsShell.Manifest" type="LoadImageFile" timestamp="2018-06-23T12:56:09.987Z"/>
  9. <activity id="254373" path="C:\Windows\System32\guard64.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:09.987Z"/>
  10. <activity id="254374" path="C:\Windows\System32\version.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:09.987Z"/>
  11. <activity id="254375" path="C:\Windows\System32\oleaut32.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:09.987Z"/>
  12. <activity id="254376" path="C:\Windows\System32\cmdvrt64.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.002Z"/>
  13. <activity id="254378" path="C:\Windows\System32\shell32.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.002Z"/>
  14. <activity id="254379" path="C:\Windows\System32\ntmarta.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.002Z"/>
  15. <activity id="254381" path="C:\Windows\System32\KernelBase.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.002Z"/>
  16. <activity id="254383" path="C:\Windows\System32\ntdll.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.009Z"/>
  17. <activity id="254385" path="C:\Windows\System32\kernel32.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.009Z"/>
  18. <activity id="254393" path="C:\Windows\System32\user32.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.009Z"/>
  19. <activity id="254403" path="C:\Windows\System32\combase.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.009Z"/>
  20. <activity id="254411" path="C:\Windows\System32\advapi32.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.009Z"/>
  21. <activity id="254443" path="C:\Windows\System32\sechost.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.040Z"/>
  22. <activity id="254619" path="C:\Windows\System32\fltLib.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.109Z"/>
  23. <activity id="254791" path="C:\Windows\System32\rpcss.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.256Z"/>
  24. <activity id="254792" path="C:\Windows\System32\uxtheme.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.256Z"/>
  25. <activity id="254798" path="C:\Program Files\Listary\ListaryHook64.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.256Z"/>
  26. <activity id="254801" path="C:\Windows\System32\oleacc.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.272Z"/>
  27. <activity id="254802" path="C:\Windows\System32\oleaccrc.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.272Z"/>
  28. <activity id="254804" type="KernelObject" timestamp="2018-06-23T12:56:10.272Z" objectType="Port" isCreate="true" name="\RPC Control\OLEE5DB0B19F6BBE7CA6CE252914290"/>
  29. <activity id="254806" path="C:\Windows\Registration\R00000000000d.clb" type="LoadImageFile" timestamp="2018-06-23T12:56:10.288Z"/>
  30. <activity id="254807" path="C:\Windows\System32\OneCoreUAPCommonProxyStub.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.288Z"/>
  31. <activity id="254824" path="C:\Windows\Globalization\Sorting\SortDefault.nls" type="LoadImageFile" timestamp="2018-06-23T12:56:10.341Z"/>
  32. <activity id="254825" path="C:\Windows\System32\twinui.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.357Z"/>
  33. <activity id="254828" path="C:\Windows\System32\WinTypes.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.357Z"/>
  34. <activity id="254829" path="C:\Windows\System32\dwmapi.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.357Z"/>
  35. <activity id="254837" path="C:\Windows\System32\OneCoreCommonProxyStub.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.373Z"/>
  36. <activity id="254847" path="C:\Windows\System32\actxprxy.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.388Z"/>
  37. <activity id="254852" type="KernelObject" timestamp="2018-06-23T12:56:10.410Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\SM0:8780:120:WilError_01"/>
  38. <activity id="254853" type="KernelObject" timestamp="2018-06-23T12:56:10.410Z" objectType="Semaphore" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\SM0:8780:120:WilError_01_p0"/>
  39. <activity id="254854" type="KernelObject" timestamp="2018-06-23T12:56:10.410Z" objectType="Semaphore" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\SM0:8780:120:WilError_01_p0h"/>
  40. <activity id="254855" type="KernelObject" timestamp="2018-06-23T12:56:10.414Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\SM0:8780:304:WilStaging_02"/>
  41. <activity id="254857" path="C:\Windows\System32\propsys.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.424Z"/>
  42. <activity id="254861" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Caches\cversions.1.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.455Z"/>
  43. <activity id="254862" type="KernelObject" timestamp="2018-06-23T12:56:10.455Z" objectType="Section" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\C:*Users*zhong*AppData*Local*Microsoft*Windows*Caches*cversions.1.ro"/>
  44. <activity id="254863" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000045.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.455Z"/>
  45. <activity id="254864" type="KernelObject" timestamp="2018-06-23T12:56:10.455Z" objectType="Section" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\C:*Users*zhong*AppData*Local*Microsoft*Windows*Caches*{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000045.db"/>
  46. <activity id="254865" type="KernelObject" timestamp="2018-06-23T12:56:10.455Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\SyncRootManager"/>
  47. <activity id="254868" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\propsys.dll.mui" type="LoadImageFile" timestamp="2018-06-23T12:56:10.471Z"/>
  48. <activity id="254873" type="KernelObject" timestamp="2018-06-23T12:56:10.486Z" objectType="Semaphore" isCreate="true" name="\Sessions\1\BaseNamedObjects\ComTaskPool:8780"/>
  49. <activity id="254876" path="C:\Windows\System32\Windows.UI.AppDefaults.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.526Z"/>
  50. <activity id="254882" path="C:\Windows\System32\Windows.UI.Immersive.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.541Z"/>
  51. <activity id="254889" path="C:\Windows\System32\UIAutomationCore.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.573Z"/>
  52. <activity id="254894" path="C:\Windows\System32\dui70.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.573Z"/>
  53. <activity id="254895" path="C:\Windows\System32\duser.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.588Z"/>
  54. <activity id="254896" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\dui70.dll.mui" type="LoadImageFile" timestamp="2018-06-23T12:56:10.588Z"/>
  55. <activity id="254897" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\Windows.UI.Immersive.dll.mui" type="LoadImageFile" timestamp="2018-06-23T12:56:10.604Z"/>
  56. <activity id="254913" path="C:\Windows\System32\DWrite.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.642Z"/>
  57. <activity id="254918" path="C:\Windows\System32\BCP47mrm.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.657Z"/>
  58. <activity id="254919" path="C:\Windows\System32\UIAnimation.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.657Z"/>
  59. <activity id="254929" path="C:\Windows\System32\d3d11.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.688Z"/>
  60. <activity id="254930" path="C:\Windows\System32\dxgi.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.688Z"/>
  61. <activity id="254931" path="C:\Windows\System32\d3d10warp.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.688Z"/>
  62. <activity id="254934" path="C:\Windows\System32\ResourcePolicyClient.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.688Z"/>
  63. <activity id="254942" path="C:\Windows\System32\dcomp.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.711Z"/>
  64. <activity id="254945" type="KernelObject" timestamp="2018-06-23T12:56:10.711Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\SessionImmersiveColorMutex"/>
  65. <activity id="254946" type="KernelObject" timestamp="2018-06-23T12:56:10.711Z" objectType="Section" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\SessionImmersiveColorPreference"/>
  66. <activity id="254947" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\twinui.dll.mui" type="LoadImageFile" timestamp="2018-06-23T12:56:10.726Z"/>
  67. <activity id="254950" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\oleaccrc.dll.mui" type="LoadImageFile" timestamp="2018-06-23T12:56:10.726Z"/>
  68. <activity id="254951" path="C:\Windows\System32\edputil.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.726Z"/>
  69. <activity id="254953" path="C:\Windows\System32\WindowsCodecs.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.757Z"/>
  70. <activity id="254954" path="C:\Windows\System32\thumbcache.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.789Z"/>
  71. <activity id="254959" type="KernelObject" timestamp="2018-06-23T12:56:10.789Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!rwWriterMutex"/>
  72. <activity id="254960" type="KernelObject" timestamp="2018-06-23T12:56:10.789Z" objectType="Event" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!rwWriterEvent"/>
  73. <activity id="254961" type="KernelObject" timestamp="2018-06-23T12:56:10.789Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_16.db!dfMaintainer"/>
  74. <activity id="254962" type="KernelObject" timestamp="2018-06-23T12:56:10.789Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_32.db!dfMaintainer"/>
  75. <activity id="254963" type="KernelObject" timestamp="2018-06-23T12:56:10.789Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_48.db!dfMaintainer"/>
  76. <activity id="254964" type="KernelObject" timestamp="2018-06-23T12:56:10.789Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_96.db!dfMaintainer"/>
  77. <activity id="254965" type="KernelObject" timestamp="2018-06-23T12:56:10.789Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_256.db!dfMaintainer"/>
  78. <activity id="254966" type="KernelObject" timestamp="2018-06-23T12:56:10.804Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_768.db!dfMaintainer"/>
  79. <activity id="254967" type="KernelObject" timestamp="2018-06-23T12:56:10.804Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_1280.db!dfMaintainer"/>
  80. <activity id="254968" type="KernelObject" timestamp="2018-06-23T12:56:10.804Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_1920.db!dfMaintainer"/>
  81. <activity id="254969" type="KernelObject" timestamp="2018-06-23T12:56:10.804Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_2560.db!dfMaintainer"/>
  82. <activity id="254970" type="KernelObject" timestamp="2018-06-23T12:56:10.804Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_sr.db!dfMaintainer"/>
  83. <activity id="254971" type="KernelObject" timestamp="2018-06-23T12:56:10.804Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_wide.db!dfMaintainer"/>
  84. <activity id="254972" type="KernelObject" timestamp="2018-06-23T12:56:10.804Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_exif.db!dfMaintainer"/>
  85. <activity id="254973" type="KernelObject" timestamp="2018-06-23T12:56:10.804Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_wide_alternate.db!dfMaintainer"/>
  86. <activity id="254974" type="KernelObject" timestamp="2018-06-23T12:56:10.804Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_custom_stream.db!dfMaintainer"/>
  87. <activity id="254975" type="KernelObject" timestamp="2018-06-23T12:56:10.804Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!IconCacheInit"/>
  88. <activity id="254976" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete" type="FindFile" timestamp="2018-06-23T12:56:10.804Z" pattern="icn*"/>
  89. <activity id="254977" type="KernelObject" timestamp="2018-06-23T12:56:10.804Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!rwReaderRefs"/>
  90. <activity id="254978" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.811Z"/>
  91. <activity id="255010" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.827Z"/>
  92. <activity id="255016" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63B3.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.827Z"/>
  93. <activity id="255018" type="RenameFile" timestamp="2018-06-23T12:56:10.827Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63B3.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db"/>
  94. <activity id="255019" type="MoveFile" timestamp="2018-06-23T12:56:10.827Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63B3.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db"/>
  95. <activity id="255020" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63B3.tmp" type="DeleteFile" timestamp="2018-06-23T12:56:10.827Z"/>
  96. <activity id="255021" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63B4.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.827Z"/>
  97. <activity id="255022" type="RenameFile" timestamp="2018-06-23T12:56:10.827Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63B4.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db"/>
  98. <activity id="255023" type="MoveFile" timestamp="2018-06-23T12:56:10.827Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63B4.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db"/>
