如果你没有对这些进行过修改,建议你先杀杀毒,这有很大的可能是病毒引起的
如果没有病毒或是你误操作,那么你可以进行文件关联的修改
开机引导系统前按F8,进入命令行的安全模式。
然后输入以下指令
assoc .exe=exefile
然后重启
回答者:lgyzero - 魔法师 五级 7-12 14:42
这样子操作是对的,你也可以这样,在控制面板中的文件夹选项中修改
另外补充一下更多的文件关联方式
.323=h323file
.386=vxdfile
.3g2=RealPlayer.3GPP2.10
.3gp=RealPlayer.3GPP_AMR.10
.7z=WinRAR
.aca=Agent.Character.2
.ace=WinRAR
.acf=Agent.Character.2
.acff=FanFanQi.Histroy
.acg=Agent.Preview.2
.acl=ACLFile
.acmf=ArmyChess.Histroy
.acs=Agent.Character2.2
.acw=acwfile
.ade=Access.ADEFile.9
.adn=Access.BlankProjectTemplate.9
.adp=Access.Project.9
.ai=
.aif=RealPlayer.AIFF.6
.aifc=AIFFFile
.aiff=RealPlayer.AIFF.6
.ais=ACDSee.AIS
.amr=RealPlayer.AMR.10
.ani=ACDSee.ANI
.aps=
.arj=WinRAR
.asa=aspfile
.ascx=
.asd=Asf.RealTimeEncoder
.asf=ASFFile
.asm=
.asmx=
.asp=aspfile
.aspx=
.asx=ASXFile
.au=RealPlayer.AU.6
.avi=RealPlayer.AVI.6
.aw=AWFile
.awb=RealPlayer.AMR_WB.10
.bat=batfile
.bfc=Briefcase
.bin=
.bkf=msbackupfile
.blg=PerfFile
.bmp=ACDSee.BMP
.bsc=
.BW=ACDSee.BW
.bz=WinRAR
.bz2=WinRAR
.c=
.cab=WinRAR
.camv=RealPlayer.CAMV.1
.cat=CATFile
.cbl=CCBridge.Document
.cda=RealJukebox.CDA.1
.cdf=ChannelFile
.cdx=aspfile
.cer=CERFile
.cfc=CFC.Package
.cgm=
.cha=ChatFile
.chat=ChatFile
.che=ChnChess.Document
.chk=chkfile
.chm=chm.file
.cil=ClipGalleryDownloadPackage
.cip=SCENE.Package
.clp=clpfile
.cmd=cmdfile
.cnf=ConferenceLink
.col=COLFile
.com=comfile
.cpl=cplfile
.cpp=
.crl=CRLFile
.crt=CERFile
.css=CSSfile
.csv=Excel.CSV
.cur=ACDSee.CUR
.cxx=
.dat=
.db=dbfile
.dbg=
.dct=
.DCX=ACDSee.DCX
.ddz=LandLord.Document
.def=
.der=CERFile
.DeskLink=CLSID\{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}
.dib=ACDSee.DIB
.dic=txtfile
.dif=Excel.DIF
.divx=RealPlayer.DIVX.6
.diz=
.dll=dllfile
.dl_=
.doc=Word.Document.8
.dochtml=wordhtmlfile
.dos=
.dot=Word.Template.8
.dothtml=wordhtmltemplate
.dqy=dqyfile
.drv=drvfile
.dsn=MSDASQL
.dun=dunfile
.dvr-ms=WMP.DVR-MSFile
.eip=EMOTION.Package
.elm=ELMFile
.emf=ACDSee.EMF
.eml=Microsoft Internet Mail Message
.eps=
.eupd=PWUpdatePack
.exc=txtfile
.exe=exefile
.exp=
.ex_=
.eyb=
.ffa=FFAFile
.ffl=FFLFile
.fft=FFTFile
.ffx=FFXFile
.fif=
.fnd=fndfile
.fnt=
.fon=fonfile
.fphtml=fphtmlfile
.fpweb=fpdbw
.FPX=ACDSee.FPX
.frg=Access.Fragment
.gbf=five.Document
.gfi=GraphicsLink.File
.gfx=GraphicsLink.File
.ghi=
.gif=ACDSee.GIF
.gim=GraphicsLink.File
.gix=GraphicsLink.File
.gls=GlobalLink.gls
.gna=GraphicsLink.File
.gnx=GraphicsLink.File
.gra=MSGraph.Chart.8
.grp=MSProgramGroup
.gsg=
.gst=MSMap.Datainst.8
.gwx=GraphicsLink.File
.gwz=GraphicsLink.File
.gz=WinRAR
.h=
.hhc=
.hlp=hlpfile
.hoe=Hoe.Document
.hpp=
.hqx=
.ht=htfile
.hta=htafile
.htc=
.htm=htmlfile
.html=htmlfile
.htt=HTTfile
.htw=
.htx=htxfile
.hxx=
.icc=icmfile
.icm=icmfile
.ico=ACDSee.ICO
.idb=
.idc=idcfile
.idl=
.idq=
.IFF=ACDSee.IFF
.iii=iiifile
.ILBM=ACDSee.ILBM
.ilk=
.imc=
.inc=
.inf=inffile
.ini=inifile
.ins=x-internet-signup
.INT=ACDSee.INT
.INTA=ACDSee.INTA
.inv=
.inx=
.in_=
.iqy=iqyfile
.iso=WinRAR
.isp=x-internet-signup
