电脑中病毒好长时间了,一直弄不好,请高手帮忙(内附日志) - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛电脑中病毒好长时间了,一直弄不好,请高手帮忙(内附日志)

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

电脑中病毒好长时间了,一直弄不好,请高手帮忙(内附日志)

maoyong 初生襁褓狮帖子:5 注册: 2007-12-31 来自:	发表于： 2007-12-31 21:26 \| 显示全部短消息资料字号：小中大 1楼电脑中病毒好长时间了,一直弄不好,请高手帮忙(内附日志) [CODE] 2000-12-31,20:44:21 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] <bgswitch><C:\WINDOWS\system32\bgswitch.exe> [] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] <run><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <BIE><RUNDLL32.EXE C:\PROGRA~1\baidu\iexp\BDSrHook.dll,Rundll32> [] <Ptipbmf><rundll32.exe ptipbmf.dll,SetWriteCacheMode> [Promise Technology, Inc.] <PtiuPbmd><Rundll32.exe ulutil2.dll,SetWriteBack> [Promise Technology,Inc.] <amd_dc_opt><"C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"> [] <SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe> [Analog Devices, Inc.] <SoundMAX><C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray> [Analog Devices, Inc.] <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [Synaptics, Inc.] <QlbCtrl><%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start> [ Hewlett-Packard Development Company, L.P.] <ulcdqsp><C:\Program Files\Common Files\System\yedkreq.exe> [] <iluqcwr><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] <inudhya><C:\WINDOWS\system\soundma.exe> [] <DbgHlp32><C:\WINDOWS\DbgHlp32.exe> [] <logogogo><C:\WINDOWS\system\BoBoTurbo.exe> [] <InternetExe><C:\Documents and Settings\Administrator\motou.exe> [] <MsPrint32D><C:\WINDOWS\MsPrint32D.exe> [] <kermer><C:\WINDOWS\system\dd.exe> [] <kkaddmin><C:\WINDOWS\system\fbd.exe> [] <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.] <MsIMMs32><C:\WINDOWS\MsIMMs32.exE> [] <NVDispDrv><C:\WINDOWS\NVDispDRV.EXE> [] <PTSShell><C:\WINDOWS\PTSShell.exe> [] <LotusHlp><C:\WINDOWS\LotusHlp.exe> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Publisher] <Userinit><C:\WINDOWS\system32\userinit.exe,> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><wsmsezx.dll> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{C859245F-345D-BC13-AC4F-145D47DA34FC}><C:\WINDOWS\system32\avzxlmn.dll> [] <{45679330-4034-9021-7012-909856721374}><C:\WINDOWS\system32\wszjdzx.dll> [] <{3FA10261-B890-F432-A453-69F1023513F3}><C:\WINDOWS\system32\gjcscyc.dll> [] <{24909874-8982-F344-A322-7898787FA742}><C:\WINDOWS\system32\swjqbzc.dll> [] <{778A7521-FA87-34AB-34C2-4893F3AD34C7}><C:\WINDOWS\system32\swrcfzc.dll> [] <{1D098345-9012-8750-8910-9128098134D1}><C:\WINDOWS\system32\jsqxayc.dll> [] <{1C098A56-F90F-A789-901F-8906546720C1}><C:\WINDOWS\system32\gjtmayc.dll> [] <{2C09F784-A234-B289-C209-D451E346F3C2}><C:\WINDOWS\system32\jsqzbyc.dll> [] <{8960356A-458E-DE24-BD50-268F589A56A8}><C:\WINDOWS\system32\avwlhmn.dll> [] <{C7D81718-1314-5200-2597-58790101807C}><C:\WINDOWS\system32\kaqhlzy.dll> [] <{8A1247C1-53DA-FF43-ABD3-345F323A48D8}><C:\WINDOWS\system32\avwghmn.dll> [] <{37650011-3344-6688-4899-345FABCD1573}><C:\WINDOWS\system32\ratbrpi.dll> [] <{AE32FA58-3453-FA2D-BC49-F340348ACCEA}><C:\WINDOWS\system32\rsmyjpm.dll> [] <{792FADFA-BCDE-ACDF-CDEF-21054865CBA7}><C:\WINDOWS\system32\wsmsezx.dll> [] <{7A321487-4977-D98A-C8D5-6488257545A7}><C:\WINDOWS\system32\kapjgzy.dll> [] <{E159854F-6971-3456-6941-10235412974E}><C:\WINDOWS\Fonts\hookhelp.dll> [] <{98907901-1416-3389-9981-372178569989}><C:\WINDOWS\system32\kawdizy.dll> [] <{B4783410-4F90-34A0-7820-3230ACD05F4B}><C:\WINDOWS\system32\raqjkpi.dll> [] <{3D30695F-C54D-32AD-BC43-5810F301A1D3}><C:\WINDOWS\system32\gjgfcyc.dll> [] <{5598FF45-DA60-F48A-BC43-10AC47853D55}><C:\WINDOWS\system32\rarjepi.dll> [] <{BC87A354-ABC3-DEDE-FF33-3213FD7447CB}><C:\WINDOWS\system32\kvdxkma.dll> [] [用户系统信息]Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; (R1 1.5)) 2007-12-31 21:38:41.793000000
maoyong 初生襁褓狮帖子:5 注册: 2007-12-31 来自:	分享到：

