瑞星杀不了的病毒! bbs.ikaka.com

ycfc2008 - 2006-12-4 12:19:00

我的电脑每个盘下面都有pagefile.pif和AUTORUN.inf文件,瑞星(已经升级到最新版本)查不到,也杀不了!
手动删除后又会恢复?如何处理!

水树雨下 - 2006-12-4 12:35:00

mizuki.ys168.com下载System Repair Engineer扫个日志上来，一次贴不完分次贴，不要修改

ycfc2008 - 2006-12-4 13:33:00

注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SoundMan><SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A]
<KVMON><"C:\Program Files\JiangMin\AntiVirus\KVMonXP.kxp"> [Jiangmin Co.Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Corporation]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Corporation]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Corporation]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Corporation]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\system32\KVSCRK~1.SCR> [Jiangmin Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<HotKeysCmds><; C:\WINDOWS\system32\hkcmd.exe> [(Verified)Intel Corporation]
<IgfxTray><; C:\WINDOWS\system32\igfxtray.exe> [(Verified)Intel Corporation]
<IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]

ycfc2008 - 2006-12-4 13:35:00

启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[KVSrvXP / KVSrvXP]
<C:\Program Files\JiangMin\AntiVirus\kvsrvxp.exe /Service><Jiangmin Co., Ltd.>
[KVWSC / KVWSC]
<"C:\Program Files\JiangMin\AntiVirus\KVWSC.exe"><Jiangmin Co.,Ltd>
[Windows 用户模式驱动框架 / UMWdf]
<C:\WINDOWS\system32\wdfmgr.exe><Microsoft Corporation>

==================================
驱动程序
[abp480n5 / abp480n5]
<C:\WINDOWS\SYSTEM32\DRIVERS\abp480n5.SYS><Microsoft Corporation>
[aic78u2 / aic78u2]
<C:\WINDOWS\SYSTEM32\DRIVERS\aic78u2.SYS><Microsoft Corporation>
[aic78xx / aic78xx]
<C:\WINDOWS\SYSTEM32\DRIVERS\aic78xx.SYS><Microsoft Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde]
<C:\WINDOWS\SYSTEM32\DRIVERS\AliIde.SYS><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8]
<System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[BsDeamon / BsDeamon]
<\??\C:\PROGRA~1\JiangMin\ANTIVI~1\BsDeamon.sys><Jiangmin Co.,Ltd.>
[cd20xrnt / cd20xrnt]
<C:\WINDOWS\SYSTEM32\DRIVERS\cd20xrnt.SYS><Microsoft Corporation>
[CmdIde / CmdIde]
<C:\WINDOWS\SYSTEM32\DRIVERS\CmdIde.SYS><CMD Technology, Inc.>
[ialm / ialm]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[IdeBusDr / IdeBusDr]
<\SystemRoot\system32\DRIVERS\IdeBusDr.sys><Intel Corporation>
[Intel(R) Ultra ATA Controller / IdeChnDr]
<\SystemRoot\system32\DRIVERS\IdeChnDr.sys><Intel Corporation>
[KRegEx / KRegEx]
<\??\C:\PROGRA~1\JiangMin\ANTIVI~1\KRegEx.sys><Jiangmin Co. Ltd.>
[Jiangmin Antivirus Software / KSysCall]
<\??\C:\PROGRA~1\JiangMin\common\KSysCall.sys><Jiangmin Co., Ltd.>
[KSysMon / KSysMon]
<\??\C:\PROGRA~1\JiangMin\ANTIVI~1\KSysMon.sys><Jiangmin Co. Ltd.>
[KVDP / KVDP]
<\??\C:\Program Files\JiangMin\AntiVirus\KVDP.sys><Jiangmin Co., Ltd.>
[KVRedir / KVRedir]
<\??\C:\Program Files\JiangMin\AntiVirus\KVREDIR.SYS><Jiangmin Co., Ltd.>
[mraid35x / mraid35x]
<C:\WINDOWS\SYSTEM32\DRIVERS\mraid35x.SYS><LSI Logic Corporation>
[perc2 / perc2]
<C:\WINDOWS\SYSTEM32\DRIVERS\perc2.SYS><Adaptec, Inc.>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080]
<C:\WINDOWS\SYSTEM32\DRIVERS\ql1080.SYS><QLogic Corporation>
[Ql10wnt / Ql10wnt]
<C:\WINDOWS\SYSTEM32\DRIVERS\Ql10wnt.SYS><Microsoft Corporation>
[ql12160 / ql12160]
<C:\WINDOWS\SYSTEM32\DRIVERS\ql12160.SYS><QLogic Corporation>
[ql1240 / ql1240]
<C:\WINDOWS\SYSTEM32\DRIVERS\ql1240.SYS><Microsoft Corporation>
[ql1280 / ql1280]
<C:\WINDOWS\SYSTEM32\DRIVERS\ql1280.SYS><QLogic Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[Sparrow / Sparrow]
<C:\WINDOWS\SYSTEM32\DRIVERS\Sparrow.SYS><Adaptec, Inc.>
[symc810 / symc810]
<C:\WINDOWS\SYSTEM32\DRIVERS\symc810.SYS><Symbios Logic Inc.>
[symc8xx / symc8xx]
<C:\WINDOWS\SYSTEM32\DRIVERS\symc8xx.SYS><LSI Logic>
[sym_hi / sym_hi]
<C:\WINDOWS\SYSTEM32\DRIVERS\sym_hi.SYS><LSI Logic>
[sym_u3 / sym_u3]
<C:\WINDOWS\SYSTEM32\DRIVERS\sym_u3.SYS><LSI Logic>
[TosIde / TosIde]
<C:\WINDOWS\SYSTEM32\DRIVERS\TosIde.SYS><Microsoft Corporation>
[ultra / ultra]
<C:\WINDOWS\SYSTEM32\DRIVERS\ultra.SYS><Promise Technology, Inc.>