.its=ITS File
.IVF=IVFfile
.jar=jarfile
.java=
.jbf=
.jfif=ACDSee.JFIF
.JIF=ACDSee.JIF
.jnlp=JNLPFile
.job=JobObject
.jod=Microsoft.Jet.OLEDB.4.0
.jpe=ACDSee.JPE
.jpeg=ACDSee.JPEG
.jpg=ACDSee.JPG
.jqb=JunQiB
.jqbz=ArmyChess.BZ
.jqf=JunQiF
.js=JSFile
.JSE=JSEFile
.KDC=ACDSee.KDC
.key=regfile
.kip=SKIN.Package
.latex=
.LBM=ACDSee.LBM
.ldb=Access.LockFile.9
.lex=LEXFile
.lha=WinRAR
.lib=
.lnk=lnkfile
.local=
.log=txtfile
.lst=MoreRun
.lwv=LWVFile
.lzh=WinRAR
.m14=
.m1v=RealPlayer.MPEG.6
.m2v=RealPlayer.MPEG.6
.m3u=RealPlayer.MP3PL.6
.m4a=RealPlayer.M4A.6
.m4e=RealPlayer.MP4.6
.mad=Access.Shortcut.Module.1
.maf=Access.Shortcut.Form.1
.mag=ACDSee.MAG
.mam=Access.Shortcut.Macro.1
.man=
.manifest=
.MAPIMail=CLSID\{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}
.maq=Access.Shortcut.Query.1
.mar=Access.Shortcut.Report.1
.mas=Access.Shortcut.StoredProcedure.1
.mat=Access.Shortcut.Table.1
.mav=Access.Shortcut.View.1
.maw=Access.Shortcut.DataAccessPage.1
.mbc=mimio.RP
.mda=Access.Extension.9
.mdb=Access.Application.9
.mdbhtml=accesshtmlfile
.mde=Access.MDEFile.9
.mdn=Access.BlankDatabaseTemplate.9
.mdt=Access.WizardDataFile.9
.mdw=Access.Workgroup.9
.mdz=Access.DatabaseWizardTemplate.9
.mfp=MacromediaFlashPaper.MacromediaFlashPaper
.mht=mhtmlfile
.mhtml=mhtmlfile
.mid=LiveUpdate.MIDI.6
.midi=LiveUpdate.MIDI.6
.mmc=MediaCatalog
.mmf=
.mmm=MPlayer
.mov=RealPlayer.qt.6
.movie=
.mp1=RealPlayer.MP1.6
.mp2=RealPlayer.MP2.6
.mp2v=mpegfile
.mp3=RealPlayer.MP3.6
.mp4=RealPlayer.MP4.6
.mpa=RealPlayer.MPA.6
.mpe=RealPlayer.MPEG.6
.mpeg=DBC.MPEG.1
.mpg=DBC.MPEG.1
.mpga=RealPlayer.MPGA.6
.mps=RealPlayer.MPEG.6
.mpv=DBC.MPEG.1
.mpv2=mpegfile
.msc=MSCFile
.msg=
.msi=Msi.Package
.msp=Msi.Patch
.MsRcIncident=MsRcIncident
.msstyles=msstylesfile
.MSWMM=Windows.Movie.Maker
.mv=
.mydocs=CLSID\{ECF03A32-103D-11d2-854D-006008059367}
.ncb=
.nfo=MSInfo.Document
.nls=
.NMW=T126_Whiteboard
.nsc=
.nvr=
.nws=Microsoft Internet News Message
.obd=Office.Binder.9
.obj=
.obt=Office.Binder.Template
.obz=Office.Binder.Wizard
.ocx=ocxfile
.oc_=
.odc=
.opc=OPCFile
.opx=OrgPlusWOPX.4
.oqy=oqyfile
.otf=otffile
.p10=P10File
.p12=PFXFile
.p7b=SPCFile
.p7c=certificate_wab_auto_file
.p7m=P7MFile
.p7r=SPCFile
.p7s=P7SFile
.pbk=pbkfile
.PBM=ACDSee.PBM
.pcb=PCBFile
.pcd=ACDSee.PCD
.pch=
.PCT=ACDSee.PCT
.pcx=ACDSee.PCX
.pdb=
.pds=
.pfm=pfmfile
.pfx=PFXFile
.PGM=ACDSee.PGM
.php3=
.pic=ACDSee.PIC
.PICT=ACDSee.PICT
.pif=piffile
.pip=PIPFile
.PIX=ACDSee.PIX
.pko=PKOFile
.pl=
.plg=
.pls=RealPlayer.PLSPL.6
.pma=PerfFile
.pmc=PerfFile
.pml=PerfFile
.pmr=PerfFile
.pmw=PerfFile
.pnf=pnffile
.png=ACDSee.PNG
.pot=PowerPoint.Template.8
.pothtml=powerpointhtmltemplate
.ppa=PowerPoint.Addin.8
.PPM=ACDSee.PPM
.pps=PowerPoint.SlideShow.8
.ppt=PowerPoint.Show.8
.ppthtml=powerpointhtmlfile
.prf=prffile
.ps=
.psd=ACDSee.PSD
.psw=PSWFile
.pwz=PowerPoint.Wizard.8
.pys=PaoYao.Document
.qds=SavedDsQuery
.qt=RealPlayer.qt.6
.r00=WinRAR
.r01=WinRAR
.r02=WinRAR
.r03=WinRAR