maoyong 初生襁褓狮帖子:5 注册: 2007-12-31 来自:	发表于： 2007-12-31 21:27 \| 显示全部短消息资料字号：小中大 2楼 <IFEO[F-PROT.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-PROT95.EXE] <IFEO[F-PROT95.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-STOPW.EXE] <IFEO[F-STOPW.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FESCUE.EXE] <IFEO[FESCUE.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FileDsty.exe] <IFEO[FileDsty.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FINDVIRU.EXE] <IFEO[FINDVIRU.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FP-WIN.EXE] <IFEO[FP-WIN.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPROT.EXE] <IFEO[FPROT.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FRW.EXE] <IFEO[FRW.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FTCleanerShell.exe] <IFEO[FTCleanerShell.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FYFireWall.exe] <IFEO[FYFireWall.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ghost.exe] <IFEO[ghost.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe] <IFEO[HijackThis.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IAMAPP.EXE] <IFEO[IAMAPP.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IAMSERV.EXE] <IFEO[IAMSERV.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IBMASN.EXE] <IFEO[IBMASN.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IBMAVSP.EXE] <IFEO[IBMAVSP.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe] <IFEO[IceSword.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICLOAD95.EXE] <IFEO[ICLOAD95.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICLOADNT.EXE] <IFEO[ICLOADNT.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICMON.EXE] <IFEO[ICMON.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICSUPP95.EXE] <IFEO[ICSUPP95.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICSUPPNT.EXE] <IFEO[ICSUPPNT.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IFACE.EXE] <IFEO[IFACE.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IOMON98.EXE] <IFEO[IOMON98.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmo.exe] <IFEO[iparmo.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe] <IFEO[Iparmor.exe]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\irsetup.exe] <IFEO[irsetup.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe] <IFEO[isPwdSvc.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\JEDI.EXE] <IFEO[JEDI.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe] <IFEO[kabaload.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KaScrScn.SCR] <IFEO[KaScrScn.SCR]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe] <IFEO[KASMain.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe] <IFEO[KASTask.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe] <IFEO[KAV32.exe]><C:\WINDOWS\system\BoBoTurbo.exe> []
maoyong 初生襁褓狮帖子:5 注册: 2007-12-31 来自:

maoyong 初生襁褓狮帖子:5 注册: 2007-12-31 来自:	发表于： 2007-12-31 21:29 \| 显示全部短消息资料字号：小中大 3楼 <IFEO[F-PROT.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-PROT95.EXE] <IFEO[F-PROT95.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-STOPW.EXE] <IFEO[F-STOPW.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FESCUE.EXE] <IFEO[FESCUE.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FileDsty.exe] <IFEO[FileDsty.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FINDVIRU.EXE] <IFEO[FINDVIRU.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FP-WIN.EXE] <IFEO[FP-WIN.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPROT.EXE] <IFEO[FPROT.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FRW.EXE] <IFEO[FRW.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FTCleanerShell.exe] <IFEO[FTCleanerShell.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FYFireWall.exe] <IFEO[FYFireWall.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ghost.exe] <IFEO[ghost.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe] <IFEO[HijackThis.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IAMAPP.EXE] <IFEO[IAMAPP.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IAMSERV.EXE] <IFEO[IAMSERV.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IBMASN.EXE] <IFEO[IBMASN.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IBMAVSP.EXE] <IFEO[IBMAVSP.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe] <IFEO[IceSword.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICLOAD95.EXE] <IFEO[ICLOAD95.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICLOADNT.EXE] <IFEO[ICLOADNT.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICMON.EXE] <IFEO[ICMON.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICSUPP95.EXE] <IFEO[ICSUPP95.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICSUPPNT.EXE] <IFEO[ICSUPPNT.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IFACE.EXE] <IFEO[IFACE.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IOMON98.EXE] <IFEO[IOMON98.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmo.exe] <IFEO[iparmo.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe] <IFEO[Iparmor.exe]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\irsetup.exe] <IFEO[irsetup.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe] <IFEO[isPwdSvc.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\JEDI.EXE] <IFEO[JEDI.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe] <IFEO[kabaload.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KaScrScn.SCR] <IFEO[KaScrScn.SCR]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe] <IFEO[KASMain.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe] <IFEO[KASTask.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe] <IFEO[KAV32.exe]><C:\WINDOWS\system\BoBoTurbo.exe> []
maoyong 初生襁褓狮帖子:5 注册: 2007-12-31 来自:

