广告程序 not-a-virus:AdWare.Win32.WebSearch.aj

启动项目

注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

<kav><"F:\卡巴\avp.exe"> [Kaspersky Lab]

<SKYNET Personal FireWall><F:\FIREWALL\FIREWALL\pfw.exe> [广州众达天网技术有限公司]

<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

<shell><Explorer.exe> [(Verified)Microsoft Corporation]

<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]

<UIHost><logonui.exe> [(Verified)Microsoft Corporation]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]

<WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll> [Kaspersky Lab]

==================================

启动文件夹

N/A

==================================

服务

[卡巴斯基反病毒6.0 / AVP]

<F:\卡巴\avp.exe -r><Kaspersky Lab>

[Human Interface Device Access / HidServ]

<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>

[NVIDIA Display Driver Service / NVSvc]

<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

[Windows User Mode Driver Framework / UMWdf]

<C:\WINDOWS\system32\wdfmgr.exe><N/A>

==================================

驱动程序

[2310_00 / 2310_00]

<\SystemRoot\System32\BIRD\2310_00.sys><HighPoint Technologies, Inc.>

[3WAREDRV / 3WAREDRV]

<\SystemRoot\System32\BIRD\3WAREDRV.SYS><N/A>

[3WAREGSM / 3WAREGSM]

<\SystemRoot\System32\BIRD\3waregsm.sys><N/A>

[3WDRV100 / 3WDRV100]

<\SystemRoot\System32\BIRD\3WDRV100.SYS><N/A>

[A320RAID / A320RAID]

<\SystemRoot\System32\BIRD\a320raid.sys><Adaptec, Inc.>

[AAC / AAC]

<\SystemRoot\System32\BIRD\aac.sys><Adaptec, Inc.>

[AACSAS / AACSAS]

<\SystemRoot\System32\BIRD\aacsas.sys><Adaptec, Inc.>

[AAR81XX / AAR81XX]

<\SystemRoot\System32\BIRD\aar81xx.sys><Adaptec, Inc.>

[AARSI3X / AARSI3X]

<\SystemRoot\System32\BIRD\aarsi3x.sys><Adaptec, Inc.>

[ADP94XX / ADP94XX]

<\SystemRoot\System32\BIRD\adp94xx.sys><Adaptec, Inc.>

[adpu160m / adpu160m]

<\SystemRoot\System32\BIRD\adpu160m.sys><Microsoft Corporation>

[ADPU320 / ADPU320]

<\SystemRoot\System32\BIRD\adpu320.sys><Adaptec, Inc.>

[AEC6210 / AEC6210]

<\SystemRoot\System32\BIRD\aec6210.sys><ACARD Technology Corp.>

[AEC6260 / AEC6260]

<\SystemRoot\System32\BIRD\aec6260.sys><ACARD Technology Corp.>

[AEC6280 / AEC6280]

<\SystemRoot\System32\BIRD\aec6280.sys><ACARD Technology Corp.>

[AEC67160 / AEC67160]

<\SystemRoot\System32\BIRD\aec67160.sys><ACARD Technology Corp.>

[AEC67162 / AEC67162]

<\SystemRoot\System32\BIRD\aec67162.sys><ACARD Technology Corp.>

[AEC671X / AEC671X]

<\SystemRoot\System32\BIRD\AEC671X.sys><ACARD Technology Corp.>

[AEC6880 / AEC6880]

<\SystemRoot\System32\BIRD\AEC6880.sys><ACARD Technology Corp.>

[AEC6897 / AEC6897]

<\SystemRoot\System32\BIRD\aec6897.sys><ACARD Technology Corp.>

[AEC68X5 / AEC68X5]

<\SystemRoot\System32\BIRD\aec68x5.sys><ACARD Technology Corp.>

[aic78u2 / aic78u2]

<\SystemRoot\System32\BIRD\aic78u2.sys><Microsoft Corporation>

[aic78xx / aic78xx]