.r04=WinRAR
.r05=WinRAR
.r06=WinRAR
.r07=WinRAR
.r08=WinRAR
.r09=WinRAR
.r10=WinRAR
.r11=WinRAR
.r12=WinRAR
.r13=WinRAR
.r14=WinRAR
.r15=WinRAR
.r16=WinRAR
.r17=WinRAR
.r18=WinRAR
.r19=WinRAR
.r20=WinRAR
.r21=WinRAR
.r22=WinRAR
.r23=WinRAR
.r24=WinRAR
.r25=WinRAR
.r26=WinRAR
.r27=WinRAR
.r28=WinRAR
.r29=WinRAR
.ra=RealPlayer.RA.6
.ram=RealPlayer.RAM.6
.rar=WinRAR
.RAS=ACDSee.RAS
.rat=ratfile
.rax=RealPlayer.RAX.6
.rc=
.RDP=RDP.File
.rec=QQGame.PaoPaoLong
.reg=regfile
.res=
.rev=WinRAR.REV
.RGB=ACDSee.RGB
.RGBA=ACDSee.RGBA
.rjs=RealJukebox.RJS.1
.rjt=RealJukebox.RJT.1
.rle=ACDSee.RLE
.rm=RealPlayer.RM.6
.rmi=LiveUpdate.MIDI.6
.rmj=RealJukebox.RMJ.1
.rmm=RealPlayer.RAM.6
.rmp=RealJukebox.RMP.1
.rms=RealPlayer.RMS.6
.rmvb=RealPlayer.RMVB.6
.rmx=RealJukebox.RMX.1
.rnk=rnkfile
.rnx=RealPlayer.RP.6
.rp=RealPlayer.PIX.6
.rpc=
.rpl=RealPlayer.RPL.6
.rpm=
.rqy=rqyfile
.rsml=RealPlayer.RSML.6
.rsp=
.rt=RealPlayer.RT.6
.rtf=Word.RTF.8
.rv=RealPlayer.RV.6
.rvx=RealPlayer.RVX.6
.sam=
.sbf=sdouble.Document
.sbr=
.sc2=
.scf=SHCmdFile
.scp=txtfile
.scr=scrfile
.sct=scriptletfile
.sdb=appfixfile
.sdp=RealPlayer.SDP.6
.sed=
.SGI=ACDSee.SGI
.shb=DocShortcut
.shs=ShellScrap
.shtml=
.shw=
.sit=
.SKY=nTriad.Document
.slk=Excel.SLK
.sll=SSLFile
.smi=RealPlayer.SMIL.6
.smil=RealPlayer.SMIL.6
.snd=AUFile
.snp=SnapshotFile
.sol=
.sor=
.spc=SPCFile
.spl=ShockwaveFlash.ShockwaveFlash
.sql=
.sr_=
.ssm=SSM
.sst=CertificateStoreFile
.stf=STFFile
.stl=STLFile
.stm=
.swf=ShockwaveFlash.ShockwaveFlash
.sym=
.sys=sysfile
.sy_=
.tar=WinRAR
.taz=WinRAR
.tbz=WinRAR
.tbz2=WinRAR
.text=
.TGA=ACDSee.TGA
.tgz=WinRAR
.theme=themefile
.tif=ACDSee.TIF
.tiff=ACDSee.TIFF
.tlb=
.tsp=
.tsv=
.ttc=ttcfile
.ttf=ttffile
.tuw=TUWFile
.tvp=nView.Profile
.txt=txtfile
.UDL=MSDASC
.uip=SUPERBAG.Package
.uls=ulsfile
.url=InternetShortcut
.uu=WinRAR
.uue=WinRAR
.VBE=VBEFile
.vbs=VBSFile
.vbx=
.vcf=vcard_wab_auto_file
.vs=Vise.Document
.vxd=vxdfile
.wab=wab_auto_file
.wav=RealPlayer.WAV.6
.wax=RealPlayer.wax.6
.wb2=
.wbk=Word.Backup.8
.webpnp=webpnpFile
.WHT=Whiteboard
.wiz=Word.Wizard.8
.wizhtml=accessthmltemplate
.wk4=
.wll=Word.Addin.8
.wlt=
.wm=RealPlayer.wm.6
.wma=RealJukebox.wma.1
.wmd=WMDFile
.wmdb=WMP.WMDBFile
.wmf=ACDSee.WMF
.wmp=
.wms=WMSFile
.wmv=RealPlayer.wmv.6
.wmx=RealPlayer.wmx.6
.wmz=WMZFile
.wpd=
.wpg=
.wpl=WPLFile
.wri=wrifile
.wsc=scriptletfile
.WSF=WSFFile
.WSH=WSHFile
.wsz=
.wtx=txtfile
.wvx=RealPlayer.wvx.6
.x=
.xbm=ACDSee.XBM
.XIF=ACDSee.XIF
.xix=
.xla=Excel.Addin
.xlb=Excel.Sheet.8
.xlc=Excel.Chart.8
.xld=Excel.Dialog
.xlk=Excel.Backup
.xll=Excel.XLL
.xlm=Excel.Macrosheet
.xls=Excel.Sheet.8
.xlshtml=Excelhtmlfile
.xlt=Excel.Template
.xlthtml=Excelhtmltemplate
.xlv=Excel.VBAModule
.xlw=Excel.Workspace
.xml=xmlfile
.xpl=RealPlayer.PLSPL.6
.XPM=ACDSee.XPM
.xsl=xslfile
.xxe=WinRAR
.ymg=YPager.Messenger
.yps=YPager.Messenger
.z=WinRAR
.z96=
.zap=zapfile
.ZFSendToTarget=CLSID\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}
.zip=CompressedFolder