maoyong 初生襁褓狮帖子:5 注册: 2007-12-31 来自:	发表于： 2007-12-31 21:30 \| 显示全部短消息资料字号：小中大 4楼 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe] <IFEO[KAVDX.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPF.exe] <IFEO[KAVPF.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.EXE] <IFEO[KAVPFW.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe] <IFEO[KAVSetup.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe] <IFEO[KAVStart.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVsvc.exe] <IFEO[KAVsvc.exe]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSvcUI.exe] <IFEO[KAVSvcUI.exe]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe] <IFEO[KISLnchr.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe] <IFEO[KMailMon.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe] <IFEO[KMFilter.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe] <IFEO[KPFW32.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe] <IFEO[KPFW32X.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPfwSvc.exe] <IFEO[KPfwSvc.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe] <IFEO[KRegEx.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRepair.com] <IFEO[KRepair.com]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe] <IFEO[KsLoader.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVCenter.kxp] <IFEO[KVCenter.kxp]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe] <IFEO[KvDetect.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVFW.EXE] <IFEO[KVFW.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe] <IFEO[KvfwMcl.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.exe] <IFEO[KVMonXP.exe]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp] <IFEO[KVMonXP.kxp]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP_1.kxp] <IFEO[KVMonXP_1.kxp]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe] <IFEO[kvol.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> []
maoyong 初生襁褓狮帖子:5 注册: 2007-12-31 来自:

maoyong 初生襁褓狮帖子:5 注册: 2007-12-31 来自:	发表于： 2007-12-31 21:30 \| 显示全部短消息资料字号：小中大 5楼 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe] <IFEO[kvolself.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvReport.kxp] <IFEO[KvReport.kxp]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVScan.kxp] <IFEO[KVScan.kxp]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe] <IFEO[KVSrvXP.exe]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVStub.kxp] <IFEO[KVStub.kxp]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe] <IFEO[kvupload.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVwsc.exe] <IFEO[KVwsc.exe]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp] <IFEO[KvXP.kxp]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP_1.kxp] <IFEO[KvXP_1.kxp]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe] <IFEO[KWatch.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe] <IFEO[KWatch9x.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchUI.EXE] <IFEO[KWatchUI.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe] <IFEO[KWatchX.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loaddll.exe] <IFEO[loaddll.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LOCKDOWN2000.EXE] <IFEO[LOCKDOWN2000.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Logo1_.exe] <IFEO[Logo1_.exe]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Logo_1.exe] <IFEO[Logo_1.exe]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LOOKOUT.EXE] <IFEO[LOOKOUT.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LUALL.EXE] <IFEO[LUALL.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe] <IFEO[MagicSet.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MAILMON.EXE] <IFEO[MAILMON.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe] <IFEO[mcconsol.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe] <IFEO[mmqczj.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe] <IFEO[mmsk.exe]><C:\Program Files\Common Files\Microsoft Shared\nqyltsy.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MOOLIVE.EXE] <IFEO[MOOLIVE.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MPFTRAY.EXE] <IFEO[MPFTRAY.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\my.exe] <IFEO[my.exe]><C:\WINDOWS\system\lmmh.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\N32SCANW.EXE] <IFEO[N32SCANW.EXE]><C:\WINDOWS\system\BoBoTurbo.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.exe] <IFEO[Navapsvc.exe]><C:\WINDOWS\system\BoBoTurbo.exe> []
maoyong 初生襁褓狮帖子:5 注册: 2007-12-31 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT