我公司有个 cfgnetmeeting.exe ,这大便出血是什么原因软件啊?
点击联系发帖人
时间:2012-07-20 00:10
我要问题描述
查看: 4783|回复: 13
还不知道是什么病毒
UID: 56463
论坛新人, 积分 0, 距离下一级还需 50 积分
瑞星杀毒软件可以打开,但是无法启动杀毒功能;卡卡助手的防护功能全部被关闭;并且,瑞星及卡卡助手是设定为开机自动运行的,但是开机无法运行,人工可以启动;流氓软件清理助手、冰刃和网上下载的专杀工具等软件也无法启动;按ctrl+alt+del进程无法显示;想进入安全模式就蓝屏,关机时候后台运行程序无法结束,只能强行关机;C:\\Documents and Settings\\账户文件夹下很快生成大量__rar_00.000(后缀名为序列号)的垃圾文件,很快就把C盘的剩余空间占据完,其中有个“聚友娱乐视频棋牌”的连接网络游戏删除后重启就会再次出来,QQ在关闭的情况下提示过一次出现盗号木马。请各位朋友支招,怎么解决?
UID: 105292
在安全模式下用
机器狗/AV终结者/磁碟机专杀
WINDOWS清理助手一次用下
thunder://QUFodHRwOi8veHVubGVpMTEuZ3JlZW5kb3duLmNuLy8yMDA5MDEvYXJzd3AyLnppcFpa
打得开杀软后就开杀软清。。。。。
最后可以用下SRENG修复下。。。。。
UID: 56463
论坛新人, 积分 0, 距离下一级还需 50 积分
谢谢!可是现在安全模式无法进入啊!而且清理助手这些软件根本无法启动。[s:476]
UID: 105292
在正常模式下操作~
下载附件SRENG2
修复下安全模式
13:37 上传
点击文件名下载附件
844 KB, 下载次数: 1
UID: 56463
论坛新人, 积分 0, 距离下一级还需 50 积分
还是无法解决,进入安全模式就蓝屏,修复后一样出问题,提示信息如下:
STOP:0××F78A2524,0×C××)
正常启动机器,用《机器狗/AV终结者/磁碟机专杀》查出问题,但是提示重启电脑,重启了几次还是不行,不过这次可以启动《冰刃》了,从冰刃里面可以看到进程里面有N多个RAR.EXE的进程在同时进行,估计C:\Documents and Settings\个人账户下的多个临时莫名生成的_rar文件就是那多个进程干的。瑞星的防护全部被关闭,并且无法重新开启。现在只是用冰刃把那些垃圾文件暂时清理掉了,不然C盘根本就没用空间来运行了。下面是sreng的报告
因为回帖支持不了那么大的字节,另外发上来
UID: 56463
论坛新人, 积分 0, 距离下一级还需 50 积分
SRENG报告:
System Repair Engineer 2.7.0.1210
Smallfrogs ()
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
&ctfmon.exe&&C:\WINDOWS\system32\ctfmon.exe&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
&DAEMON Tools-1033&&&C:\Program Files\D-Tools\daemon.exe&-lang 1033&[DAEMON'S HOME]
&RavTray&&&C:\Program Files\Rising\Rav\RsTray.exe& -system&[(Verified)Beijing Rising Information Technology Corporation Limited]
&RFWTray&&&C:\Program Files\Rising\Rfw\RsTray.exe& -system&[(Verified)Beijing Rising Information Technology Corporation Limited]
&NvCplDaemon&&RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
&gem&&C:\WINDOWS\TEMP\sv1D.tmp&[File is missing]
&Alcmtr&&anymie360.exe&[]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
&shell&&Explorer.exe&[(Verified)Microsoft Windows Component Publisher]
&Userinit&&C:\WINDOWS\system32\userinit.exe,&[]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
&AppInit_DLLs&&sinx32.dll,nlokehnb.dll,pinklije.dll,ajbhhfcb.dll,jmpelhic.dll,mlepbfai.dll,ohgechff.dll,dlemkhjl.dll,kdcbbjlo.dll,dkkjlcnk.dll,ebofckaf.dll,jpdblkka.dll,gagpjmck.dll,igbfbncn.dll,cmoihiah.dll,miipocgb.dll,choijnpg.dll,cmdgknbe.dll,ningdeid.dll&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
&UIHost&&logonui.exe&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
&{AEB-11d0-97EE-00C04FD91972}&&shell32.dll&[(Verified)Microsoft Windows Component Publisher]
&{32CD708B-60A7-4C00-9377-D73EAA495F0F}&&C:\WINDOWS\system32\RavExt.dll&[(Verified)Beijing Rising Information Technology Corporation Limited]
&{7584E17B-D544-4A20-8687-EE5BD54B2036}&&C:\WINDOWS\system32\nlokehnb.dll&[File is missing]
&{9274523E-C31A-499F-A4D9-80F84CA1487D}&&C:\WINDOWS\system32\pinklije.dll&[]
&{A3B11FCB-8A40-84F2D2FB3F}&&C:\WINDOWS\system32\ajbhhfcb.dll&[]
&{369E512C-7DF0--ADC9AAA8C39C}&&C:\WINDOWS\system32\jmpelhic.dll&[]
&{65E9BFA2-B86B-4004-84BB-28FD40055A71}&&C:\WINDOWS\system32\mlepbfai.dll&[]
&{810EC1FF-9FC7-4CB5-A77F-721A0AEA958F}&&C:\WINDOWS\system32\ohgechff.dll&[]
&{D5E-CCAFE18A140}&&C:\WINDOWS\system32\dlemkhjl.dll&[]
&{4DCBB358-FEB9-45C9-B825-F8}&&C:\WINDOWS\system32\kdcbbjlo.dll&[]
&{D4435C74-EF1D-}&&C:\WINDOWS\system32\dkkjlcnk.dll&[]
&{EB8FC4AF-8EF8-}&&C:\WINDOWS\system32\ebofckaf.dll&[]
&{39DB544A-57C0-4F0F-9A12-C9B2A447C6D3}&&C:\WINDOWS\system32\jpdblkka.dll&[]
&{0AB75-47F7-ED22A5}&&C:\WINDOWS\system32\gagpjmck.dll&[]
&{20BFB7C7-7E80-4CA1-84E8-EF7C0BC7D237}&&C:\WINDOWS\system32\igbfbncn.dll&[]
&{CAF--B}&&C:\WINDOWS\system32\cmoihiah.dll&[]
&{62298C0B-A2E7-49F0-A5C1-1B54ED49D77A}&&C:\WINDOWS\system32\miipocgb.dll&[]
&{C1823790-BFE3-4ECB-92A1-C2A3A385CF12}&&C:\WINDOWS\system32\choijnpg.dll&[]
&{C6D047BE-AC40-4FB7-8AAF-22F2336ECCE3}&&C:\WINDOWS\system32\cmdgknbe.dll&[]
&{08-427D-8096-B4BAD0DF0784}&&C:\WINDOWS\system32\ningdeid.dll&[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
&PostBootReminder&&%SystemRoot%\system32\SHELL32.dll&[(Verified)Microsoft Windows Component Publisher]
&CDBurn&&%SystemRoot%\system32\SHELL32.dll&[(Verified)Microsoft Windows Component Publisher]
&WebCheck&&%SystemRoot%\system32\webcheck.dll&[(Verified)Microsoft Windows Publisher]
&SysTray&&C:\WINDOWS\system32\stobject.dll&[(Verified)Microsoft Windows Publisher]
&DFB0160B&&&[N/A]
&DB02069D&&&[N/A]
&E2AFA318&&&[N/A]
&160D1B7F&&&[N/A]
&6556578A&&&[N/A]
&8CB8874E&&&[N/A]
&3742B0AA&&&[N/A]
&9ACC42A3&&&[N/A]
&A638696A&&&[N/A]
&47997C9F&&&[N/A]
&2FCD281F&&&[N/A]
&C903590D&&&[N/A]
&B43F1EF8&&&[N/A]
&D6667E4E&&&[N/A]
&B9D927A6&&&[N/A]
&52D7D9B4&&&[N/A]
&F709823B&&&[N/A]
&558CA071&&&[N/A]
&DF2F84A2&&&[N/A]
&5CA030AB&&&[N/A]
&8BCF1530&&&[N/A]
&B16160DF&&&[N/A]
&DBEBD293&&&[N/A]
&34502BF3&&&[N/A]
&8ECA0AA8&&&[N/A]
&68DA561D&&&[N/A]
&4E1758CC&&&[N/A]
&26DBD8AA&&&[N/A]
&5B61DE76&&&[N/A]
&1D19B7A9&&&[N/A]
&08FE6604&&&[N/A]
&ED67CA2D&&&[N/A]
&4272BA3F&&&[N/A]
&ED4A94FB&&&[N/A]
&0AF7FD9D&&&[N/A]
&2E13CE81&&&[N/A]
&04C350EC&&&[N/A]
&DB0A2648&&&[N/A]
&3BDAB254&&&[N/A]
&81326D8B&&&[N/A]
&A4EFEA80&&&[N/A]
&D912AB11&&&[N/A]
&F6578688&&&[N/A]
&CEE9DBB8&&&[N/A]
&5195014E&&&[N/A]
&ADC9A95F&&&[N/A]
&B83B19C5&&&[N/A]
&93E5ED84&&&[N/A]
&F1357F59&&&[N/A]
&2DC73C12&&&[N/A]
&E037A793&&&[N/A]
&C9D535F6&&&[N/A]
&C44505EA&&&[N/A]
&7584E17B&&C:\WINDOWS\system32\nlokehnb.dll&[File is missing]
&9274523E&&C:\WINDOWS\system32\pinklije.dll&[]
&A3B11FCB&&C:\WINDOWS\system32\ajbhhfcb.dll&[]
&369E512C&&C:\WINDOWS\system32\jmpelhic.dll&[]
&65E9BFA2&&C:\WINDOWS\system32\mlepbfai.dll&[]
&810EC1FF&&C:\WINDOWS\system32\ohgechff.dll&[]
&D5E64135&&C:\WINDOWS\system32\dlemkhjl.dll&[]
&4DCBB358&&C:\WINDOWS\system32\kdcbbjlo.dll&[]
&D4435C74&&C:\WINDOWS\system32\dkkjlcnk.dll&[]
&EB8FC4AF&&C:\WINDOWS\system32\ebofckaf.dll&[]
&39DB544A&&C:\WINDOWS\system32\jpdblkka.dll&[]
&0A0936C4&&C:\WINDOWS\system32\gagpjmck.dll&[]
&20BFB7C7&&C:\WINDOWS\system32\igbfbncn.dll&[]
&C68212A1&&C:\WINDOWS\system32\cmoihiah.dll&[]
&62298C0B&&C:\WINDOWS\system32\miipocgb.dll&[]
&C1823790&&C:\WINDOWS\system32\choijnpg.dll&[]
&C6D047BE&&C:\WINDOWS\system32\cmdgknbe.dll&[]
&7270DE2D&&C:\WINDOWS\system32\ningdeid.dll&[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
&WinlogonNotify: crypt32chain&&crypt32.dll&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
&WinlogonNotify: cryptnet&&cryptnet.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
&WinlogonNotify: cscdll&&cscdll.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
&WinlogonNotify: ScCertProp&&wlnotify.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
&WinlogonNotify: Schedule&&wlnotify.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
&WinlogonNotify: sclgntfy&&sclgntfy.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
&WinlogonNotify: SensLogn&&WlNotify.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
&WinlogonNotify: termsrv&&wlnotify.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
&WinlogonNotify: wlballoon&&wlnotify.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
&{-A8BA-11D1-B96B-00A0C90312E1}&&%SystemRoot%\system32\browseui.dll&[(Verified)Microsoft Windows Component Publisher]
&{8C7461EF-2B13-11d2-BE35-0}&&%SystemRoot%\system32\browseui.dll&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{22d6f312-b0f6-11d0-94ab-e95}]
&Microsoft Windows Media Player&&C:\WINDOWS\inf\unregmp2.exe /ShowWMP&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{d38-484f-9b9e-dec}]
&Internet Explorer&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{60B49E34-C7CC-11D0-C90347FF}MICROS]
&浏览器自定义组件&&RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
&Outlook Express&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09--FED}]
&Themes Setup&&%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
&Microsoft Outlook Express 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:OE /CALLER:WINNT /user /install&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
&NetMeeting 3.01&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{e7d-11d1-bc44-00c04fd912be}]
&Windows Messenger 4.7&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
&Microsoft Windows Media Player&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{71-11d2-AF11-00C04FA35D02}]
&通讯簿 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:WAB /CALLER:WINNT /user /install&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4340}]
&Windows 桌面更新&®svr32.exe /s /n /i:U shell32.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4383}]
&Internet Explorer 6&&%SystemRoot%\system32\ie4uinit.exe&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe]
&IFEO[360rpt.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe]
&IFEO[360Safe.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safebox.exe]
&IFEO[360safebox.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe]
&IFEO[360tray.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adam.exe]
&IFEO[adam.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe]
&IFEO[AgentSvr.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntiArp.exe]
&IFEO[AntiArp.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AppSvc32.exe]
&IFEO[AppSvc32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arswp.exe]
&IFEO[arswp.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AST.exe]
&IFEO[AST.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe]
&IFEO[autoruns.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe]
&IFEO[avcenter.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe]
&IFEO[avconsol.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe]
&IFEO[avgnt.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe]
&IFEO[avgrssvc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe]
&IFEO[AvMonitor.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution ]
&]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe]
&IFEO[avp.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe]
&IFEO[CCenter.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe]
&IFEO[ccSvcHst.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DrvAnti.exe]
&IFEO[DrvAnti.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EGHOST.exe]
&IFEO[EGHOST.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FileDsty.exe]
&IFEO[FileDsty.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\filemon.exe]