装卡巴斯基6.0,比金山,瑞星都NB多了,我给你两个卡巴斯基激活码,免费能用一年,去卡巴斯基官方网站下载个卡巴斯基反病毒6.0卡巴斯基V6.0半年激活码,绝非注册机算出激活码非网上流传的激活码。绝对原创。
虽说只有半年,但2个激活码就可以用1年了哦。
WNM8B-1RV8R-3X6VX-U7QUC
3FZS9-JSQHY-G2ATZ-2TUNY
或者直接我给你一个下载卡巴的地址
http://www.greendown.cn/soft/983.html
或者用天网防火墙也比金山和瑞星的网络防火墙好
装上卡巴6.0+天网可以算百毒不侵勒
我发的网址是下载绿色版天网的,希望对你能有帮助
http://www.greendown.cn/soft/91.html
如果卡巴不能解决就用下面4款软件试试看
http://www.greendown.cn/soft/1857.html (Spy Emergency 2006 V3.0.225.0┊顶级木马间谍查杀工具┊汉化绿色特别版)
http://www.greendown.cn/soft/1910.html (木马杀客2007 Beta1┊查杀最新流行木马、病毒库更新10月05日┊绿色特别版 )
http://www.greendown.cn/soft/4511.html (木马克星 V5.51 build 0629┊病毒库日期2006-10-18┊完美去广告绿色特别版 )
http://www.greendown.cn/soft/4108.html (超级巡警 V1.5.6┊解决各种木马、启动方式、手动分析等┊简体中文绿色特别版)
[CODE]2007-09-17,17:15:06
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows 2000 Professional Service Pack 4 (Build 2195) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Internat.exe><internat.exe> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SoundMan><SoundMan.exe> [N/A]
<Synchronization Manager><mobsync.exe /logon> [(Verified)Microsoft Windows 2000 Publisher]
<AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"> [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows 2000 Publisher]
<Userinit><C:\WINNT\system32\UserInit.exe,> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll> [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><C:\WINNT\system32\klogon.dll> [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer 访问><"C:\WINNT\system32\shmgrate.exe" OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express 访问><"C:\WINNT\system32\shmgrate.exe" OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\wmp.inf,PerUserStub> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 5><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}]
<CRLUpdate><%SystemRoot%\system32\updcrl.exe -e -u %SystemRoot%\system32\verisignpub1.crl> [N/A]
==================================
启动文件夹
N/A
==================================
服务
[卡巴斯基互联网安全套装 7.0 / AVP][Running/Auto Start]
<"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r><Kaspersky Lab>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
<C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINNT\system32\nvsvc32.exe><NVIDIA Corporation>
[P4P Service / P4P Service][Running/Auto Start]
<C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
<C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\mspmsnsv.dll><Microsoft Corporation>
==================================
驱动程序
[aeaudio / aeaudio][Running/Manual Start]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[ATSpy / ATSpy][Stopped/Manual Start]
<\??\C:\WINNT\system32\ATSpy.sys><Kingsoft Corporation>
[dmboot / dmboot][Stopped/Disabled]
<System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
<\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
<\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Running/Manual Start]
<system32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.>