  99. <activity id="255024" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63B5.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.827Z"/>
  100. <activity id="255025" type="RenameFile" timestamp="2018-06-23T12:56:10.842Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63B5.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db"/>
  101. <activity id="255026" type="MoveFile" timestamp="2018-06-23T12:56:10.842Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63B5.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db"/>
  102. <activity id="255027" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63C6.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.842Z"/>
  103. <activity id="255028" type="RenameFile" timestamp="2018-06-23T12:56:10.842Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63C6.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db"/>
  104. <activity id="255029" type="MoveFile" timestamp="2018-06-23T12:56:10.842Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63C6.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db"/>
  105. <activity id="255030" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63C7.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.842Z"/>
  106. <activity id="255031" type="RenameFile" timestamp="2018-06-23T12:56:10.842Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63C7.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db"/>
  107. <activity id="255032" type="MoveFile" timestamp="2018-06-23T12:56:10.842Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63C7.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db"/>
  108. <activity id="255033" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63C8.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.858Z"/>
  109. <activity id="255034" type="RenameFile" timestamp="2018-06-23T12:56:10.858Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63C8.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db"/>
  110. <activity id="255035" type="MoveFile" timestamp="2018-06-23T12:56:10.858Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63C8.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db"/>
  111. <activity id="255036" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63D8.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.858Z"/>
  112. <activity id="255037" type="RenameFile" timestamp="2018-06-23T12:56:10.858Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63D8.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db"/>
  113. <activity id="255038" type="MoveFile" timestamp="2018-06-23T12:56:10.858Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63D8.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db"/>
  114. <activity id="255039" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63D9.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.858Z"/>
  115. <activity id="255040" type="RenameFile" timestamp="2018-06-23T12:56:10.873Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63D9.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db"/>
  116. <activity id="255041" type="MoveFile" timestamp="2018-06-23T12:56:10.873Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63D9.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db"/>
  117. <activity id="255042" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63EA.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.873Z"/>
  118. <activity id="255043" type="RenameFile" timestamp="2018-06-23T12:56:10.873Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63EA.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db"/>
  119. <activity id="255044" type="MoveFile" timestamp="2018-06-23T12:56:10.873Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63EA.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db"/>
  120. <activity id="255045" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63EB.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.873Z"/>
  121. <activity id="255046" type="RenameFile" timestamp="2018-06-23T12:56:10.873Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63EB.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db"/>
  122. <activity id="255047" type="MoveFile" timestamp="2018-06-23T12:56:10.873Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63EB.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db"/>
  123. <activity id="255048" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63EC.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.873Z"/>
  124. <activity id="255049" type="RenameFile" timestamp="2018-06-23T12:56:10.889Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63EC.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db"/>
  125. <activity id="255050" type="MoveFile" timestamp="2018-06-23T12:56:10.889Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63EC.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db"/>
  126. <activity id="255051" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63FC.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.889Z"/>
  127. <activity id="255053" type="RenameFile" timestamp="2018-06-23T12:56:10.889Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63FC.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db"/>
  128. <activity id="255054" type="MoveFile" timestamp="2018-06-23T12:56:10.889Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63FC.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db"/>
  129. <activity id="255055" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63FD.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.889Z"/>
  130. <activity id="255057" type="RenameFile" timestamp="2018-06-23T12:56:10.889Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63FD.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db"/>
  131. <activity id="255058" type="MoveFile" timestamp="2018-06-23T12:56:10.889Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63FD.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db"/>
  132. <activity id="255059" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63FE.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.889Z"/>
  133. <activity id="255060" type="RenameFile" timestamp="2018-06-23T12:56:10.905Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63FE.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db"/>
  134. <activity id="255061" type="MoveFile" timestamp="2018-06-23T12:56:10.905Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63FE.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db"/>
  135. <activity id="255062" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn63FE.tmp" type="DeleteFile" timestamp="2018-06-23T12:56:10.905Z"/>
  136. <activity id="255063" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn640F.tmp" type="CreateFile" timestamp="2018-06-23T12:56:10.905Z"/>
  137. <activity id="255064" type="RenameFile" timestamp="2018-06-23T12:56:10.911Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn640F.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db"/>
  138. <activity id="255065" type="MoveFile" timestamp="2018-06-23T12:56:10.911Z" dstPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete\icn640F.tmp" srcPath="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db"/>
  139. <activity id="255070" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  140. <activity id="255078" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  141. <activity id="255082" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  142. <activity id="255086" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  143. <activity id="255090" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  144. <activity id="255094" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  145. <activity id="255098" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  146. <activity id="255102" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  147. <activity id="255106" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  148. <activity id="255110" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  149. <activity id="255114" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  150. <activity id="255118" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  151. <activity id="255122" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db" type="LoadImageFile" timestamp="2018-06-23T12:56:10.911Z"/>
  152. <activity id="255127" path="C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\Common7\IDE\devenv.exe" type="LoadImageFile" timestamp="2018-06-23T12:56:10.927Z"/>
  153. <activity id="255128" path="C:\Windows\System32\policymanager.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.927Z"/>
  154. <activity id="255129" path="C:\Windows\System32\msvcp110_win.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.927Z"/>
  155. <activity id="255169" path="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe" type="LoadImageFile" timestamp="2018-06-23T12:56:10.958Z"/>
  156. <activity id="255207" path="C:\Program Files\internet explorer\iexplore.exe" type="LoadImageFile" timestamp="2018-06-23T12:56:10.989Z"/>
  157. <activity id="255208" path="C:\Program Files\internet explorer\zh-CN\iexplore.exe.mui" type="LoadImageFile" timestamp="2018-06-23T12:56:10.989Z"/>
  158. <activity id="255211" path="C:\Windows\System32\IconCodecService.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:10.989Z"/>
  159. <activity id="255252" path="C:\Windows\System32\mspaint.exe" type="LoadImageFile" timestamp="2018-06-23T12:56:11.012Z"/>
  160. <activity id="255289" path="C:\Program Files\Notepad++\notepad++.exe" type="LoadImageFile" timestamp="2018-06-23T12:56:11.027Z"/>
  161. <activity id="255326" path="C:\Windows\System32\notepad.exe" type="LoadImageFile" timestamp="2018-06-23T12:56:11.043Z"/>
  162. <activity id="255327" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\notepad.exe.mui" type="LoadImageFile" timestamp="2018-06-23T12:56:11.043Z"/>
  163. <activity id="255366" path="C:\Program Files\Potplayer\PotPlayerMini64.exe" type="LoadImageFile" timestamp="2018-06-23T12:56:11.058Z"/>
  164. <activity id="255403" path="C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\VSLauncher.exe" type="LoadImageFile" timestamp="2018-06-23T12:56:11.074Z"/>
  165. <activity id="255441" path="C:\Program Files\Microsoft Office\Office16\WINWORD.EXE" type="LoadImageFile" timestamp="2018-06-23T12:56:11.090Z"/>
  166. <activity id="255479" path="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" type="LoadImageFile" timestamp="2018-06-23T12:56:11.112Z"/>
  167. <activity id="255480" path="C:\Program Files (x86)\Windows Media Player\zh-CN\wmplayer.exe.mui" type="LoadImageFile" timestamp="2018-06-23T12:56:11.112Z"/>
  168. <activity id="255515" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\shell32.dll.mui" type="LoadImageFile" timestamp="2018-06-23T12:56:11.127Z"/>
  169. <activity id="255518" path="C:\Program Files\windows nt\accessories\wordpad.exe" type="LoadImageFile" timestamp="2018-06-23T12:56:11.127Z"/>
  170. <activity id="255553" path="C:\Windows\System32\apphelp.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:11.159Z"/>
  171. <activity id="255554" path="C:\Windows\System32\AppResolver.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:11.159Z"/>
  172. <activity id="255557" path="C:\Windows\System32\BCP47Langs.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:11.159Z"/>
  173. <activity id="255558" path="C:\Windows\System32\slc.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:11.159Z"/>
  174. <activity id="255559" path="C:\Windows\System32\userenv.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:11.159Z"/>
  175. <activity id="255560" path="C:\Windows\System32\sppc.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:11.159Z"/>
  176. <activity id="255564" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Caches\cversions.3.db" type="LoadImageFile" timestamp="2018-06-23T12:56:11.174Z"/>
  177. <activity id="255565" type="KernelObject" timestamp="2018-06-23T12:56:11.174Z" objectType="Section" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\C:*Users*zhong*AppData*Local*Microsoft*Windows*Caches*cversions.3.ro"/>
  178. <activity id="255566" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x00000000000000fd.db" type="LoadImageFile" timestamp="2018-06-23T12:56:11.190Z"/>
  179. <activity id="255567" type="KernelObject" timestamp="2018-06-23T12:56:11.190Z" objectType="Section" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\C:*Users*zhong*AppData*Local*Microsoft*Windows*Caches*{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x00000000000000fd.db"/>
  180. <activity id="255568" path="C:\Windows\System32\TileDataRepository.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:11.190Z"/>
  181. <activity id="255571" path="C:\Windows\System32\StateRepository.Core.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:11.190Z"/>
  182. <activity id="255572" path="C:\Windows\System32\Windows.StateRepository.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:11.190Z"/>
  183. <activity id="255575" path="C:\Windows\System32\usermgrcli.dll" type="LoadImageFile" timestamp="2018-06-23T12:56:11.190Z"/>
  184. </activities>
  185. <children/>
  186. </process>
  187. </vscope>
复制代码