&IFEO[filemon.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FTCleanerShell.exe]
&IFEO[FTCleanerShell.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FYFireWall.exe]
&IFEO[FYFireWall.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GFRing3.exe]
&IFEO[GFRing3.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GFUpd.exe]
&IFEO[GFUpd.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe]
&IFEO[HijackThis.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe]
&IFEO[IceSword.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmo.exe]
&IFEO[iparmo.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe]
&IFEO[Iparmor.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe]
&IFEO[isPwdSvc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe]
&IFEO[kabaload.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe]
&IFEO[KASMain.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe]
&IFEO[KASTask.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe]
&IFEO[KAV32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe]
&IFEO[KAVDX.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPF.exe]
&IFEO[KAVPF.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe]
&IFEO[KAVPFW.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe]
&IFEO[KAVSetup.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe]
&IFEO[KAVStart.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe]
&IFEO[KISLnchr.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe]
&IFEO[KMailMon.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe]
&IFEO[KMFilter.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe]
&IFEO[KPFW32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe]
&IFEO[KPFW32X.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPfwSvc.exe]
&IFEO[KPfwSvc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Kregex.exe]
&IFEO[Kregex.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution ]
&]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe]
&IFEO[KsLoader.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe]
&IFEO[KvDetect.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe]
&IFEO[KvfwMcl.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe]
&IFEO[kvol.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe]
&IFEO[kvolself.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe]
&IFEO[KVSrvXP.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe]
&IFEO[kvupload.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe]
&IFEO[kvwsc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp]
&IFEO[KvXP.kxp]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe]
&IFEO[KWatch.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe]
&IFEO[KWatch9x.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe]
&IFEO[KWatchX.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe]
&IFEO[MagicSet.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe]
&IFEO[mcconsol.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\McNASvc.exe]
&IFEO[McNASvc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\McProxy.exe]
&IFEO[McProxy.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Mcshield.exe]
&IFEO[Mcshield.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsysmon.exe]
&IFEO[mcsysmon.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe]
&IFEO[mmqczj.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe]
&IFEO[mmsk.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpfSrv.exe]
&IFEO[MpfSrv.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.exe]
&IFEO[Navapsvc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapw32.exe]
&IFEO[Navapw32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVSetup.exe]
&IFEO[NAVSetup.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe]
&IFEO[nod32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe]
&IFEO[nod32krn.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe]
&IFEO[nod32kui.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NPFMntor.exe]
&IFEO[NPFMntor.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.exe]
&IFEO[PFW.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe]
&IFEO[PFWLiveUpdate.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ProcessSafe.exe]
&IFEO[ProcessSafe.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe]
&IFEO[procexp.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe]
&IFEO[QHSET.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctor.exe]
&IFEO[QQDoctor.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctorMain.exe]
&IFEO[QQDoctorMain.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQKav.exe]
&IFEO[QQKav.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ras.exe]
&IFEO[Ras.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe]
&IFEO[Rav.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMon.exe]
&IFEO[RavMon.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe]
&IFEO[RavMonD.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe]
&IFEO[RavStub.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavTask.exe]
&IFEO[RavTask.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RawCopy.exe]
&IFEO[RawCopy.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe]
&IFEO[RegClean.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regmon.exe]
&IFEO[regmon.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegTool.exe]
&IFEO[RegTool.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe]
&IFEO[rfwcfg.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.exe]
&IFEO[rfwmain.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwProxy.exe]
&IFEO[rfwProxy.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe]
&IFEO[rfwsrv.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwstub.exe]
&IFEO[rfwstub.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe]
&IFEO[RsAgent.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe]
&IFEO[Rsaupd.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RStray.exe]
&IFEO[RStray.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe]
&IFEO[rstrui.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rtvscan.exe]
&IFEO[Rtvscan.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe]
&IFEO[runiep.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.exe]
&IFEO[safeboxTray.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe]
&IFEO[safelive.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe]
&IFEO[scan32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SelfUpdate.exe]
&IFEO[SelfUpdate.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe]
&IFEO[shcfg32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe]
&IFEO[SmartUp.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.exe]
&IFEO[SREng.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SuperKiller.exe]
&IFEO[SuperKiller.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe]
&IFEO[symlcsvc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe]
&IFEO[SysSafe.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
&IFEO[taskmgr.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe]
&IFEO[TrojanDetector.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe]
&IFEO[Trojanwall.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.exe]
&IFEO[TrojDie.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIHost.exe]
&IFEO[UIHost.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAgent.exe]
&IFEO[UmxAgent.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAttachment.exe]
&IFEO[UmxAttachment.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxCfg.exe]
&IFEO[UmxCfg.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxFwHlp.exe]
&IFEO[UmxFwHlp.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxPol.exe]
&IFEO[UmxPol.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upiea.exe]
&IFEO[upiea.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpLive.exe]
&IFEO[UpLive.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\USBCleaner.exe]
&IFEO[USBCleaner.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsstat.exe]
&IFEO[vsstat.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webscanx.exe]
&IFEO[webscanx.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WoptiClean.exe]
&IFEO[WoptiClean.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zxsweep.exe]
&IFEO[zxsweep.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&Alcmtr&&; ALCMTR.EXE&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&BgMonitor_{C6C-4d9f-84C7-88D8A56B10AA}&&; &C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe&&[(Verified)Nero AG]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&IMJPMIG8.1&&; &C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE& /Spoil /RemAdvDef /Migration32&[(Verified)Microsoft Windows Publisher]
&IMSCMig&&; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload&[(Verified)Microsoft Corporation]
&Logitech Utility&&; Logi_MwX.Exe&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&MSMSGS&&; &C:\Program Files\Messenger\msmsgs.exe& /background&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&NeroFilterCheck&&; C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe&[(Verified)Nero AG]
&NvCplDaemon&&; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
&NvMediaCenter&&; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
&nwiz&&; nwiz.exe /install&[]
&PHIME2002A&&; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName&[(Verified)Microsoft Windows Publisher]
&PHIME2002ASync&&; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC&[(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&QQDownload&&; &C:\Program Files\Tencent\QQDownload\QQDownload.exe& autostart&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&QuickTime Task&&; &C:\Program Files\QuickTime\QTTask.exe& -atboottime&[Apple Inc.]
&RTHDCPL&&; RTHDCPL.EXE&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
&runeip&&; &C:\Program Files\Rising\AntiSpyware\rstray.exe& /startup&[]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&svchest.exe&&; C:\WINDOWS\system32\svchest.exe&[番茄花园]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&SysExplr&&; C:\HEROSOFT\Hero3000\SYSEXPLR.EXE&[]
&TVTray&&; &[N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&WangWang&&; &C:\Program Files\Alisoft\WangWang\WangWang.exe&&[(Verified)&Alibaba Software(Shanghai)Co,. Ltd&]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&zBrowser Launcher&&; C:\Program Files\Logitech\iTouch\iTouch.exe&[Logitech Inc.]