[kl1 / kl1][Running/Boot Start]
<\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
<\??\C:\WINNT\system32\drivers\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
<system32\DRIVERS\klim5.sys><Kaspersky Lab>
[NTSIM / NTSIM][Stopped/Manual Start]
<\??\C:\WINNT\system32\ntsim.sys><VIA Networking Technologies, Inc.>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[WAN 微型端口 (PPP over Ethernet 协议) / RMSPPPOE][Running/Manual Start]
<system32\DRIVERS\RMSPPPOE.SYS><Robert Schlabbach>
[smwdm / smwdm][Running/Manual Start]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><N/A>
[VIA AGP Filter / viaagp1][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[viamraid / viamraid][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
==================================
浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <E:\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
{55302804-482E-470E-8A57-6795A1487F90} <E:\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Web 反病毒统计]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll, Kaspersky Lab>
[@msdxmLC.dll,-1@2052,电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <E:\迅雷\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <E:\360safe\live.dll, 360safe.com>
[使用迅雷下载]
<E:\迅雷\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
<E:\迅雷\Program\getallurl.htm, N/A>
[添加到QQ表情]
<D:\QQ\AddEmotion.htm, N/A>
[添加到反广告条]
<C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm, N/A>
==================================
正在运行的进程
[PID: 184][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 208][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 228][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6997]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125]
[C:\WINNT\system32\klogon.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll] [Kaspersky Lab, 7.0.0.125]
[PID: 256][C:\WINNT\system32\services.exe] [Microsoft Corporation, 5.00.2195.7035]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125]
[C:\WINNT\system32\dmserver.dll] [VERITAS Software Corp., 2195.6605.297.3]
[PID: 268][C:\WINNT\system32\lsass.exe] [Microsoft Corporation, 5.00.2195.7011]
[PID: 548][C:\WINNT\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.9371]
[C:\WINNT\system32\nvapi.dll] [N/A, ]
[PID: 576][C:\Program Files\Common Files\Sogou PXP\p2psvr.exe] [Sohu.com Inc., 2, 0, 0, 20]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8168.0]
[C:\Program Files\P4P\p4pipc.dll] [Sohu.com Inc., 1, 0, 0, 11]
[PID: 624][C:\WINNT\system32\regsvc.exe] [Microsoft Corporation, 5.00.2195.6701]
[PID: 632][C:\WINNT\system32\MSTask.exe] [Microsoft Corporation, 4.71.2195.6972]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll] [Kaspersky Lab, 7.0.0.125]
[PID: 692][C:\WINNT\System32\WBEM\WinMgmt.exe] [Microsoft Corporation, 1.50.1085.0100]
[PID: 720][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll] [Kaspersky Lab, 7.0.0.125]