回复

举报

dg1vg4
发表于 2018-6-23 21:00:06 | 显示全部楼层
本帖最后由 dg1vg4 于 2018-6-23 21:06 编辑

Panda  Miss
偶莫昔洛伊,XiaoBa居然在卡饭现身了。


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

終極小壞蛋
发表于 2018-6-23 21:02:40 | 显示全部楼层
360干掉一个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

ELOHIM
发表于 2018-6-23 21:04:26 | 显示全部楼层
191196846 发表于 2018-6-23 20:58
Comodo Sandbox

hiip://xiaobaruanjian.xyz/XiaoBa/PSOK.hta   

这个呢。
回复

举报

Picca
发表于 2018-6-23 21:04:57 | 显示全部楼层
KIS kill 2x

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Jerry.Lin
发表于 2018-6-23 21:09:04 | 显示全部楼层
ELOHIM 发表于 2018-6-23 21:04
hiip://xiaobaruanjian.xyz/XiaoBa/PSOK.hta   

这个呢。

一样的
  1. <?xml version="1.0" encoding="ISO-8859-1"?>
  2. <vscope guid="202713604D4EF65B7A99B87F88E7903C" ver="2.0">
  3. <process parentpath="C:\Windows\System32\svchost.exe" isVirtualized="true" restrictionLevel="NoRestriction" detected="false" trusted="true" hashCrc32="704425029" sha1="01446BF2855732C2BE48D83DCC6C33D9C90E92A8" createtime="2018-06-23T13:07:20.441Z" cmdline="" path="C:\Windows\System32\OpenWith.exe" pid="14772">
  4. <activities>
  5. <activity id="272856" path="C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_fb3f961b30681c12\comctl32.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.456Z"/>
  6. <activity id="272857" path="C:\Windows\System32\imm32.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.456Z"/>
  7. <activity id="272858" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\OpenWith.exe.mui" type="LoadImageFile" timestamp="2018-06-23T13:07:20.472Z"/>
  8. <activity id="272859" path="C:\Windows\WindowsShell.Manifest" type="LoadImageFile" timestamp="2018-06-23T13:07:20.478Z"/>
  9. <activity id="272860" path="C:\Windows\System32\guard64.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.478Z"/>
  10. <activity id="272861" path="C:\Windows\System32\version.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.478Z"/>
  11. <activity id="272862" path="C:\Windows\System32\oleaut32.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.478Z"/>
  12. <activity id="272863" path="C:\Windows\System32\cmdvrt64.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.478Z"/>
  13. <activity id="272864" path="C:\Windows\System32\shell32.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.494Z"/>
  14. <activity id="272865" path="C:\Windows\System32\ntmarta.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.494Z"/>
  15. <activity id="272867" path="C:\Windows\System32\KernelBase.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.494Z"/>
  16. <activity id="272869" path="C:\Windows\System32\ntdll.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.494Z"/>
  17. <activity id="272870" path="C:\Windows\System32\kernel32.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.494Z"/>
  18. <activity id="272874" path="C:\Windows\System32\user32.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.494Z"/>
  19. <activity id="272882" path="C:\Windows\System32\combase.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.510Z"/>
  20. <activity id="272886" path="C:\Windows\System32\advapi32.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.510Z"/>
  21. <activity id="272902" path="C:\Windows\System32\sechost.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.561Z"/>
  22. <activity id="272990" path="C:\Windows\System32\fltLib.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.668Z"/>
  23. <activity id="273076" path="C:\Windows\System32\rpcss.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.885Z"/>
  24. <activity id="273077" path="C:\Windows\System32\uxtheme.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.886Z"/>
  25. <activity id="273082" path="C:\Program Files\Listary\ListaryHook64.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.893Z"/>
  26. <activity id="273085" path="C:\Windows\System32\oleacc.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.895Z"/>
  27. <activity id="273086" path="C:\Windows\System32\oleaccrc.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.897Z"/>
  28. <activity id="273088" type="KernelObject" timestamp="2018-06-23T13:07:20.910Z" objectType="Port" isCreate="true" name="\RPC Control\OLE13065AE028AAEAA75FC72461EDBC"/>
  29. <activity id="273090" path="C:\Windows\Registration\R00000000000d.clb" type="LoadImageFile" timestamp="2018-06-23T13:07:20.923Z"/>
  30. <activity id="273091" path="C:\Windows\System32\OneCoreUAPCommonProxyStub.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:20.926Z"/>
  31. <activity id="273102" path="C:\Windows\Globalization\Sorting\SortDefault.nls" type="LoadImageFile" timestamp="2018-06-23T13:07:20.988Z"/>
  32. <activity id="273103" path="C:\Windows\System32\twinui.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.000Z"/>