==================================
启动文件夹
UID: 56463
论坛新人, 积分 0, 距离下一级还需 50 积分
==================================
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
&&C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe&&&Adobe Systems&
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
&C:\Program Files\StormII\stormliv.exe /asservice&&北京暴风网际科技有限公司&
[ervice / ervice][Running/Auto Start]
&C:\WINDOWS\system32\sv1F.tmp.exe&&N/A&
[Human Interface Device Access / HidServ][Stopped/Disabled]
&C:\WINDOWS\System32\svchost.exe -k netsvcs--&%SystemRoot%\System32\hidserv.dll&&N/A&
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
&&C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe&&&Macrovision Corporation&
[NBService / NBService][Stopped/Manual Start]
&C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe&&Nero AG&
[NMIndexingService / NMIndexingService][Stopped/Manual Start]
&&C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe&&&Nero AG&
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
&C:\WINDOWS\system32\nvsvc32.exe&&NVIDIA Corporation&
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
&C:\Program Files\Rising\Rav\CCENTER.EXE&&Beijing Rising Information Technology Co., Ltd.&
[Rising RavTask Manager / RavTask][Stopped/Auto Start]
&&C:\Program Files\Rising\Rav\RavTask.exe& RavTask&&Beijing Rising Information Technology Co., Ltd.&
[Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start]
&C:\Program Files\Rising\Rfw\CCENTER.EXE&&Beijing Rising Information Technology Co., Ltd.&
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
&C:\Program Files\Rising\Rfw\rfwsrv.exe&&N/A&
[Rising RfwTask Manager / RfwTask][Stopped/Auto Start]
&&C:\Program Files\Rising\Rfw\RavTask.exe& RfwTask&&Beijing Rising Information Technology Co., Ltd.&
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
&C:\Program Files\Rising\Rav\RavMonD.exe&&N/A&
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
&C:\Program Files\Rising\Rav\ScanFrm.exe&&N/A&
[WatchData ccb V3.2 / WDMonitorCCB][Running/Auto Start]
&C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe&&Beijing WatchData System Co., Ltd.&
==================================
[AMD Processor Driver / AmdK8][Running/System Start]
&system32\DRIVERS\AmdK8.sys&&Advanced Micro Devices&
[cdrblock / cdrblock][Running/System Start]
&system32\DRIVERS\cdrblock.sys&&Canopus Co,. Ltd.&
[cdrport / cdrport][Running/System Start]
&system32\DRIVERS\cdrport.sys&&Canopus Co,. Ltd.&
[gdrv / gdrv][Stopped/Manual Start]
&\??\C:\WINDOWS\gdrv.sys&&Windows (R) 2000 DDK provider&
[Hardlock / Hardlock][Running/Auto Start]
&\??\C:\WINDOWS\system32\drivers\hardlock.sys&&Aladdin Knowledge Systems Ltd.&
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
&system32\DRIVERS\HDAudBus.sys&&Windows (R) Server 2003 DDK provider&
[HookCont / HookCont][Running/System Start]
&system32\drivers\HookCont.sys&&Beijing Rising Information Technology Co., Ltd.&
[HookSys / HookSys][Stopped/Disabled]
&system32\drivers\HookSys.sys&&Beijing Rising Information Technology Co., Ltd.&
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
&system32\drivers\RtkHDAud.sys&&Realtek Semiconductor Corp.&
[iTouch Keyboard Filter / itchfltr][Running/Manual Start]
&system32\DRIVERS\itchfltr.sys&&Logitech, Inc.&
[KAVSafe / KAVSafe][Stopped/Auto Start]
&\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys&&Kingsoft Corporation&
[Logitech PS/2 Mouse Filter Driver / L8042pr2][Running/Manual Start]
&system32\DRIVERS\L8042pr2.Sys&&Logitech, Inc.&
[Logitech Mouse Class Filter Driver / LMouFlt2][Running/Manual Start]
&system32\DRIVERS\LMouFlt2.Sys&&Logitech, Inc.&
[msiffei / msiffei][Stopped/Manual Start]
&System32\Drivers\msiffei.sys&&N/A&
[npkcrypt / npkcrypt][Stopped/Manual Start]
&\??\C:\WINDOWS\system32\npkcrypt.sys&&N/A&
[npkycryp / npkycryp][Stopped/Manual Start]
&\??\C:\WINDOWS\system32\npkycryp.sys&&N/A&
[nv / nv][Running/Manual Start]
&system32\DRIVERS\nv4_mini.sys&&NVIDIA Corporation&
[NVIDIA nForce Networking Controller Driver / NVENETFD][Stopped/Manual Start]
&system32\DRIVERS\NVENETFD.sys&&NVIDIA Corporation&
[NVIDIA Network Bus Enumerator / nvnetbus][Stopped/Manual Start]
&system32\DRIVERS\nvnetbus.sys&&NVIDIA Corporation&
[PavSRK.sys / PavSRK.sys][Stopped/Manual Start]
&\??\C:\WINDOWS\system32\PavSRK.sys&&N/A&
[Padus ASPI Shell / pfc][Running/Manual Start]
&system32\drivers\pfc.sys&&Padus, Inc.&
[pnpshark / pnpshark][Running/Boot Start]
&\SystemRoot\system32\DRIVERS\pnpshark.sys&&&
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
&system32\DRIVERS\ptilink.sys&&Parallel Technologies, Inc.&
[PxHelp20 / PxHelp20][Running/Boot Start]
&\SystemRoot\system32\DRIVERS\PxHelp20.sys&&Sonic Solutions&
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
&\SystemRoot\system32\KeyCrypt.sys&&Tencent Technology (Shenzhen) Company Limited&
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
&system32\DRIVERS\rfwbase.sys&&Beijing Rising Information Technology Co., Ltd.&
[rfwtdi / rfwtdi][Running/Auto Start]
&\??\C:\Program Files\Rising\Rfw\rfwtdi.sys&&Beijing Rising Information Technology Co., Ltd.&
[RsFwDrv / RsFwDrv][Running/System Start]
&\??\C:\Program Files\Rising\Rfw\rsfwdrv.sys&&Beijing Rising Information Technology Co., Ltd.&
[RsNTGDI / RsNTGDI][Running/Boot Start]
&\SystemRoot\system32\Drivers\RsNTGdi.sys&&Beijing Rising Information Technology Co., Ltd.&
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
&system32\DRIVERS\RTL8139.SYS&&Realtek Semiconductor Corporation&
[Secdrv / Secdrv][Stopped/Manual Start]
&system32\DRIVERS\secdrv.sys&&Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.&
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
&system32\DRIVERS\SONYPVU1.SYS&&Sony Corporation&
[st3shark / st3shark][Running/Boot Start]
&\SystemRoot\system32\DRIVERS\st3shark.sys&&&
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
&system32\DRIVERS\tcpip.sys&&Microsoft Corporation&
[TesSafe / TesSafe][Stopped/Manual Start]
&\??\C:\WINDOWS\system32\TesSafe.sys&&TENCENT&
[10moons UT330 / TridVid][Running/Manual Start]
&system32\DRIVERS\TridVid.sys&&10moons&
==================================
浏览器加载项
[EWPBrowseObject Class]
{68F-48E4-9AAF-4BC42A6A46BE} &C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll, &
[卡卡上网安全助手]
{98B7C13A-E9CD--FBEAB41E42A8} &C:\WINDOWS\system32\urlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.&
{367E0A21-C9A-153BF5ACA118} &C:\HEROSOFT\Hero3000\MPLAYER.EXE, N/A&
[信息检索(&R)]
{CC-41C8-B9BE-3C9C571A8263} &C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation&
[Messenger]
{FB5Fd2-BB9E-00C04F795683} &C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation&
[Easy-WebPrint]
{327Cc37-AA9D-10AC9BABA46C} &C:\Program Files\Canon\Easy-WebPrint\Toolband.dll, &
[EditCtrl Class]
{488AB3-8F27-FA1AECAA8844} &C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) &
[Tencent Safety Online Base Module]
{C09B522F-8AED-4E21-A65C-DC1AB652BAEE} &C:\WINDOWS\DOWNLO~1\TSOBase.ocx, (Signed) Tencent Corporation&
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} &C:\WINDOWS\system32\3DShowVM.ocx, QQ&
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.&
[QQCycloneHelper Class]
{C9--D2} &C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll, (Signed) 腾讯公司&
{03507A1A-E0C5-4404-AA26-2D} &, &
[iTrusPTA Class]
{1E0DFFCF-27FF-007349FEDA} &C:\WINDOWS\system32\aliedit\pta.dll, (Signed) &
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-E95} &C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation&
{2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} &, &
[HTML Document]
{F9-11CF-8FD0-00AA00686F13} &%SystemRoot%\system32\mshtml.dll, (Signed) N/A&
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} &C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation&
{2EEDA47E-8D5C-4d7e-B4B6-E16E} &, &
[Easy-WebPrint]
{327CC37-AA9D-10AC9BABA46C} &C:\Program Files\Canon\Easy-WebPrint\Toolband.dll, &
{32D-42B5-8980-FB561D1BE2D0} &, &
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-} &C:\WINDOWS\system32\tdc.ocx, (Signed) Microsoft Corporation&
{367E0A21-C9A-153BF5ACA118} &, &
[QuickTime Object]
{B08-470D-A0D5-B37161CFFD69} &C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.&
[XML Document]
{4D9-11D1-A6B3-00C04FD91555} &C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation&
[EditCtrl Class]
{488AB3-8F27-FA1AECAA8844} &C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) &
[Shell Name Space]
{DE-11D1-B9F2-00A0C98BC547} &%SystemRoot%\system32\shdocvw.dll, (Signed) N/A&
[XMP Class]
{8-4C41-AACC-52D4D7845851} &C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, &
[EWPBrowseObject Class]
{68F-48E4-9AAF-4BC42A6A46BE} &C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll, &
[QQMusicCreator Class]
{A89--9} &, &
{693571CB-54A3-4E90-9D52-EEAE} &C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, &
[StormPlayer Object]
{6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} &C:\Program Files\StormII\mps.dll, 北京暴风网际科技有限公司&
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} &C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation&
[WangWangObj Class]
{6E213FC7-DD5A--D4CE} &C:\Program Files\Alisoft\WangWang\WangWangX6.dll, (Signed) 阿里巴巴软件(上海)有限公司&
{73E4740C-08EB-D0A7C9EE3CD} &, &
[Microsoft Web 浏览器]
{A-11D0-A96B-00C04FD705A2} &C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation&
{8D9E0B29-563C--5FF2AE77E1D2} &, &
{CC-41C8-B9BE-3C9C571A8263} &, &
{962EFB8E--AC74-AAA4C759B9C6} &, &
[卡卡上网安全助手]
{98B7C13A-E9CD--FBEAB41E42A8} &C:\WINDOWS\system32\urlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.&
[WMEncProfileManager Class]
{A8D3AD02--B2E9-AD33F087F43C} &C:\Program Files\Windows Media Components\Encoder\WMEX.dll, Microsoft Corporation&
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} &C:\WINDOWS\system32\msnetobj.dll, (Signed) Microsoft Corporation&
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} &, &
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-} &C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation&
{B234553D-A066-3F7BAB47F7} &, &
[SearchAssistantOC]
{B45FF030--85DE-00C04FA35C89} &%SystemRoot%\system32\shdocvw.dll, (Signed) N/A&
[Messenger Object]
{BE-4B48-836C-BC} &C:\Program Files\Messenger\msgsc.dll, (Signed) Microsoft Corporation&
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} &C:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation&
[ScreenCapture Class]
{BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} &C:\WINDOWS\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.&
[Tencent Safety Online Base Module]
{C09B522F-8AED-4E21-A65C-DC1AB652BAEE} &C:\WINDOWS\DOWNLO~1\TSOBase.ocx, (Signed) Tencent Corporation&
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} &C:\WINDOWS\system32\3DShowVM.ocx, QQ&
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation&
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation&
[WDCCBCtrl Class]
{CEBD-4DC1-A046-0BDCB5A06CEB} &C:\WINDOWS\system32\wdccb.dll, (Signed) &
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} &C:\Program Files\StormII\Codec\rmoc3260.dll, (Signed) RealNetworks, Inc.&
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.&
[Easy-WebPrint Helper]
{D5E20F5B-9DB8-4230-BA09-7B8DB43D83EE} &C:\Program Files\Canon\Easy-WebPrint\TemplateHelper.dll, &
[TencentVmpCtl Class]
{DB-B} &C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation&
[PlayerCtrl Class]
{E05BC2A3-9A46-4A32-80C9-023A473F5B23} &D:\学习资料(俺的)\QzoneMusic.dll, (Signed) 深圳腾讯科技&
[QvodCtrl Class]
{F3D0D36F-23F8-C92B03D4AF} &C:\Program Files\QvodPlayer\QvodInsert.dll, N/A&
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} &, &
{FB5FD2-BB9E-00C04F795683} &, &
[&使用超级旋风下载]
&C:\Program Files\Tencent\QQDownload\geturl.htm, N/A&
[&使用超级旋风下载全部链接]
&C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A&
[Easy-WebPrint打印]
&res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html, N/A&
[Easy-WebPrint添加到打印列表]
&res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html, N/A&
[Easy-WebPrint预览]
&res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html, N/A&
[Easy-WebPrint高速打印]
&res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html, N/A&
[导出到 Microsoft Office Excel(&X)]
&res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A&
[添加到QQ表情]
&C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A&
[解霸实时播放]
&C:\HEROSOFT\Hero3000\MPURLGET.HTM, N/A&
UID: 56463
论坛新人, 积分 0, 距离下一级还需 50 积分
==================================
正在运行的进程
[PID: 720 / SYSTEM][\SystemRoot\System32\smss.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 788 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 812 / SYSTEM][\??\C:\WINDOWS\SYSTEM32\winlogon.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 856 / SYSTEM][C:\WINDOWS\system32\services.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 868 / SYSTEM][C:\WINDOWS\system32\lsass.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1036 / SYSTEM][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[C:\WINDOWS\system32\anymie360.dll][N/A, ]
[PID: 1092 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1204 / SYSTEM][C:\WINDOWS\System32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1332 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1368 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1624 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_gdr.9)]
[C:\WINDOWS\system32\CNMLM87.DLL][CANON INC., 2.00.4.13]
[C:\WINDOWS\system32\mdimon.dll][Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD87.DLL][CANON INC., 2.00.4.13]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll][Microsoft Corporation, 11.3.1897.0]
[PID: 1784 / zhangqianchun][C:\WINDOWS\system32\userinit.exe][N/A, ]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[PID: 1904 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1932 / SYSTEM][C:\Program Files\StormII\stormliv.exe][北京暴风网际科技有限公司, 3, 8, 12, 12]
[C:\Program Files\StormII\bfoptdll.dll][北京暴风网际科技有限公司, 3, 8, 7, 16]
[C:\Program Files\StormII\box\BoxLog.dll][北京暴风网际科技有限公司, 3, 8, 12, 12]
[PID: 1972 / SYSTEM][C:\WINDOWS\system32\sv1F.tmp.exe][N/A, ]
[PID: 136 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe][NVIDIA Corporation, 6.14.11.5822]
[C:\WINDOWS\system32\nvapi.dll][NVIDIA Corporation, 6.14.11.5822]
[PID: 528 / SYSTEM][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 548 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe][Microsoft Corporation, 5.2. built by: dnsrv(bld4act)]
[PID: 608 / SYSTEM][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe][ Beijing WatchData System Co., Ltd., 3, 2, 0, 0]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\TokenMgr.dll][ Beijing WatchData System Co., Ltd., 3, 6, 3, 2]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDAlg.DLL][ Beijing WatchData System C0., Ltd., 3, 5, 12, 20]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll][Watchdata, 1, 0, 0, 11]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDPKCS.dll][ Beijing WatchData System Co., Ltd., 3, 6, 2, 15]
[PID: 1316 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1848 / zhangqianchun][C:\WINDOWS\explorer.exe][(Verified) Microsoft Corporation, 6.00. (xpsp_sp2_gdr.4)]
[C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll][Nero AG, 2, 0, 0, 8]
[C:\Program Files\Common Files\Ahead\Lib\MFC71.DLL][Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll][Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll][Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71CHS.DLL][Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\RavExt.dll][Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[C:\WINDOWS\system32\pinklije.dll][N/A, ]
[C:\WINDOWS\system32\ajbhhfcb.dll][N/A, ]
[C:\WINDOWS\system32\jmpelhic.dll][N/A, ]
[C:\WINDOWS\system32\mlepbfai.dll][N/A, ]
[C:\WINDOWS\system32\ohgechff.dll][N/A, ]
[C:\WINDOWS\system32\dlemkhjl.dll][N/A, ]
[C:\WINDOWS\system32\kdcbbjlo.dll][N/A, ]
[C:\WINDOWS\system32\dkkjlcnk.dll][N/A, ]
[C:\WINDOWS\system32\ebofckaf.dll][N/A, ]
[C:\WINDOWS\system32\jpdblkka.dll][N/A, ]
[C:\WINDOWS\system32\gagpjmck.dll][N/A, ]
[C:\WINDOWS\system32\igbfbncn.dll][N/A, ]
[C:\WINDOWS\system32\cmoihiah.dll][N/A, ]
[C:\WINDOWS\system32\miipocgb.dll][N/A, ]
[C:\WINDOWS\system32\choijnpg.dll][N/A, ]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[C:\WINDOWS\system32\anymie360.dll][N/A, ]
[C:\WINDOWS\system32\cmdgknbe.dll][N/A, ]
[C:\WINDOWS\system32\ningdeid.dll][N/A, ]
[C:\WINDOWS\system32\plelfmlm.dll][N/A, ]
[PID: 2004 / zhangqianchun][C:\WINDOWS\system32\conime.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[PID: 204 / zhangqianchun][C:\Program Files\D-Tools\daemon.exe][DAEMON'S HOME, 3.41.0.0]
[C:\WINDOWS\daemon.dll][, 3.41.0.0]
[C:\Program Files\D-Tools\PFCTOC.DLL][Padus(R), Inc., 1, 0, 0, 12]
[C:\Program Files\D-Tools\Plugins\Images\ccdmount.dll][GENERIC, 1.01.0.0]
[C:\Program Files\D-Tools\Plugins\Images\mdsmount.dll][GENERIC, 1.01.0.0]
[C:\Program Files\D-Tools\Plugins\Images\pdimount.dll][GENERIC, 1.01.0.0]
[C:\Program Files\D-Tools\Plugins\Images\nrgmount.dll][GENERIC, 1.01.0.0]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[PID: 376 / zhangqianchun][C:\WINDOWS\system32\ctfmon.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[PID: 3540 / zhangqianchun][C:\Program Files\Rising\Rfw\rsnetsvr.exe][Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[C:\Program Files\Rising\Rfw\NComm.dll][Beijing Rising Information Technology Co., Ltd., 6.0.0.9]
[C:\Program Files\Rising\Rfw\Syslay.dll][Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[C:\WINDOWS\system32\pinklije.dll][N/A, ]
[C:\WINDOWS\system32\ajbhhfcb.dll][N/A, ]
[C:\WINDOWS\system32\jmpelhic.dll][N/A, ]
[C:\WINDOWS\system32\mlepbfai.dll][N/A, ]
[C:\WINDOWS\system32\ohgechff.dll][N/A, ]
[C:\WINDOWS\system32\dlemkhjl.dll][N/A, ]
[C:\WINDOWS\system32\kdcbbjlo.dll][N/A, ]
[C:\WINDOWS\system32\dkkjlcnk.dll][N/A, ]
[C:\WINDOWS\system32\ebofckaf.dll][N/A, ]
[C:\Program Files\Rising\Rfw\comx3.dll][Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
[C:\Program Files\Rising\Rfw\ProcComm.dll][Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
[C:\WINDOWS\system32\MSVCR71.dll][Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll][Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[PID: 3796 / zhangqianchun][C:\Program Files\Internet Explorer\iexplore.exe][Microsoft Corporation, 6.00. (xpsp_sp2_rtm.8)]
[C:\WINDOWS\system32\pinklije.dll][N/A, ]
[C:\WINDOWS\system32\ajbhhfcb.dll][N/A, ]
[C:\WINDOWS\system32\jmpelhic.dll][N/A, ]
[C:\WINDOWS\system32\mlepbfai.dll][N/A, ]
[C:\WINDOWS\system32\ohgechff.dll][N/A, ]
[C:\WINDOWS\system32\dlemkhjl.dll][N/A, ]
[C:\WINDOWS\system32\kdcbbjlo.dll][N/A, ]
[C:\WINDOWS\system32\dkkjlcnk.dll][N/A, ]
[C:\WINDOWS\system32\ebofckaf.dll][N/A, ]
[C:\WINDOWS\system32\jpdblkka.dll][N/A, ]
[C:\WINDOWS\system32\gagpjmck.dll][N/A, ]
[C:\WINDOWS\system32\igbfbncn.dll][N/A, ]
[C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll][, 2, 6, 4, 1]
[C:\WINDOWS\system32\MSVCR71.dll][Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Canon\Easy-WebPrint\EWPCore.dll][, 2, 6, 4, 1]
[C:\WINDOWS\system32\MSVCP71.dll][Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\urlFilter.dll][Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
[C:\Program Files\Rising\AntiSpyware\UrlRule.dll][Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
[C:\Program Files\Rising\Rav\RavScrCh.dll][Beijing Rising Information Technology Co., Ltd., 21.0.0.60]
[C:\WINDOWS\system32\cmoihiah.dll][N/A, ]
[C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx][Adobe Systems, Inc., 10,0,12,36]
[C:\WINDOWS\system32\miipocgb.dll][N/A, ]
[C:\WINDOWS\system32\choijnpg.dll][N/A, ]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[C:\WINDOWS\system32\plelfmlm.dll][N/A, ]
[C:\WINDOWS\system32\ningdeid.dll][N/A, ]
[C:\WINDOWS\system32\cmdgknbe.dll][N/A, ]
[PID: 2180 / zhangqianchun][C:\Program Files\WinRAR\WinRAR.exe][N/A, ]
[C:\WINDOWS\system32\pinklije.dll][N/A, ]
[C:\WINDOWS\system32\ajbhhfcb.dll][N/A, ]
[C:\WINDOWS\system32\jmpelhic.dll][N/A, ]
[C:\WINDOWS\system32\mlepbfai.dll][N/A, ]
[C:\WINDOWS\system32\ohgechff.dll][N/A, ]
[C:\WINDOWS\system32\dlemkhjl.dll][N/A, ]
[C:\WINDOWS\system32\kdcbbjlo.dll][N/A, ]
[C:\WINDOWS\system32\dkkjlcnk.dll][N/A, ]
[C:\WINDOWS\system32\ebofckaf.dll][N/A, ]
[C:\WINDOWS\system32\jpdblkka.dll][N/A, ]
[C:\WINDOWS\system32\gagpjmck.dll][N/A, ]
[C:\WINDOWS\system32\igbfbncn.dll][N/A, ]
[C:\WINDOWS\system32\cmoihiah.dll][N/A, ]
[C:\WINDOWS\system32\miipocgb.dll][N/A, ]
[C:\WINDOWS\system32\choijnpg.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[C:\WINDOWS\system32\plelfmlm.dll][N/A, ]
[C:\WINDOWS\system32\ningdeid.dll][N/A, ]
[C:\WINDOWS\system32\cmdgknbe.dll][N/A, ]
[PID: 2632 / zhangqianchun][C:\WINDOWS\TEMP\Rar$EX00.094\SREngLdr.EXE][Smallfrogs Studio, 2.7.0.1210]
[C:\WINDOWS\system32\dlemkhjl.dll][N/A, ]
[C:\WINDOWS\system32\ohgechff.dll][N/A, ]
[C:\WINDOWS\system32\mlepbfai.dll][N/A, ]
[C:\WINDOWS\system32\ajbhhfcb.dll][N/A, ]
[C:\WINDOWS\system32\pinklije.dll][N/A, ]
[C:\WINDOWS\system32\jmpelhic.dll][N/A, ]
[C:\WINDOWS\system32\ebofckaf.dll][N/A, ]
[C:\WINDOWS\system32\dkkjlcnk.dll][N/A, ]
[C:\WINDOWS\system32\cmoihiah.dll][N/A, ]
[C:\WINDOWS\system32\choijnpg.dll][N/A, ]
[C:\WINDOWS\system32\miipocgb.dll][N/A, ]
[C:\WINDOWS\system32\igbfbncn.dll][N/A, ]
[C:\WINDOWS\system32\gagpjmck.dll][N/A, ]
[C:\WINDOWS\system32\jpdblkka.dll][N/A, ]
[C:\WINDOWS\system32\kdcbbjlo.dll][N/A, ]
[PID: 2692 / zhangqianchun][C:\WINDOWS\TEMP\Rar$EX00.094\SRE6a9d7856.EXE][Smallfrogs Studio, 2.7.0.1210]
[C:\WINDOWS\system32\dlemkhjl.dll][N/A, ]
[C:\WINDOWS\system32\ohgechff.dll][N/A, ]
[C:\WINDOWS\system32\mlepbfai.dll][N/A, ]
[C:\WINDOWS\system32\ajbhhfcb.dll][N/A, ]
[C:\WINDOWS\system32\pinklije.dll][N/A, ]
[C:\WINDOWS\system32\jmpelhic.dll][N/A, ]
[C:\WINDOWS\system32\ebofckaf.dll][N/A, ]
[C:\WINDOWS\system32\dkkjlcnk.dll][N/A, ]
[C:\WINDOWS\system32\cmoihiah.dll][N/A, ]
[C:\WINDOWS\system32\choijnpg.dll][N/A, ]
[C:\WINDOWS\system32\miipocgb.dll][N/A, ]
[C:\WINDOWS\system32\igbfbncn.dll][N/A, ]
[C:\WINDOWS\system32\gagpjmck.dll][N/A, ]
[C:\WINDOWS\system32\jpdblkka.dll][N/A, ]
[C:\WINDOWS\system32\kdcbbjlo.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\Rar$EX00.094\Upload\3rdUpd.DLL][Smallfrogs Studio, 2, 1, 0, 15]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[C:\WINDOWS\system32\cmdgknbe.dll][N/A, ]
[C:\WINDOWS\system32\ningdeid.dll][N/A, ]
[C:\WINDOWS\system32\plelfmlm.dll][N/A, ]
==================================
.TXTOK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXEOK. [&%1& %*]
.COMOK. [&%1& %*]
.PIFOK. [&%1& %*]
.REGOK. [regedit.exe &%1&]
.BATOK. [&%1& %*]
.SCROK. [&%1& /S]
.CHMOK. [&C:\WINDOWS\hh.exe& %1]
.HLPOK. [%SystemRoot%\System32\winhlp32.exe %1]
.INIOK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INFOK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBSOK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.JS OK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.LNKOK. [{0-}]
==================================
Winsock 提供者
==================================
Autorun.inf
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
特殊特权被允许: SeDebugPrivilege [PID = 1784, C:\WINDOWS\SYSTEM32\USERINIT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 608, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDKEYMONITORCCB.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 204, C:\PROGRAM FILES\D-TOOLS\DAEMON.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2180, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2180, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2632, C:\WINDOWS\TEMP\RAR$EX00.094\SRENGLDR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2632, C:\WINDOWS\TEMP\RAR$EX00.094\SRENGLDR.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3252, C:\WINDOWS\TEMP\SVCHOST.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2460, C:\WINDOWS\TEMP\SVCHOST.EXE]
==================================
==================================
==================================
==================================
UID: 105292
呵呵,怪不得开不了杀软了
有很多劫持项目。。。。。
先解决劫持项目吧~
方法很多。最简单的方法是直接把[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]项删除即可
或者用AUTORUS来解决,打开AUTORUNS,点击菜单栏的“选项”,选中选中“隐藏微软项目,然后点工具栏上的“刷新”按钮,再把“映像胁持”里所有项目删除即可。。。。。
然后再清理别的病毒。。。。。
1.建议使用XDelBox删除以下文件:()
使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择剪贴板导入不检查路径,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。
c:\windows\system32\ajbhhfcb.dll
c:\windows\system32\anymie360.dll
c:\windows\system32\choijnpg.dll
c:\windows\system32\cmdgknbe.dll
c:\windows\system32\cmoihiah.dll
c:\windows\system32\dkkjlcnk.dll
c:\windows\system32\dlemkhjl.dll
c:\windows\system32\ebofckaf.dll
c:\windows\system32\gagpjmck.dll
c:\windows\system32\igbfbncn.dll
c:\windows\system32\jmpelhic.dll
c:\windows\system32\jpdblkka.dll
c:\windows\system32\kdcbbjlo.dll
c:\windows\system32\miipocgb.dll
c:\windows\system32\mlepbfai.dll
c:\windows\system32\ningdeid.dll
c:\windows\system32\ohgechff.dll
c:\windows\system32\pinklije.dll
c:\windows\system32\plelfmlm.dll
c:\windows\temp\elementgj.dll
c:\windows\temp\wooolinit.dat
c:\windows\temp\wowinitcode.dat
c:\windows\temp\zpwgamerecord.dll
c:\windows\system32\sv1f.tmp.exe
c:\windows\system32\drivers\msiffei.sys
2.删除重启后使用SREng修复下面各项:
启动项目 -- 注册表之如下项删除:
[7270DE2D]&C:\WINDOWS\system32\ningdeid.dll&
[C6D047BE]&C:\WINDOWS\system32\cmdgknbe.dll&
[C1823790]&C:\WINDOWS\system32\choijnpg.dll&
启动项目 -- 服务 -- Win32服务应用程序之如下项禁用:
[ervice / ervice]&C:\WINDOWS\system32\sv1F.tmp.exe&
启动项目 -- 服务-- 驱动程序之如下项禁用:
[msiffei / msiffei]&System32\Drivers\msiffei.sys&
**************以上分析报告由SREngLog分析助手提供******************
分析:菜鸟又怎样
SREngLog分析助手 1.3 ( 更新 BY 草莽书生)
UID: 134205
中级会员, 积分 641, 距离下一级还需 359 积分
你重新装一下,看看是不是软件的故障
Powered by}
查看: 4783|回复: 13
还不知道是什么病毒
UID: 56463
论坛新人, 积分 0, 距离下一级还需 50 积分
瑞星杀毒软件可以打开,但是无法启动杀毒功能;卡卡助手的防护功能全部被关闭;并且,瑞星及卡卡助手是设定为开机自动运行的,但是开机无法运行,人工可以启动;流氓软件清理助手、冰刃和网上下载的专杀工具等软件也无法启动;按ctrl+alt+del进程无法显示;想进入安全模式就蓝屏,关机时候后台运行程序无法结束,只能强行关机;C:\\Documents and Settings\\账户文件夹下很快生成大量__rar_00.000(后缀名为序列号)的垃圾文件,很快就把C盘的剩余空间占据完,其中有个“聚友娱乐视频棋牌”的连接网络游戏删除后重启就会再次出来,QQ在关闭的情况下提示过一次出现盗号木马。请各位朋友支招,怎么解决?
UID: 105292
在安全模式下用
机器狗/AV终结者/磁碟机专杀
WINDOWS清理助手一次用下
thunder://QUFodHRwOi8veHVubGVpMTEuZ3JlZW5kb3duLmNuLy8yMDA5MDEvYXJzd3AyLnppcFpa
打得开杀软后就开杀软清。。。。。
最后可以用下SRENG修复下。。。。。
UID: 56463
论坛新人, 积分 0, 距离下一级还需 50 积分
谢谢!可是现在安全模式无法进入啊!而且清理助手这些软件根本无法启动。[s:476]
UID: 105292
在正常模式下操作~
下载附件SRENG2
修复下安全模式
13:37 上传
点击文件名下载附件
844 KB, 下载次数: 1
UID: 56463
论坛新人, 积分 0, 距离下一级还需 50 积分
还是无法解决,进入安全模式就蓝屏,修复后一样出问题,提示信息如下:
STOP:0××F78A2524,0×C××)
正常启动机器,用《机器狗/AV终结者/磁碟机专杀》查出问题,但是提示重启电脑,重启了几次还是不行,不过这次可以启动《冰刃》了,从冰刃里面可以看到进程里面有N多个RAR.EXE的进程在同时进行,估计C:\Documents and Settings\个人账户下的多个临时莫名生成的_rar文件就是那多个进程干的。瑞星的防护全部被关闭,并且无法重新开启。现在只是用冰刃把那些垃圾文件暂时清理掉了,不然C盘根本就没用空间来运行了。下面是sreng的报告
因为回帖支持不了那么大的字节,另外发上来
UID: 56463
论坛新人, 积分 0, 距离下一级还需 50 积分
SRENG报告:
System Repair Engineer 2.7.0.1210
Smallfrogs ()
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
&ctfmon.exe&&C:\WINDOWS\system32\ctfmon.exe&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
&DAEMON Tools-1033&&&C:\Program Files\D-Tools\daemon.exe&-lang 1033&[DAEMON'S HOME]
&RavTray&&&C:\Program Files\Rising\Rav\RsTray.exe& -system&[(Verified)Beijing Rising Information Technology Corporation Limited]
&RFWTray&&&C:\Program Files\Rising\Rfw\RsTray.exe& -system&[(Verified)Beijing Rising Information Technology Corporation Limited]
&NvCplDaemon&&RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
&gem&&C:\WINDOWS\TEMP\sv1D.tmp&[File is missing]
&Alcmtr&&anymie360.exe&[]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
&shell&&Explorer.exe&[(Verified)Microsoft Windows Component Publisher]
&Userinit&&C:\WINDOWS\system32\userinit.exe,&[]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
&AppInit_DLLs&&sinx32.dll,nlokehnb.dll,pinklije.dll,ajbhhfcb.dll,jmpelhic.dll,mlepbfai.dll,ohgechff.dll,dlemkhjl.dll,kdcbbjlo.dll,dkkjlcnk.dll,ebofckaf.dll,jpdblkka.dll,gagpjmck.dll,igbfbncn.dll,cmoihiah.dll,miipocgb.dll,choijnpg.dll,cmdgknbe.dll,ningdeid.dll&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
&UIHost&&logonui.exe&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
&{AEB-11d0-97EE-00C04FD91972}&&shell32.dll&[(Verified)Microsoft Windows Component Publisher]
&{32CD708B-60A7-4C00-9377-D73EAA495F0F}&&C:\WINDOWS\system32\RavExt.dll&[(Verified)Beijing Rising Information Technology Corporation Limited]
&{7584E17B-D544-4A20-8687-EE5BD54B2036}&&C:\WINDOWS\system32\nlokehnb.dll&[File is missing]
&{9274523E-C31A-499F-A4D9-80F84CA1487D}&&C:\WINDOWS\system32\pinklije.dll&[]
&{A3B11FCB-8A40-84F2D2FB3F}&&C:\WINDOWS\system32\ajbhhfcb.dll&[]
&{369E512C-7DF0--ADC9AAA8C39C}&&C:\WINDOWS\system32\jmpelhic.dll&[]
&{65E9BFA2-B86B-4004-84BB-28FD40055A71}&&C:\WINDOWS\system32\mlepbfai.dll&[]
&{810EC1FF-9FC7-4CB5-A77F-721A0AEA958F}&&C:\WINDOWS\system32\ohgechff.dll&[]
&{D5E-CCAFE18A140}&&C:\WINDOWS\system32\dlemkhjl.dll&[]
&{4DCBB358-FEB9-45C9-B825-F8}&&C:\WINDOWS\system32\kdcbbjlo.dll&[]
&{D4435C74-EF1D-}&&C:\WINDOWS\system32\dkkjlcnk.dll&[]
&{EB8FC4AF-8EF8-}&&C:\WINDOWS\system32\ebofckaf.dll&[]
&{39DB544A-57C0-4F0F-9A12-C9B2A447C6D3}&&C:\WINDOWS\system32\jpdblkka.dll&[]
&{0AB75-47F7-ED22A5}&&C:\WINDOWS\system32\gagpjmck.dll&[]
&{20BFB7C7-7E80-4CA1-84E8-EF7C0BC7D237}&&C:\WINDOWS\system32\igbfbncn.dll&[]
&{CAF--B}&&C:\WINDOWS\system32\cmoihiah.dll&[]
&{62298C0B-A2E7-49F0-A5C1-1B54ED49D77A}&&C:\WINDOWS\system32\miipocgb.dll&[]
&{C1823790-BFE3-4ECB-92A1-C2A3A385CF12}&&C:\WINDOWS\system32\choijnpg.dll&[]
&{C6D047BE-AC40-4FB7-8AAF-22F2336ECCE3}&&C:\WINDOWS\system32\cmdgknbe.dll&[]
&{08-427D-8096-B4BAD0DF0784}&&C:\WINDOWS\system32\ningdeid.dll&[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
&PostBootReminder&&%SystemRoot%\system32\SHELL32.dll&[(Verified)Microsoft Windows Component Publisher]
&CDBurn&&%SystemRoot%\system32\SHELL32.dll&[(Verified)Microsoft Windows Component Publisher]
&WebCheck&&%SystemRoot%\system32\webcheck.dll&[(Verified)Microsoft Windows Publisher]
&SysTray&&C:\WINDOWS\system32\stobject.dll&[(Verified)Microsoft Windows Publisher]
&DFB0160B&&&[N/A]
&DB02069D&&&[N/A]
&E2AFA318&&&[N/A]
&160D1B7F&&&[N/A]
&6556578A&&&[N/A]
&8CB8874E&&&[N/A]
&3742B0AA&&&[N/A]
&9ACC42A3&&&[N/A]
&A638696A&&&[N/A]
&47997C9F&&&[N/A]
&2FCD281F&&&[N/A]
&C903590D&&&[N/A]
&B43F1EF8&&&[N/A]
&D6667E4E&&&[N/A]
&B9D927A6&&&[N/A]
&52D7D9B4&&&[N/A]
&F709823B&&&[N/A]
&558CA071&&&[N/A]
&DF2F84A2&&&[N/A]
&5CA030AB&&&[N/A]
&8BCF1530&&&[N/A]
&B16160DF&&&[N/A]
&DBEBD293&&&[N/A]
&34502BF3&&&[N/A]
&8ECA0AA8&&&[N/A]
&68DA561D&&&[N/A]
&4E1758CC&&&[N/A]
&26DBD8AA&&&[N/A]
&5B61DE76&&&[N/A]
&1D19B7A9&&&[N/A]
&08FE6604&&&[N/A]
&ED67CA2D&&&[N/A]
&4272BA3F&&&[N/A]
&ED4A94FB&&&[N/A]
&0AF7FD9D&&&[N/A]
&2E13CE81&&&[N/A]
&04C350EC&&&[N/A]
&DB0A2648&&&[N/A]
&3BDAB254&&&[N/A]
&81326D8B&&&[N/A]
&A4EFEA80&&&[N/A]
&D912AB11&&&[N/A]
&F6578688&&&[N/A]
&CEE9DBB8&&&[N/A]
&5195014E&&&[N/A]
&ADC9A95F&&&[N/A]
&B83B19C5&&&[N/A]
&93E5ED84&&&[N/A]
&F1357F59&&&[N/A]
&2DC73C12&&&[N/A]
&E037A793&&&[N/A]
&C9D535F6&&&[N/A]
&C44505EA&&&[N/A]
&7584E17B&&C:\WINDOWS\system32\nlokehnb.dll&[File is missing]
&9274523E&&C:\WINDOWS\system32\pinklije.dll&[]
&A3B11FCB&&C:\WINDOWS\system32\ajbhhfcb.dll&[]
&369E512C&&C:\WINDOWS\system32\jmpelhic.dll&[]
&65E9BFA2&&C:\WINDOWS\system32\mlepbfai.dll&[]
&810EC1FF&&C:\WINDOWS\system32\ohgechff.dll&[]
&D5E64135&&C:\WINDOWS\system32\dlemkhjl.dll&[]
&4DCBB358&&C:\WINDOWS\system32\kdcbbjlo.dll&[]
&D4435C74&&C:\WINDOWS\system32\dkkjlcnk.dll&[]
&EB8FC4AF&&C:\WINDOWS\system32\ebofckaf.dll&[]
&39DB544A&&C:\WINDOWS\system32\jpdblkka.dll&[]
&0A0936C4&&C:\WINDOWS\system32\gagpjmck.dll&[]
&20BFB7C7&&C:\WINDOWS\system32\igbfbncn.dll&[]
&C68212A1&&C:\WINDOWS\system32\cmoihiah.dll&[]
&62298C0B&&C:\WINDOWS\system32\miipocgb.dll&[]
&C1823790&&C:\WINDOWS\system32\choijnpg.dll&[]
&C6D047BE&&C:\WINDOWS\system32\cmdgknbe.dll&[]
&7270DE2D&&C:\WINDOWS\system32\ningdeid.dll&[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
&WinlogonNotify: crypt32chain&&crypt32.dll&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
&WinlogonNotify: cryptnet&&cryptnet.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
&WinlogonNotify: cscdll&&cscdll.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
&WinlogonNotify: ScCertProp&&wlnotify.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
&WinlogonNotify: Schedule&&wlnotify.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
&WinlogonNotify: sclgntfy&&sclgntfy.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
&WinlogonNotify: SensLogn&&WlNotify.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
&WinlogonNotify: termsrv&&wlnotify.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
&WinlogonNotify: wlballoon&&wlnotify.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
&{-A8BA-11D1-B96B-00A0C90312E1}&&%SystemRoot%\system32\browseui.dll&[(Verified)Microsoft Windows Component Publisher]
&{8C7461EF-2B13-11d2-BE35-0}&&%SystemRoot%\system32\browseui.dll&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{22d6f312-b0f6-11d0-94ab-e95}]
&Microsoft Windows Media Player&&C:\WINDOWS\inf\unregmp2.exe /ShowWMP&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{d38-484f-9b9e-dec}]
&Internet Explorer&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{60B49E34-C7CC-11D0-C90347FF}MICROS]
&浏览器自定义组件&&RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
&Outlook Express&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09--FED}]
&Themes Setup&&%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
&Microsoft Outlook Express 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:OE /CALLER:WINNT /user /install&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
&NetMeeting 3.01&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{e7d-11d1-bc44-00c04fd912be}]
&Windows Messenger 4.7&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
&Microsoft Windows Media Player&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{71-11d2-AF11-00C04FA35D02}]
&通讯簿 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:WAB /CALLER:WINNT /user /install&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4340}]
&Windows 桌面更新&®svr32.exe /s /n /i:U shell32.dll&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4383}]
&Internet Explorer 6&&%SystemRoot%\system32\ie4uinit.exe&[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe]
&IFEO[360rpt.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe]
&IFEO[360Safe.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safebox.exe]
&IFEO[360safebox.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe]
&IFEO[360tray.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adam.exe]
&IFEO[adam.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe]
&IFEO[AgentSvr.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntiArp.exe]
&IFEO[AntiArp.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AppSvc32.exe]
&IFEO[AppSvc32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arswp.exe]
&IFEO[arswp.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AST.exe]
&IFEO[AST.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe]
&IFEO[autoruns.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe]
&IFEO[avcenter.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe]
&IFEO[avconsol.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe]
&IFEO[avgnt.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe]
&IFEO[avgrssvc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe]
&IFEO[AvMonitor.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution ]
&]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe]
&IFEO[avp.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe]
&IFEO[CCenter.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe]
&IFEO[ccSvcHst.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DrvAnti.exe]
&IFEO[DrvAnti.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EGHOST.exe]
&IFEO[EGHOST.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FileDsty.exe]
&IFEO[FileDsty.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\filemon.exe]
&IFEO[filemon.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FTCleanerShell.exe]
&IFEO[FTCleanerShell.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FYFireWall.exe]
&IFEO[FYFireWall.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GFRing3.exe]
&IFEO[GFRing3.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GFUpd.exe]
&IFEO[GFUpd.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe]
&IFEO[HijackThis.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe]
&IFEO[IceSword.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmo.exe]
&IFEO[iparmo.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe]
&IFEO[Iparmor.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe]
&IFEO[isPwdSvc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe]
&IFEO[kabaload.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe]
&IFEO[KASMain.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe]
&IFEO[KASTask.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe]
&IFEO[KAV32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe]
&IFEO[KAVDX.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPF.exe]
&IFEO[KAVPF.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe]
&IFEO[KAVPFW.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe]
&IFEO[KAVSetup.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe]
&IFEO[KAVStart.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe]
&IFEO[KISLnchr.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe]
&IFEO[KMailMon.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe]
&IFEO[KMFilter.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe]
&IFEO[KPFW32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe]
