操作 时间 进程名称 数值名称 旧值 新值 修改 2009-02-03 20:20:18 C:\WINDOWS\EXPLORER.EXE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\START PAGEhttp://www.tomatolei.com/ http://www.hao12580.com 修改 2009-02-03 20:20:13 C:\WINDOWS\EXPLORER.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\START PAGEabout:blank http://www.hao12580.com 创建 2009-02-03 18:40:19 C:\WINDOWS\EXPLORER.EXE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\LOGONDLL\ 安装驱动 2009-02-03 18:39:10 D:\应用程序\360SAFE\SAFEMON\360TRAY.EXE HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\360PROCMON 修改 2009-02-03 18:34:20 D:\应用程序\NOKIA\NOKIA PC SUITE 7\PCSUITE.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\PC SUITE TRAY "D:\应用程序\nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray 安装驱动 2009-02-03 13:27:37 D:\应用程序\360SAFE\SAFEMON\360TRAY.EXE HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\360PROCMON 创建 2009-02-03 13:25:52 C:\WINDOWS\EXPLORER.EXE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\LOGONDLL\ 安装驱动 2009-02-03 13:25:07 C:\WINDOWS\SYSTEM32\RUNDLL32.EXE HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\32109 安装驱动 2009-02-03 13:03:16 D:\应用程序\360SAFE\360SAFE.EXE HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\8902453 创建 2009-02-03 12:58:57 C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\SMALL66.EXE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\LOGONDLL\ 安装驱动 2009-02-03 12:58:53 C:\WINDOWS\SYSTEM32\SC.EXE HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NSSRFX 修改 2009-02-03 10:55:33 D:\应用程序\NOKIA\NOKIA PC SUITE 7\PCSUITE.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\PC SUITE TRAY "D:\应用程序\nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray 修改 2009-02-02 21:29:25 D:\应用程序\NOKIA\NOKIA PC SUITE 7\PCSUITE.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\PC SUITE TRAY "D:\应用程序\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray 修改 2009-02-02 13:30:19 C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\START PAGEhttp://www.edowning.net/?regedit about:blank 修改 2009-02-02 13:28:46 C:\WINDOWS\REGEDIT.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\START PAGEabout:blank http://www.edowning.net/?regedit 修改 2009-02-02 13:26:29 C:\WINDOWS\REGEDIT.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\START PAGEabout:blank http://www.edowning.net/?regedit 修改 2009-02-01 18:26:26 D:\软件\RAYSOURCE_SETUP_V3.1.10.8366.EXE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\GRID SERVICE "C:\Program Files\GridService\peer.exe" -n Grid 修改 2009-02-01 16:25:27 D:\应用程序\TENCENT\QQ\QQ.EXE HKEY_CLASSES_ROOT\TXTFILE\SHELL\OPEN\COMMAND\ %SystemRoot%\system32\NOTEPAD.EXE %1 C:\WINDOWS\notepad.exe %1 修改 2009-01-30 18:36:34 D:\应用程序\NOKIA\NOKIA PC SUITE 7\PCSUITE.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\PC SUITE TRAY "D:\应用程序\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray 修改 2009-01-30 14:53:33 D:\软件\SRENG2\SRE9FC4AAE2.EXE HKEY_CLASSES_ROOT\TXTFILE\SHELL\OPEN\COMMAND\ C:\WINDOWS\notepad.exe %1 %SystemRoot%\system32\NOTEPAD.EXE %1 安装驱动 2009-01-30 14:38:52 D:\应用程序\360SAFE\360SAFE.EXE HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\6475250 安装驱动 2009-01-30 14:38:42 D:\应用程序\360SAFE\360SAFE.EXE HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\6464625 安装驱动 2009-01-29 22:41:02 D:\应用程序\FEITENG3\SECURITY.EXE HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\FTDRV 修改 2009-01-29 22:40:57 D:\软件\FT3INST.EXE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\FTV3 C:\WINDOWS\ftct.exe 修改 2009-01-29 22:40:53 D:\软件\FT3INST.EXE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\{2607A95D-8E16-4C9F-9AF6-18872B4418D6} FT3 修改 2009-01-28 20:19:01 D:\软件\RAYSOURCE_SETUP_V3.1.10.8366.EXE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\GRID SERVICE "C:\Program Files\GridService\peer.exe" -n Grid