  33. <activity id="273106" path="C:\Windows\System32\WinTypes.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.003Z"/>
  34. <activity id="273107" path="C:\Windows\System32\dwmapi.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.004Z"/>
  35. <activity id="273115" path="C:\Windows\System32\OneCoreCommonProxyStub.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.037Z"/>
  36. <activity id="273123" path="C:\Windows\System32\actxprxy.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.067Z"/>
  37. <activity id="273127" type="KernelObject" timestamp="2018-06-23T13:07:21.085Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\SM0:14772:120:WilError_01"/>
  38. <activity id="273128" type="KernelObject" timestamp="2018-06-23T13:07:21.085Z" objectType="Semaphore" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\SM0:14772:120:WilError_01_p0"/>
  39. <activity id="273129" type="KernelObject" timestamp="2018-06-23T13:07:21.085Z" objectType="Semaphore" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\SM0:14772:120:WilError_01_p0h"/>
  40. <activity id="273130" type="KernelObject" timestamp="2018-06-23T13:07:21.104Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\SM0:14772:304:WilStaging_02"/>
  41. <activity id="273132" path="C:\Windows\System32\propsys.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.117Z"/>
  42. <activity id="273133" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Caches\cversions.1.db" type="LoadImageFile" timestamp="2018-06-23T13:07:21.153Z"/>
  43. <activity id="273134" type="KernelObject" timestamp="2018-06-23T13:07:21.154Z" objectType="Section" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\C:*Users*zhong*AppData*Local*Microsoft*Windows*Caches*cversions.1.ro"/>
  44. <activity id="273135" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000045.db" type="LoadImageFile" timestamp="2018-06-23T13:07:21.155Z"/>
  45. <activity id="273136" type="KernelObject" timestamp="2018-06-23T13:07:21.155Z" objectType="Section" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\C:*Users*zhong*AppData*Local*Microsoft*Windows*Caches*{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000045.db"/>
  46. <activity id="273137" type="KernelObject" timestamp="2018-06-23T13:07:21.161Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\SyncRootManager"/>
  47. <activity id="273140" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\propsys.dll.mui" type="LoadImageFile" timestamp="2018-06-23T13:07:21.174Z"/>
  48. <activity id="273145" type="KernelObject" timestamp="2018-06-23T13:07:21.196Z" objectType="Semaphore" isCreate="true" name="\Sessions\1\BaseNamedObjects\ComTaskPool:14772"/>
  49. <activity id="273148" path="C:\Windows\System32\Windows.UI.AppDefaults.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.226Z"/>
  50. <activity id="273153" path="C:\Windows\System32\Windows.UI.Immersive.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.261Z"/>
  51. <activity id="273157" path="C:\Windows\System32\UIAutomationCore.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.302Z"/>
  52. <activity id="273161" path="C:\Windows\System32\dui70.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.312Z"/>
  53. <activity id="273162" path="C:\Windows\System32\duser.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.316Z"/>
  54. <activity id="273163" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\dui70.dll.mui" type="LoadImageFile" timestamp="2018-06-23T13:07:21.325Z"/>
  55. <activity id="273164" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\Windows.UI.Immersive.dll.mui" type="LoadImageFile" timestamp="2018-06-23T13:07:21.333Z"/>
  56. <activity id="273180" path="C:\Windows\System32\DWrite.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.387Z"/>
  57. <activity id="273184" path="C:\Windows\System32\BCP47mrm.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.399Z"/>
  58. <activity id="273185" path="C:\Windows\System32\UIAnimation.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.407Z"/>
  59. <activity id="273194" path="C:\Windows\System32\d3d11.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.442Z"/>
  60. <activity id="273195" path="C:\Windows\System32\dxgi.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.443Z"/>
  61. <activity id="273196" path="C:\Windows\System32\d3d10warp.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.448Z"/>
  62. <activity id="273198" path="C:\Windows\System32\ResourcePolicyClient.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.457Z"/>
  63. <activity id="273205" path="C:\Windows\System32\dcomp.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.472Z"/>
  64. <activity id="273209" type="KernelObject" timestamp="2018-06-23T13:07:21.487Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\SessionImmersiveColorMutex"/>