&IFEO[KPFW32X.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPfwSvc.exe]
&IFEO[KPfwSvc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Kregex.exe]
&IFEO[Kregex.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution ]
&]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe]
&IFEO[KsLoader.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe]
&IFEO[KvDetect.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe]
&IFEO[KvfwMcl.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe]
&IFEO[kvol.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe]
&IFEO[kvolself.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe]
&IFEO[KVSrvXP.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe]
&IFEO[kvupload.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe]
&IFEO[kvwsc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp]
&IFEO[KvXP.kxp]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe]
&IFEO[KWatch.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe]
&IFEO[KWatch9x.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe]
&IFEO[KWatchX.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe]
&IFEO[MagicSet.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe]
&IFEO[mcconsol.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\McNASvc.exe]
&IFEO[McNASvc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\McProxy.exe]
&IFEO[McProxy.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Mcshield.exe]
&IFEO[Mcshield.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsysmon.exe]
&IFEO[mcsysmon.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe]
&IFEO[mmqczj.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe]
&IFEO[mmsk.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpfSrv.exe]
&IFEO[MpfSrv.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.exe]
&IFEO[Navapsvc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapw32.exe]
&IFEO[Navapw32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVSetup.exe]
&IFEO[NAVSetup.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe]
&IFEO[nod32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe]
&IFEO[nod32krn.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe]
&IFEO[nod32kui.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NPFMntor.exe]
&IFEO[NPFMntor.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.exe]
&IFEO[PFW.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe]
&IFEO[PFWLiveUpdate.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ProcessSafe.exe]
&IFEO[ProcessSafe.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe]
&IFEO[procexp.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe]
&IFEO[QHSET.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctor.exe]
&IFEO[QQDoctor.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctorMain.exe]
&IFEO[QQDoctorMain.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQKav.exe]
&IFEO[QQKav.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ras.exe]
&IFEO[Ras.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe]
&IFEO[Rav.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMon.exe]
&IFEO[RavMon.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe]
&IFEO[RavMonD.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe]
&IFEO[RavStub.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavTask.exe]
&IFEO[RavTask.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RawCopy.exe]
&IFEO[RawCopy.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe]
&IFEO[RegClean.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regmon.exe]
&IFEO[regmon.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegTool.exe]
&IFEO[RegTool.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe]
&IFEO[rfwcfg.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.exe]
&IFEO[rfwmain.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwProxy.exe]
&IFEO[rfwProxy.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe]
&IFEO[rfwsrv.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwstub.exe]
&IFEO[rfwstub.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe]
&IFEO[RsAgent.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe]
&IFEO[Rsaupd.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RStray.exe]
&IFEO[RStray.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe]
&IFEO[rstrui.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rtvscan.exe]
&IFEO[Rtvscan.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe]
&IFEO[runiep.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.exe]
&IFEO[safeboxTray.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe]
&IFEO[safelive.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe]
&IFEO[scan32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SelfUpdate.exe]
&IFEO[SelfUpdate.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe]
&IFEO[shcfg32.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe]
&IFEO[SmartUp.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.exe]
&IFEO[SREng.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SuperKiller.exe]
&IFEO[SuperKiller.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe]
&IFEO[symlcsvc.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe]
&IFEO[SysSafe.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
&IFEO[taskmgr.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe]
&IFEO[TrojanDetector.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe]
&IFEO[Trojanwall.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.exe]
&IFEO[TrojDie.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIHost.exe]
&IFEO[UIHost.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAgent.exe]
&IFEO[UmxAgent.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAttachment.exe]
&IFEO[UmxAttachment.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxCfg.exe]
&IFEO[UmxCfg.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxFwHlp.exe]
&IFEO[UmxFwHlp.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxPol.exe]
&IFEO[UmxPol.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upiea.exe]
&IFEO[upiea.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpLive.exe]
&IFEO[UpLive.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\USBCleaner.exe]
&IFEO[USBCleaner.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsstat.exe]
&IFEO[vsstat.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webscanx.exe]
&IFEO[webscanx.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WoptiClean.exe]
&IFEO[WoptiClean.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zxsweep.exe]
&IFEO[zxsweep.exe]&&ntsd -d&[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&Alcmtr&&; ALCMTR.EXE&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&BgMonitor_{C6C-4d9f-84C7-88D8A56B10AA}&&; &C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe&&[(Verified)Nero AG]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&IMJPMIG8.1&&; &C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE& /Spoil /RemAdvDef /Migration32&[(Verified)Microsoft Windows Publisher]
&IMSCMig&&; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload&[(Verified)Microsoft Corporation]
&Logitech Utility&&; Logi_MwX.Exe&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&MSMSGS&&; &C:\Program Files\Messenger\msmsgs.exe& /background&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&NeroFilterCheck&&; C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe&[(Verified)Nero AG]
&NvCplDaemon&&; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
&NvMediaCenter&&; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
&nwiz&&; nwiz.exe /install&[]
&PHIME2002A&&; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName&[(Verified)Microsoft Windows Publisher]
&PHIME2002ASync&&; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC&[(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&QQDownload&&; &C:\Program Files\Tencent\QQDownload\QQDownload.exe& autostart&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&QuickTime Task&&; &C:\Program Files\QuickTime\QTTask.exe& -atboottime&[Apple Inc.]
&RTHDCPL&&; RTHDCPL.EXE&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
&runeip&&; &C:\Program Files\Rising\AntiSpyware\rstray.exe& /startup&[]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&svchest.exe&&; C:\WINDOWS\system32\svchest.exe&[番茄花园]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&SysExplr&&; C:\HEROSOFT\Hero3000\SYSEXPLR.EXE&[]
&TVTray&&; &[N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&WangWang&&; &C:\Program Files\Alisoft\WangWang\WangWang.exe&&[(Verified)&Alibaba Software(Shanghai)Co,. Ltd&]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
&zBrowser Launcher&&; C:\Program Files\Logitech\iTouch\iTouch.exe&[Logitech Inc.]
==================================
启动文件夹
UID: 56463
论坛新人, 积分 0, 距离下一级还需 50 积分
==================================
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
&&C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe&&&Adobe Systems&
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
&C:\Program Files\StormII\stormliv.exe /asservice&&北京暴风网际科技有限公司&
[ervice / ervice][Running/Auto Start]
&C:\WINDOWS\system32\sv1F.tmp.exe&&N/A&
[Human Interface Device Access / HidServ][Stopped/Disabled]
&C:\WINDOWS\System32\svchost.exe -k netsvcs--&%SystemRoot%\System32\hidserv.dll&&N/A&
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
&&C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe&&&Macrovision Corporation&
[NBService / NBService][Stopped/Manual Start]
&C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe&&Nero AG&
[NMIndexingService / NMIndexingService][Stopped/Manual Start]
&&C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe&&&Nero AG&
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
&C:\WINDOWS\system32\nvsvc32.exe&&NVIDIA Corporation&
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
&C:\Program Files\Rising\Rav\CCENTER.EXE&&Beijing Rising Information Technology Co., Ltd.&
[Rising RavTask Manager / RavTask][Stopped/Auto Start]
&&C:\Program Files\Rising\Rav\RavTask.exe& RavTask&&Beijing Rising Information Technology Co., Ltd.&
[Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start]
&C:\Program Files\Rising\Rfw\CCENTER.EXE&&Beijing Rising Information Technology Co., Ltd.&
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
&C:\Program Files\Rising\Rfw\rfwsrv.exe&&N/A&
[Rising RfwTask Manager / RfwTask][Stopped/Auto Start]
&&C:\Program Files\Rising\Rfw\RavTask.exe& RfwTask&&Beijing Rising Information Technology Co., Ltd.&
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
&C:\Program Files\Rising\Rav\RavMonD.exe&&N/A&
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
&C:\Program Files\Rising\Rav\ScanFrm.exe&&N/A&
[WatchData ccb V3.2 / WDMonitorCCB][Running/Auto Start]
&C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe&&Beijing WatchData System Co., Ltd.&
==================================
[AMD Processor Driver / AmdK8][Running/System Start]
&system32\DRIVERS\AmdK8.sys&&Advanced Micro Devices&
[cdrblock / cdrblock][Running/System Start]
&system32\DRIVERS\cdrblock.sys&&Canopus Co,. Ltd.&
[cdrport / cdrport][Running/System Start]
&system32\DRIVERS\cdrport.sys&&Canopus Co,. Ltd.&
[gdrv / gdrv][Stopped/Manual Start]
&\??\C:\WINDOWS\gdrv.sys&&Windows (R) 2000 DDK provider&
[Hardlock / Hardlock][Running/Auto Start]
&\??\C:\WINDOWS\system32\drivers\hardlock.sys&&Aladdin Knowledge Systems Ltd.&
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
&system32\DRIVERS\HDAudBus.sys&&Windows (R) Server 2003 DDK provider&