[PID: 1216][C:\WINNT\Explorer.EXE] [Microsoft Corporation, 5.00.3700.6690]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.0.125]
[C:\WINNT\system32\nvshell.dll] [, ]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll] [Kaspersky Lab, 7.0.0.125]
[D:\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ShellEx.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.42]
[PID: 1268][C:\WINNT\system32\internat.exe] [Microsoft Corporation, 5.00.2920.0000]
[PID: 1356][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2800.1106]
[C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.0.125]
[E:\迅雷\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.15]
[E:\迅雷\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 18]
[E:\迅雷\Components\ResWorker\DsBho_00.dll] [, 1, 0, 0, 11]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8168.0]
[E:\迅雷\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 12]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\klscav.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl] [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl] [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl] [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl] [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\nfio.ppl] [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\fsdrvplg.ppl] [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\basegui.ppl] [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\thpimpl.ppl] [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\FSSync.dll] [Kaspersky Lab, 7.0.5.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\winreg.ppl] [Kaspersky Lab, 7.0.0.125]
[C:\WINNT\system32\Macromed\Flash\Flash9d.ocx] [Adobe Systems, Inc., 9,0,47,0]
[PID: 868][E:\迅雷\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5.7.2.371]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8168.0]
[E:\迅雷\Program\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 2, 2, 33]
[E:\迅雷\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 2, 18, 2, 151]
[E:\迅雷\Program\stlport_vc646.dll] [STLport Consulting, Inc., 4.6.2003.1031]
[E:\迅雷\Program\asyn_dns.dll] [Thunder Networking Technologies,LTD, 2, 18, 2, 151]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll] [Kaspersky Lab, 7.0.0.125]
[E:\迅雷\Program\streammedialib.dll] [, 1, 1, 2, 55]
[E:\迅雷\Program\BHOStub.dll] [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
[E:\迅雷\Components\DownAndPlay\DownAndPlay.dll] [, 1, 0, 3, 21]
[E:\迅雷\Program\iTargetAD.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 33]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125]
[C:\WINNT\system32\Macromed\Flash\Flash9d.ocx] [Adobe Systems, Inc., 9,0,47,0]
[E:\迅雷\Program\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 2, 1, 9]
[E:\迅雷\Components\InMedia\iEmbedShell.dll] [ , 1, 0, 0, 21]
[E:\迅雷\Components\InMedia\iEmbed12.dll] [Thunder Networking Technologies,LTD, 3, 4, 3, 93]
[E:\迅雷\Components\InMedia\PlayerHelper.dll] [thunder, 1, 1, 0, 24]