  65. <activity id="273210" type="KernelObject" timestamp="2018-06-23T13:07:21.487Z" objectType="Section" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\SessionImmersiveColorPreference"/>
  66. <activity id="273211" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\twinui.dll.mui" type="LoadImageFile" timestamp="2018-06-23T13:07:21.491Z"/>
  67. <activity id="273214" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\oleaccrc.dll.mui" type="LoadImageFile" timestamp="2018-06-23T13:07:21.495Z"/>
  68. <activity id="273216" path="C:\Windows\System32\edputil.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.501Z"/>
  69. <activity id="273218" path="C:\Windows\System32\WindowsCodecs.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.538Z"/>
  70. <activity id="273219" path="C:\Windows\System32\thumbcache.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.590Z"/>
  71. <activity id="273223" type="KernelObject" timestamp="2018-06-23T13:07:21.602Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!rwWriterMutex"/>
  72. <activity id="273224" type="KernelObject" timestamp="2018-06-23T13:07:21.602Z" objectType="Event" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!rwWriterEvent"/>
  73. <activity id="273225" type="KernelObject" timestamp="2018-06-23T13:07:21.602Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_16.db!dfMaintainer"/>
  74. <activity id="273226" type="KernelObject" timestamp="2018-06-23T13:07:21.602Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_32.db!dfMaintainer"/>
  75. <activity id="273227" type="KernelObject" timestamp="2018-06-23T13:07:21.602Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_48.db!dfMaintainer"/>
  76. <activity id="273228" type="KernelObject" timestamp="2018-06-23T13:07:21.602Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_96.db!dfMaintainer"/>
  77. <activity id="273229" type="KernelObject" timestamp="2018-06-23T13:07:21.602Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_256.db!dfMaintainer"/>
  78. <activity id="273230" type="KernelObject" timestamp="2018-06-23T13:07:21.602Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_768.db!dfMaintainer"/>
  79. <activity id="273231" type="KernelObject" timestamp="2018-06-23T13:07:21.602Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_1280.db!dfMaintainer"/>
  80. <activity id="273232" type="KernelObject" timestamp="2018-06-23T13:07:21.603Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_1920.db!dfMaintainer"/>
  81. <activity id="273233" type="KernelObject" timestamp="2018-06-23T13:07:21.603Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_2560.db!dfMaintainer"/>
  82. <activity id="273234" type="KernelObject" timestamp="2018-06-23T13:07:21.603Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_sr.db!dfMaintainer"/>
  83. <activity id="273235" type="KernelObject" timestamp="2018-06-23T13:07:21.603Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_wide.db!dfMaintainer"/>
  84. <activity id="273236" type="KernelObject" timestamp="2018-06-23T13:07:21.603Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_exif.db!dfMaintainer"/>
  85. <activity id="273237" type="KernelObject" timestamp="2018-06-23T13:07:21.603Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_wide_alternate.db!dfMaintainer"/>
  86. <activity id="273238" type="KernelObject" timestamp="2018-06-23T13:07:21.603Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_custom_stream.db!dfMaintainer"/>
  87. <activity id="273239" type="KernelObject" timestamp="2018-06-23T13:07:21.603Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!IconCacheInit"/>
  88. <activity id="273240" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete" type="FindFile" timestamp="2018-06-23T13:07:21.604Z" pattern="icn*"/>
  89. <activity id="273241" type="KernelObject" timestamp="2018-06-23T13:07:21.606Z" objectType="Mutex" isCreate="true" name="\Sessions\1\BaseNamedObjects\Global\C::Users:zhong:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!rwReaderRefs"/>
  90. <activity id="273242" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db" type="LoadImageFile" timestamp="2018-06-23T13:07:21.624Z"/>
  91. <activity id="273274" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db" type="LoadImageFile" timestamp="2018-06-23T13:07:21.640Z"/>
  92. <activity id="273281" path="C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\Common7\IDE\devenv.exe" type="LoadImageFile" timestamp="2018-06-23T13:07:21.642Z"/>
  93. <activity id="273282" path="C:\Windows\System32\policymanager.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.644Z"/>
  94. <activity id="273283" path="C:\Windows\System32\msvcp110_win.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.645Z"/>
  95. <activity id="273320" path="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe" type="LoadImageFile" timestamp="2018-06-23T13:07:21.699Z"/>