<\SystemRoot\System32\BIRD\aic78xx.sys><Microsoft Corporation>

[Service for Realtek AC97 Audio (WDM) / ALCXWDM]

<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>

[ARCM_X86 / ARCM_X86]

<\SystemRoot\System32\BIRD\arcm_x86.sys><ARECA Technology Corporation>

[asc / asc]

<\SystemRoot\System32\BIRD\asc.sys><Advanced System Products, Inc.>

[BCHTSW32 / BCHTSW32]

<\SystemRoot\System32\BIRD\bchtsw32.sys><Broadcom Corporation>

[buslogic / buslogic]

<\SystemRoot\System32\bird\buslogic.sys><Microsoft Corporation>

[CDA1000 / CDA1000]

<\SystemRoot\System32\BIRD\cda1000.sys><Adaptec, Inc.>

[CmdIde / CmdIde]

<\SystemRoot\System32\BIRD\cmdide.sys><CMD Technology, Inc.>

[CPQARRY2 / CPQARRY2]

<\SystemRoot\System32\BIRD\cpqarry2.sys><Compaq Computer Corporation>

[CPQCISSM / CPQCISSM]

<\SystemRoot\System32\BIRD\cpqcissm.sys><Hewlett-Packard Company>

[CSB6IDE / CSB6IDE]

<\SystemRoot\System32\BIRD\csb6ide.sys><ServerWorks Corporation>

[dac2w2k / dac2w2k]

<\SystemRoot\System32\BIRD\dac2w2k.sys><Mylex Corporation>

[DMX3191 / DMX3191]

<\SystemRoot\System32\BIRD\DMX3191.sys><Microsoft Corporation>

[DMX3194 / DMX3194]

<\SystemRoot\System32\BIRD\dmx3194.sys><Microsoft Corporation>

[dpti2o / dpti2o]

<\SystemRoot\System32\BIRD\dpti2o.sys><Microsoft Corporation>

[DPTSCSI / DPTSCSI]

<\SystemRoot\System32\BIRD\dptscsi.sys><Distributed Processing Technology Corp.>

[FASTSX / FASTSX]

<\SystemRoot\System32\BIRD\fastsx.sys><Promise Technology, Inc.>

[FASTTRAK / FASTTRAK]

<\SystemRoot\System32\BIRD\fasttrak.sys><Promise Technology, Inc.>

[FASTTX2K / FASTTX2K]

<\SystemRoot\System32\BIRD\fasttx2k.sys><Promise Technology, Inc.>

[fd16_700 / fd16_700]

<\SystemRoot\System32\BIRD\fd16_700.sys><Microsoft Corporation>

[fireport / fireport]

<\SystemRoot\System32\BIRD\fireport.sys><Microsoft Corporation>

[flashpnt / flashpnt]

<\SystemRoot\System32\BIRD\flashpnt.sys><Mylex,Corp.>

[FT8300 / FT8300]

<\SystemRoot\System32\BIRD\ft8300.sys><Promise Technology, Inc.>

[FTSATA2 / FTSATA2]

<\SystemRoot\System32\DRIVERS\ftsata2.sys><N/A>

[GD31244 / GD31244]

<\SystemRoot\System32\BIRD\gd31244.sys><Intel Corporation>

[HPCISSS2 / HPCISSS2]

<\SystemRoot\System32\BIRD\hpcisss2.sys><Hewlett-Packard Company>

[HPT371 / HPT371]

<\SystemRoot\System32\BIRD\HPT371.sys><HighPoint Technologies, Inc.>

[HPT374 / HPT374]

<\SystemRoot\System32\BIRD\hpt374.sys><HighPoint Technologies, Inc.>

[HPT3XX / HPT3XX]

<\SystemRoot\System32\BIRD\hpt3xx.sys><HighPoint Technologies, Inc.>

[IASTOR / IASTOR]

<\SystemRoot\System32\BIRD\iaStor.sys><Intel Corporation>

[IFT2000 / IFT2000]

<\SystemRoot\System32\BIRD\ift2000.sys><Infortrend Technology, Inc.>

[ini910u / ini910u]

<\SystemRoot\System32\BIRD\ini910u.sys><Microsoft Corporation>

[INIA100 / INIA100]

<\SystemRoot\System32\BIRD\INIA100.sys><Initio corp.>

[IPSRAIDN / IPSRAIDN]

<\SystemRoot\System32\BIRD\ipsraidn.sys><IBM Corporation>

[ITERAID / ITERAID]

<\SystemRoot\System32\BIRD\iteraid.sys><Integrated Technology Express, Inc.>

[JRAID / JRAID]

<\SystemRoot\System32\BIRD\JRAID.SYS><JMicron Technology Corp.>

[kl1 / kl1]

<\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>

[klif / klif]

<\?\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>

[M5228 / M5228]

<\SystemRoot\System32\BIRD\m5228.sys><ALi Corporation.>

[M5281 / M5281]

<\SystemRoot\System32\BIRD\m5281.sys><ALi Corporation>

[M5287 / M5287]

<\SystemRoot\System32\BIRD\m5287.sys><ULi Electronics Inc.>

[M5288 / M5288]

<\SystemRoot\System32\BIRD\m5288.sys><ULi Electronics Inc.>

[M5289 / M5289]

<\SystemRoot\System32\BIRD\m5289.sys><ULi Electronics Inc.>

[MEGAIDE / MEGAIDE]

<\SystemRoot\System32\BIRD\MegaIDE.sys><LSI Logic Corporation.>

[mraid35x / mraid35x]

<\SystemRoot\System32\BIRD\mraid35x.sys><LSI Logic Corporation>

[NFRD960 / NFRD960]

<\SystemRoot\System32\BIRD\nfrd960.sys><IBM Corporation>

[npkcrypt / npkcrypt]

<\?\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>

[nv / nv]

<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>

[NVATABUS / NVATABUS]

<\SystemRoot\System32\BIRD\NVATABUS.SYS><NVIDIA Corporation>

[NVIDIA nForce Networking Controller Driver / NVENETFD]

<system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>

[NVIDIA Network Bus Enumerator / nvnetbus]

<system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>

[NVRAID / NVRAID]

<\SystemRoot\System32\BIRD\NVRAID.SYS><NVIDIA Corporation>

[perc2 / perc2]

<\SystemRoot\System32\BIRD\perc2.sys><Adaptec, Inc.>

[PNP649R / PNP649R]

<\SystemRoot\System32\BIRD\pnp649r.sys><CMD Technology, Inc.>

[PNP680 / PNP680]

<\SystemRoot\System32\BIRD\pnp680.sys><Silicon Image, Inc.>

[PNP680R / PNP680R]

<\SystemRoot\System32\BIRD\pnp680r.sys><Silicon Image, Inc>

[Direct Parallel Link Driver / Ptilink]

<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>

[ql1080 / ql1080]

<\SystemRoot\System32\BIRD\ql1080.sys><QLogic Corporation>

[Ql10wnt / Ql10wnt]

<\SystemRoot\System32\BIRD\ql10wnt.sys><Microsoft Corporation>

[ql12160 / ql12160]

<\SystemRoot\System32\BIRD\ql12160.sys><QLogic Corporation>

[ql1280 / ql1280]

<\SystemRoot\System32\BIRD\ql1280.sys><QLogic Corporation>

[RAIDSRC / RAIDSRC]

<\SystemRoot\System32\BIRD\raidsrc.sys><Intel/ICP>

[RR232X / RR232X]

<\SystemRoot\System32\BIRD\rr232x.sys><HighPoint Technologies, Inc.>

[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]

<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>

[S150SX8 / S150SX8]

<\SystemRoot\System32\BIRD\S150sx8.sys><Promise Technology, Inc.>

[Secdrv / Secdrv]

<system32\DRIVERS\secdrv.sys><N/A>

[SI3112 / SI3112]

<\SystemRoot\System32\BIRD\SI3112.sys><Silicon Image, Inc.>

[SI3112R / SI3112R]

<\SystemRoot\System32\BIRD\SI3112r.sys><Silicon Image, Inc>

[SI3114 / SI3114]

<\SystemRoot\System32\BIRD\SI3114.sys><Silicon Image, Inc.>

[SI3114R / SI3114R]

<\SystemRoot\SYSTEM32\BIRD\SI3114R.sys><Silicon Image, Inc>

[SI3114R5 / SI3114R5]

<\SystemRoot\System32\BIRD\Si3114r5.sys><Silicon Image, Inc>

[SI3124 / SI3124]

<\SystemRoot\SYSTEM32\BIRD\SI3124.sys><Silicon Image, Inc.>

[SI3124R / SI3124R]

<\SystemRoot\SYSTEM32\BIRD\SI3124R.sys><Silicon Image, Inc>

[SI3124R5 / SI3124R5]

<\SystemRoot\SYSTEM32\BIRD\Si3124r5.sys><Silicon Image, Inc>

[SI3132 / SI3132]

<\SystemRoot\System32\BIRD\SI3132.sys><Silicon Image, Inc.>

[SI3132R5 / SI3132R5]

<\SystemRoot\System32\BIRD\Si3132r5.sys><Silicon Image, Inc>

[SIS AGP Bus Filter / sisagp]

<\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>

[SISRAID / SISRAID]

<\SystemRoot\System32\BIRD\SiSRaid.sys><Silicon Integrated Systems>

[SISRAID2 / SISRAID2]

<\SystemRoot\System32\BIRD\SiSRaid2.sys><Silicon Integrated Systems Corp>

[SISRAID4 / SISRAID4]

<\SystemRoot\System32\BIRD\SiSRaid4.sys><Silicon Integrated Systems>

[SKNFW / SKNFW]

<\?\C:\WINDOWS\system32\Drivers\SKNFW.sys><N/A>

[SkyProcs / SkyProcs]

<\?\F:\FIREWALL\FIREWALL\SkyProcs.sys><N/A>

[SPTRAK / SPTRAK]

<\SystemRoot\System32\BIRD\sptrak.sys><Promise Technology, Inc.>

[ST8350 / ST8350]

<\SystemRoot\System32\BIRD\st8350.sys><Promise Technology, Inc.>

[symc810 / symc810]

<\SystemRoot\System32\BIRD\symc810.sys><Symbios Logic Inc.>

[symc8xx / symc8xx]

<\SystemRoot\System32\BIRD\symc8xx.sys><LSI Logic>

[SYMMPI / SYMMPI]

<\SystemRoot\System32\BIRD\symmpi.sys><LSI Logic>

[sym_hi / sym_hi]

<\SystemRoot\System32\BIRD\sym_hi.sys><LSI Logic>

[sym_u3 / sym_u3]

<\SystemRoot\System32\BIRD\sym_u3.sys><LSI Logic>

[TRM3X5 / TRM3X5]

<\SystemRoot\System32\BIRD\trm3x5.sys><Tekram Technology Co., Ltd.>

[TSP / TSP]

<\?\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>

[ULSATA / ULSATA]

<\SystemRoot\System32\BIRD\ulsata.sys><Promise Technology, Inc.>

[ULSATA2 / ULSATA2]

<\SystemRoot\System32\BIRD\ulsata2.sys><Promise Technology, Inc.>

[ULTIMA / ULTIMA]

<\SystemRoot\System32\BIRD\Ultima.sys><Aralion INC.>

[ULTIMARX / ULTIMARX]

<\SystemRoot\System32\BIRD\UltimaRX.sys><Aralion INC.>

[ultra / ultra]

<\SystemRoot\System32\BIRD\ultra.sys><Promise Technology, Inc.>

==================================

浏览器加载项

[IeCatch5 Class]

{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <F:\PROGRA~1\FLASHGET\jccatch.dll, FlashGet>

[QQBrowserHelperObject Class]

{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>

[Web反病毒保护]