[E:\迅雷\Components\InMedia\XLIPC.DLL] [N/A, ]
[E:\迅雷\Components\P4PClient\P4PClient.dll] [Thunder Networking Technologies,LTD, 2, 2, 4, 69]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.0.125]
[E:\迅雷\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 1, 3, 2, 8]
[E:\迅雷\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 16, 5, 59]
[E:\迅雷\Program\MSVCIRT.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\klscav.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl] [Kaspersky Lab, 7.0.0.125]
[E:\迅雷\Components\Security\ThunderSafe.dll] [深圳市迅雷网络技术有限公司, 1, 0, 6, 45]
[E:\迅雷\Program\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl] [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl] [Kaspersky Lab, 7.0.0.125]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl] [Kaspersky Lab, 7.0.0.125]
[E:\迅雷\Components\Security\XLSafeUI.dll] [深圳市迅雷网络技术有限公司, 1, 0, 6, 45]
[E:\迅雷\Components\Search\XLSearch.dll] [Thunder Networking Technologies,LTD, 1, 1, 5, 18]
[E:\迅雷\Program\LiveUpdate.dll] [Thunder Networking Technologies,LTD, 1, 2, 1, 20]
[E:\迅雷\Plugins\XLSafeHost\XLSafeHost.dll] [深圳市迅雷网络技术有限公司, 1, 0, 6, 45]
[E:\迅雷\Plugins\BhoAdv\bho_adv.dll] [深圳市迅雷网络技术有限公司, 1.0.1.0]
[E:\迅雷\Components\ExplorerHelper\ExplorerHelper.dll] [Thunder Networking Technologies,LTD, 1, 0, 4, 15]
[E:\迅雷\Components\Tips\TipsClient.dll] [Thunder Networking Technologies,LTD, 2, 2, 6, 91]
[E:\迅雷\Components\VPSHELL\VPSHELL.dll] [XunLei, 1, 3, 0, 18]
[E:\迅雷\Components\VPSHELL\VideoPicture.dll] [XunLei, 1, 3, 0, 18]
[E:\迅雷\Components\UserExperience\UserExperience.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
[E:\迅雷\Components\ResWorker\DsXlCom.dll] [, 1, 0, 0, 23]
[E:\迅雷\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 12]
[E:\迅雷\Components\ResWorker\MediaWorker.dll] [Thunder Networking Technologies,LTD, 1, 2, 0, 19]
[C:\WINNT\system32\msdmo.dll] [, ]
[E:\迅雷\Components\Tips\XLIPC.DLL] [N/A, ]
[E:\迅雷\Components\DownloadStat\DownloadStat.dll] [深圳市迅雷网络技术有限公司, 1, 1, 0, 1]
[PID: 928][C:\TDDOWNLOAD\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\TDDOWNLOAD\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll] [Kaspersky Lab, 7.0.0.125]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP Error. [winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 576, C:\PROGRAM FILES\COMMON FILES\SOGOU PXP\P2PSVR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 868, E:\迅雷\PROGRAM\THUNDER5.EXE]
==================================
API HOOK
RVA 错误: LoadLibraryA (危险等级: 高, 被下面模块所HOOK: \??\C:\WINNT\system32\drivers\klif.sys)
RVA 错误: LoadLibraryExA (危险等级: 高, 被下面模块所HOOK: \??\C:\WINNT\system32\drivers\klif.sys)
RVA 错误: LoadLibraryExW (危险等级: 高, 被下面模块所HOOK: \??\C:\WINNT\system32\drivers\klif.sys)
RVA 错误: LoadLibraryW (危险等级: 高, 被下面模块所HOOK: \??\C:\WINNT\system32\drivers\klif.sys)
RVA 错误: GetProcAddress (危险等级: 高, 被下面模块所HOOK: \??\C:\WINNT\system32\drivers\klif.sys)
==================================
隐藏进程
N/A
==================================
[/CODE]