  96. <activity id="273358" path="C:\Program Files\internet explorer\iexplore.exe" type="LoadImageFile" timestamp="2018-06-23T13:07:21.733Z"/>
  97. <activity id="273359" path="C:\Program Files\internet explorer\zh-CN\iexplore.exe.mui" type="LoadImageFile" timestamp="2018-06-23T13:07:21.734Z"/>
  98. <activity id="273362" path="C:\Windows\System32\IconCodecService.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.736Z"/>
  99. <activity id="273402" path="C:\Windows\System32\mspaint.exe" type="LoadImageFile" timestamp="2018-06-23T13:07:21.779Z"/>
  100. <activity id="273439" path="C:\Program Files\Notepad++\notepad++.exe" type="LoadImageFile" timestamp="2018-06-23T13:07:21.799Z"/>
  101. <activity id="273476" path="C:\Windows\System32\notepad.exe" type="LoadImageFile" timestamp="2018-06-23T13:07:21.816Z"/>
  102. <activity id="273477" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\notepad.exe.mui" type="LoadImageFile" timestamp="2018-06-23T13:07:21.817Z"/>
  103. <activity id="273516" path="C:\Program Files\Potplayer\PotPlayerMini64.exe" type="LoadImageFile" timestamp="2018-06-23T13:07:21.841Z"/>
  104. <activity id="273553" path="C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\VSLauncher.exe" type="LoadImageFile" timestamp="2018-06-23T13:07:21.865Z"/>
  105. <activity id="273591" path="C:\Program Files\Microsoft Office\Office16\WINWORD.EXE" type="LoadImageFile" timestamp="2018-06-23T13:07:21.884Z"/>
  106. <activity id="273631" path="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" type="LoadImageFile" timestamp="2018-06-23T13:07:21.906Z"/>
  107. <activity id="273632" path="C:\Program Files (x86)\Windows Media Player\zh-CN\wmplayer.exe.mui" type="LoadImageFile" timestamp="2018-06-23T13:07:21.907Z"/>
  108. <activity id="273667" path="C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePackzh-cn_17134.5.8.0_neutral__8wekyb3d8bbwe\Windows\System32\zh-CN\shell32.dll.mui" type="LoadImageFile" timestamp="2018-06-23T13:07:21.922Z"/>
  109. <activity id="273670" path="C:\Program Files\windows nt\accessories\wordpad.exe" type="LoadImageFile" timestamp="2018-06-23T13:07:21.925Z"/>
  110. <activity id="273705" path="C:\Windows\System32\apphelp.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.961Z"/>
  111. <activity id="273706" path="C:\Windows\System32\AppResolver.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.966Z"/>
  112. <activity id="273709" path="C:\Windows\System32\BCP47Langs.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.970Z"/>
  113. <activity id="273710" path="C:\Windows\System32\slc.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.971Z"/>
  114. <activity id="273711" path="C:\Windows\System32\userenv.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.972Z"/>
  115. <activity id="273712" path="C:\Windows\System32\sppc.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.973Z"/>
  116. <activity id="273715" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Caches\cversions.3.db" type="LoadImageFile" timestamp="2018-06-23T13:07:21.993Z"/>
  117. <activity id="273716" type="KernelObject" timestamp="2018-06-23T13:07:21.993Z" objectType="Section" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\C:*Users*zhong*AppData*Local*Microsoft*Windows*Caches*cversions.3.ro"/>
  118. <activity id="273717" path="C:\Users\zhong\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x00000000000000fd.db" type="LoadImageFile" timestamp="2018-06-23T13:07:21.993Z"/>
  119. <activity id="273718" type="KernelObject" timestamp="2018-06-23T13:07:21.993Z" objectType="Section" isCreate="true" name="\Sessions\1\BaseNamedObjects\Local\C:*Users*zhong*AppData*Local*Microsoft*Windows*Caches*{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x00000000000000fd.db"/>
  120. <activity id="273719" path="C:\Windows\System32\TileDataRepository.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:21.995Z"/>
  121. <activity id="273722" path="C:\Windows\System32\StateRepository.Core.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:22.000Z"/>
  122. <activity id="273723" path="C:\Windows\System32\Windows.StateRepository.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:22.001Z"/>
  123. <activity id="273725" path="C:\Windows\System32\usermgrcli.dll" type="LoadImageFile" timestamp="2018-06-23T13:07:22.009Z"/>
  124. </activities>
  125. <children/>
  126. </process>
  127. </vscope>
复制代码
回复

举报

Jerry.Lin
发表于 2018-6-23 21:09:31 | 显示全部楼层
Karna 发表于 2018-6-23 21:04
KIS kill 2x

传下hh.exe那个程序

我这边跑不出来
回复

举报

Picca
发表于 2018-6-23 21:11:42 | 显示全部楼层
191196846 发表于 2018-6-23 21:09
传下hh.exe那个程序

我这边跑不出来

没办法下载,被漏洞防护阻止了。
回复

举报

下一页 »
1234下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-2 05:59 , Processed in 0.133994 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表