ycfc2008 - 2006-12-4 13:36:00

浏览器加载项
[BrowseHelper Class]
{80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[江民杀毒工具栏]
{B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[BrowseHelper Class]
{80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[江民杀毒工具栏]
{B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[使用网际快车下载]
<C:\PROGRA~1\FLASHGET\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<C:\PROGRA~1\FLASHGET\jc_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 452][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 520][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 544][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 588][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 600][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 760][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 804][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 864][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 924][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 956][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1260][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\JiangMin\AntiVirus\KVshell.dll] [Jiangmin Co.Ltd, 1, 0, 6, 1026]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd., 1, 0, 6, 1107]
[C:\Program Files\JiangMin\AntiVirus\lang\kvxp0804.lng] [N/A, N/A]
[C:\WINDOWS\system32\igfxpph.dll] [Intel Corporation, 3.0.0.4342]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4342]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4342]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4342]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4342]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\PROGRA~1\FLASHGET\jccatch.dll] [Amaze Soft, 1, 1, 4, 0]
[PID: 1300][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\HPDCMON.DLL] [Hewlett-Packard, 04.20.00]
[PID: 1444][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5, 1, 0, 56]
[PID: 1476][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1712][C:\Program Files\JiangMin\AntiVirus\KVWSC.exe] [Jiangmin Co.,Ltd, 1, 0, 6, 919]
[C:\Program Files\JiangMin\Kernel\EngFace.dll] [Jiangmin Co., Ltd., 2, 0, 6, 1024]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd., 1, 0, 6, 1107]
[PID: 2748][C:\WINDOWS\system32\com\smss.exe] [N/A, 1.00]
[PID: 3372][E:\SC32\sc32.exe] [N/A, N/A]
[E:\SC32\sc32.~tmp] [Permeo Technologies, Inc., 2.32]
[PID: 2144][C:\WINDOWS\system32\com\lsass.exe] [N/A, N/A]
[PID: 2676][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2376][C:\WINDOWS\Downlo~1\ZCOMSetup.exe] [智通无限, http://www.zcom.com, 3, 5, 0, 1]
[PID: 2944][C:\Program Files\Globallink\Game\share\OurFriend\ourfriend.exe] [, 1, 0, 0, 1]
[C:\Program Files\Globallink\Game\share\OurFriend\ODCtrlRes.dll] [, 1, 0, 0, 1]
[C:\Program Files\Globallink\Game\share\OurFriend\ourfriend_res.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\GLPNG.dll] [globallink(ourgame) , 1, 0, 0, 2]
[C:\WINDOWS\system32\GLCOMPRESS.dll] [globallink, 1, 0, 0, 2]
[C:\Program Files\Globallink\Game\share\roomicon.dll] [Beijing GlobalLink Computer Corp., 2, 5, 0, 6]
[C:\Program Files\Globallink\Game\share\RIconEx.dll] [Beijing GlobalLink Computer Corp., 2, 2, 1, 41]
[C:\Program Files\Globallink\Game\share\people.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 3]
[C:\Program Files\Globallink\Game\share\Image\Room\Table0.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\Table1.dll] [Beijing GlobalLink Computer Corp., 2, 1, 2, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Table2.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx0.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\peopleEx1.dll] [Beijing GlobalLink Computer Corp., 2, 2, 0, 1]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_0.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player0_1.dll] [Beijing GlobalLink Computer Corp., 2, 0, 0, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_0.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player1_1.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_0.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\Program Files\Globallink\Game\share\Image\Room\Player2_1.dll] [Beijing GlobalLink Computer Corp., 2, 0, 1, 255]
[C:\PROGRA~1\GLOBAL~1\Game\share\GLAvatar.ocx] [, 2, 2, 0, 32]
[C:\PROGRA~1\GLOBAL~1\Game\share\GLChatEx.ocx] [GlobalLink, 2, 5, 1, 29]
[C:\PROGRA~1\GLOBAL~1\Game\share\glchatex.dll] [GlobalLink, 2, 5, 1, 29]
[C:\PROGRA~1\GLOBAL~1\Game\share\odctrls\ourfriend_skn.dll] [, 1, 0, 5, 4]
[C:\WINDOWS\system32\GLGIFTGA.dll] [globallink(ourgame) , 1, 0, 0, 2]
[PID: 4060][C:\WINDOWS\system32\DllHost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\JiangMin\common\ComUI.dll] [Jiangmin Co,.Ltd, 1, 0, 6, 908]
[C:\Program Files\JiangMin\common\ComUIPS.dll] [Jiangmin Co.Ltd, 1.0.0.808]
[C:\Program Files\JiangMin\common\GUIEXT.DLL] [Jiangmin Co.Ltd, 1, 0, 6, 1101]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd., 1, 0, 6, 1107]
[C:\Program Files\JiangMin\common\lang\guiext0804.lng] [JiangMin Ltd., 7, 1, 0, 200]
[PID: 1356][C:\Documents and Settings\Administrator\桌面\sreng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]

ycfc2008 - 2006-12-4 13:36:00

文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================

瑞星卡卡安全论坛