{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <F:\卡巴\scieplugin.dll, Kaspersky Lab>

[JUJU猫]

{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <, N/A>

[QQ]

{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>

[FlashGet]

{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <F:\PROGRA~1\FLASHGET\flashget.exe, FlashGet.com>

[QQIEFloatBarCfgCmd Class]

{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>

[Messenger]

{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>

[FlashGet Bar]

{E0E899AB-F487-11D5-8D29-0050BA6940E3} <F:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>

[IeCatch5 Class]

{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <F:\PROGRA~1\FLASHGET\jccatch.dll, FlashGet>

[QQBrowserHelperObject Class]

{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>

[Shockwave Flash Object]

{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash.ocx, Macromedia, Inc.>

[上传到QQ网络硬盘]

<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>

[使用网际快车下载]

<F:\PROGRA~1\FLASHGET\jc_link.htm, N/A>

[使用网际快车下载全部链接]

<F:\PROGRA~1\FLASHGET\jc_all.htm, N/A>

[导出到 Microsoft Office Excel(&X)]

<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

[添加到QQ自定义面板]

<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>

[添加到QQ表情]

<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>

[用QQ彩信发送该图片]

<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

[用比特精灵下载(&B)]

<F:\BT精灵\bsurl.htm, N/A>

==================================

正在运行的进程

[PID: 644][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 720][\?\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 744][\?\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[C:\WINDOWS\system32\klogon.dll] [Kaspersky Lab, 6.0.0.299]

[PID: 796][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 808][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 948][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 1004][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 1100][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 1164][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 1264][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 1496][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]

[PID: 1648][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.8426]

[C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.8426]

[C:\WINDOWS\system32\nvshell.dll] [N/A, N/A]

[F:\PROGRA~1\FLASHGET\jccatch.dll] [FlashGet, 1, 1, 5, 0]

[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]

[F:\卡巴\shellex.dll] [Kaspersky Lab, 6.0.0.299]

[F:\卡巴\pr_remote.dll] [Kaspersky Lab, 6.0.0.299]

[F:\卡巴\prloader.dll] [Kaspersky Lab, 6.0.0.299]

[PID: 1848][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 1988][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.8426]

[PID: 1764][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 1656][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 1000][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[F:\PROGRA~1\FLASHGET\jccatch.dll] [FlashGet, 1, 1, 5, 0]

[C:\Program Files\Tencent\QQ\QQIEHelper.dll] [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]

[F:\卡巴\scr_ch_pg.dll] [Kaspersky Lab, 1.0.6.299]

[F:\卡巴\klscav.dll] [Kaspersky Lab, 6.0.0.299]

[F:\卡巴\pr_remote.dll] [Kaspersky Lab, 6.0.0.299]

[F:\卡巴\prloader.dll] [Kaspersky Lab, 6.0.0.299]

[F:\卡巴\prkernel.ppl] [Kaspersky Lab, 6.0.0.304]

[f:\卡巴\params.ppl] [Kaspersky Lab, 6.0.0.299]

[f:\卡巴\pxstub.ppl] [Kaspersky Lab, 6.0.0.299]

[f:\卡巴\tempfile.ppl] [Kaspersky Lab, 6.0.0.299]

[f:\卡巴\nfio.ppl] [Kaspersky Lab, 6.0.0.299]

[f:\卡巴\fsdrvplgn.ppl] [Kaspersky Lab, 6.0.0.299]

[PID: 408][F:\TDDownload\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]

==================================

文件关联

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]

.EXE OK. ["%1" %*]

.COM OK. ["%1" %*]

.PIF OK. ["%1" %*]

.REG OK. [regedit.exe "%1"]

.BAT OK. ["%1" %*]

.SCR OK. ["%1" /S]

.CHM OK. ["C:\WINDOWS\hh.exe" %1]

.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]

.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]

.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]

.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]

.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]

.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================

Winsock 提供者

N/A

==================================

Autorun.inf

N/A

==================================

HOSTS 文件

127.0.0.1 localhost

==================================