[HookCont / HookCont][Running/System Start]
&system32\drivers\HookCont.sys&&Beijing Rising Information Technology Co., Ltd.&
[HookSys / HookSys][Stopped/Disabled]
&system32\drivers\HookSys.sys&&Beijing Rising Information Technology Co., Ltd.&
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
&system32\drivers\RtkHDAud.sys&&Realtek Semiconductor Corp.&
[iTouch Keyboard Filter / itchfltr][Running/Manual Start]
&system32\DRIVERS\itchfltr.sys&&Logitech, Inc.&
[KAVSafe / KAVSafe][Stopped/Auto Start]
&\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys&&Kingsoft Corporation&
[Logitech PS/2 Mouse Filter Driver / L8042pr2][Running/Manual Start]
&system32\DRIVERS\L8042pr2.Sys&&Logitech, Inc.&
[Logitech Mouse Class Filter Driver / LMouFlt2][Running/Manual Start]
&system32\DRIVERS\LMouFlt2.Sys&&Logitech, Inc.&
[msiffei / msiffei][Stopped/Manual Start]
&System32\Drivers\msiffei.sys&&N/A&
[npkcrypt / npkcrypt][Stopped/Manual Start]
&\??\C:\WINDOWS\system32\npkcrypt.sys&&N/A&
[npkycryp / npkycryp][Stopped/Manual Start]
&\??\C:\WINDOWS\system32\npkycryp.sys&&N/A&
[nv / nv][Running/Manual Start]
&system32\DRIVERS\nv4_mini.sys&&NVIDIA Corporation&
[NVIDIA nForce Networking Controller Driver / NVENETFD][Stopped/Manual Start]
&system32\DRIVERS\NVENETFD.sys&&NVIDIA Corporation&
[NVIDIA Network Bus Enumerator / nvnetbus][Stopped/Manual Start]
&system32\DRIVERS\nvnetbus.sys&&NVIDIA Corporation&
[PavSRK.sys / PavSRK.sys][Stopped/Manual Start]
&\??\C:\WINDOWS\system32\PavSRK.sys&&N/A&
[Padus ASPI Shell / pfc][Running/Manual Start]
&system32\drivers\pfc.sys&&Padus, Inc.&
[pnpshark / pnpshark][Running/Boot Start]
&\SystemRoot\system32\DRIVERS\pnpshark.sys&&&
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
&system32\DRIVERS\ptilink.sys&&Parallel Technologies, Inc.&
[PxHelp20 / PxHelp20][Running/Boot Start]
&\SystemRoot\system32\DRIVERS\PxHelp20.sys&&Sonic Solutions&
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
&\SystemRoot\system32\KeyCrypt.sys&&Tencent Technology (Shenzhen) Company Limited&
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
&system32\DRIVERS\rfwbase.sys&&Beijing Rising Information Technology Co., Ltd.&
[rfwtdi / rfwtdi][Running/Auto Start]
&\??\C:\Program Files\Rising\Rfw\rfwtdi.sys&&Beijing Rising Information Technology Co., Ltd.&
[RsFwDrv / RsFwDrv][Running/System Start]
&\??\C:\Program Files\Rising\Rfw\rsfwdrv.sys&&Beijing Rising Information Technology Co., Ltd.&
[RsNTGDI / RsNTGDI][Running/Boot Start]
&\SystemRoot\system32\Drivers\RsNTGdi.sys&&Beijing Rising Information Technology Co., Ltd.&
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
&system32\DRIVERS\RTL8139.SYS&&Realtek Semiconductor Corporation&
[Secdrv / Secdrv][Stopped/Manual Start]
&system32\DRIVERS\secdrv.sys&&Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.&
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
&system32\DRIVERS\SONYPVU1.SYS&&Sony Corporation&
[st3shark / st3shark][Running/Boot Start]
&\SystemRoot\system32\DRIVERS\st3shark.sys&&&
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
&system32\DRIVERS\tcpip.sys&&Microsoft Corporation&
[TesSafe / TesSafe][Stopped/Manual Start]
&\??\C:\WINDOWS\system32\TesSafe.sys&&TENCENT&
[10moons UT330 / TridVid][Running/Manual Start]
&system32\DRIVERS\TridVid.sys&&10moons&
==================================
浏览器加载项
[EWPBrowseObject Class]
{68F-48E4-9AAF-4BC42A6A46BE} &C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll, &
[卡卡上网安全助手]
{98B7C13A-E9CD--FBEAB41E42A8} &C:\WINDOWS\system32\urlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.&
{367E0A21-C9A-153BF5ACA118} &C:\HEROSOFT\Hero3000\MPLAYER.EXE, N/A&
[信息检索(&R)]
{CC-41C8-B9BE-3C9C571A8263} &C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation&
[Messenger]
{FB5Fd2-BB9E-00C04F795683} &C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation&
[Easy-WebPrint]
{327Cc37-AA9D-10AC9BABA46C} &C:\Program Files\Canon\Easy-WebPrint\Toolband.dll, &
[EditCtrl Class]
{488AB3-8F27-FA1AECAA8844} &C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) &
[Tencent Safety Online Base Module]
{C09B522F-8AED-4E21-A65C-DC1AB652BAEE} &C:\WINDOWS\DOWNLO~1\TSOBase.ocx, (Signed) Tencent Corporation&
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} &C:\WINDOWS\system32\3DShowVM.ocx, QQ&
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.&
[QQCycloneHelper Class]
{C9--D2} &C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll, (Signed) 腾讯公司&
{03507A1A-E0C5-4404-AA26-2D} &, &
[iTrusPTA Class]
{1E0DFFCF-27FF-007349FEDA} &C:\WINDOWS\system32\aliedit\pta.dll, (Signed) &
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-E95} &C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation&
{2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} &, &
[HTML Document]
{F9-11CF-8FD0-00AA00686F13} &%SystemRoot%\system32\mshtml.dll, (Signed) N/A&
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} &C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation&
{2EEDA47E-8D5C-4d7e-B4B6-E16E} &, &
[Easy-WebPrint]
{327CC37-AA9D-10AC9BABA46C} &C:\Program Files\Canon\Easy-WebPrint\Toolband.dll, &
{32D-42B5-8980-FB561D1BE2D0} &, &
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-} &C:\WINDOWS\system32\tdc.ocx, (Signed) Microsoft Corporation&
{367E0A21-C9A-153BF5ACA118} &, &
[QuickTime Object]
{B08-470D-A0D5-B37161CFFD69} &C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.&
[XML Document]
{4D9-11D1-A6B3-00C04FD91555} &C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation&
[EditCtrl Class]
{488AB3-8F27-FA1AECAA8844} &C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) &
[Shell Name Space]
{DE-11D1-B9F2-00A0C98BC547} &%SystemRoot%\system32\shdocvw.dll, (Signed) N/A&
[XMP Class]
{8-4C41-AACC-52D4D7845851} &C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, &
[EWPBrowseObject Class]
{68F-48E4-9AAF-4BC42A6A46BE} &C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll, &
[QQMusicCreator Class]
{A89--9} &, &
{693571CB-54A3-4E90-9D52-EEAE} &C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, &
[StormPlayer Object]
{6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} &C:\Program Files\StormII\mps.dll, 北京暴风网际科技有限公司&
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} &C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation&
[WangWangObj Class]
{6E213FC7-DD5A--D4CE} &C:\Program Files\Alisoft\WangWang\WangWangX6.dll, (Signed) 阿里巴巴软件(上海)有限公司&
{73E4740C-08EB-D0A7C9EE3CD} &, &
[Microsoft Web 浏览器]
{A-11D0-A96B-00C04FD705A2} &C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation&
{8D9E0B29-563C--5FF2AE77E1D2} &, &
{CC-41C8-B9BE-3C9C571A8263} &, &
{962EFB8E--AC74-AAA4C759B9C6} &, &
[卡卡上网安全助手]
{98B7C13A-E9CD--FBEAB41E42A8} &C:\WINDOWS\system32\urlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.&
[WMEncProfileManager Class]
{A8D3AD02--B2E9-AD33F087F43C} &C:\Program Files\Windows Media Components\Encoder\WMEX.dll, Microsoft Corporation&
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} &C:\WINDOWS\system32\msnetobj.dll, (Signed) Microsoft Corporation&
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} &, &
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-} &C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation&
{B234553D-A066-3F7BAB47F7} &, &
[SearchAssistantOC]
{B45FF030--85DE-00C04FA35C89} &%SystemRoot%\system32\shdocvw.dll, (Signed) N/A&
[Messenger Object]
{BE-4B48-836C-BC} &C:\Program Files\Messenger\msgsc.dll, (Signed) Microsoft Corporation&
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} &C:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation&
[ScreenCapture Class]
{BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} &C:\WINDOWS\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.&
[Tencent Safety Online Base Module]
{C09B522F-8AED-4E21-A65C-DC1AB652BAEE} &C:\WINDOWS\DOWNLO~1\TSOBase.ocx, (Signed) Tencent Corporation&
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} &C:\WINDOWS\system32\3DShowVM.ocx, QQ&
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation&
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC} &C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation&
[WDCCBCtrl Class]
{CEBD-4DC1-A046-0BDCB5A06CEB} &C:\WINDOWS\system32\wdccb.dll, (Signed) &
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} &C:\Program Files\StormII\Codec\rmoc3260.dll, (Signed) RealNetworks, Inc.&
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-} &C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.&
[Easy-WebPrint Helper]
{D5E20F5B-9DB8-4230-BA09-7B8DB43D83EE} &C:\Program Files\Canon\Easy-WebPrint\TemplateHelper.dll, &
[TencentVmpCtl Class]
{DB-B} &C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation&
[PlayerCtrl Class]
{E05BC2A3-9A46-4A32-80C9-023A473F5B23} &D:\学习资料(俺的)\QzoneMusic.dll, (Signed) 深圳腾讯科技&
[QvodCtrl Class]
{F3D0D36F-23F8-C92B03D4AF} &C:\Program Files\QvodPlayer\QvodInsert.dll, N/A&
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} &, &
{FB5FD2-BB9E-00C04F795683} &, &
[&使用超级旋风下载]
&C:\Program Files\Tencent\QQDownload\geturl.htm, N/A&
[&使用超级旋风下载全部链接]
&C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A&
[Easy-WebPrint打印]
&res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html, N/A&
[Easy-WebPrint添加到打印列表]
&res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html, N/A&
[Easy-WebPrint预览]
&res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html, N/A&
[Easy-WebPrint高速打印]
&res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html, N/A&
[导出到 Microsoft Office Excel(&X)]
&res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A&
[添加到QQ表情]
&C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A&
[解霸实时播放]
&C:\HEROSOFT\Hero3000\MPURLGET.HTM, N/A&
UID: 56463
论坛新人, 积分 0, 距离下一级还需 50 积分
==================================
正在运行的进程
[PID: 720 / SYSTEM][\SystemRoot\System32\smss.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 788 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 812 / SYSTEM][\??\C:\WINDOWS\SYSTEM32\winlogon.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 856 / SYSTEM][C:\WINDOWS\system32\services.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 868 / SYSTEM][C:\WINDOWS\system32\lsass.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1036 / SYSTEM][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[C:\WINDOWS\system32\anymie360.dll][N/A, ]
[PID: 1092 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1204 / SYSTEM][C:\WINDOWS\System32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1332 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1368 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1624 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_gdr.9)]
[C:\WINDOWS\system32\CNMLM87.DLL][CANON INC., 2.00.4.13]
[C:\WINDOWS\system32\mdimon.dll][Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD87.DLL][CANON INC., 2.00.4.13]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll][Microsoft Corporation, 11.3.1897.0]
[PID: 1784 / zhangqianchun][C:\WINDOWS\system32\userinit.exe][N/A, ]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[PID: 1904 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1932 / SYSTEM][C:\Program Files\StormII\stormliv.exe][北京暴风网际科技有限公司, 3, 8, 12, 12]
[C:\Program Files\StormII\bfoptdll.dll][北京暴风网际科技有限公司, 3, 8, 7, 16]
[C:\Program Files\StormII\box\BoxLog.dll][北京暴风网际科技有限公司, 3, 8, 12, 12]
[PID: 1972 / SYSTEM][C:\WINDOWS\system32\sv1F.tmp.exe][N/A, ]
[PID: 136 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe][NVIDIA Corporation, 6.14.11.5822]
[C:\WINDOWS\system32\nvapi.dll][NVIDIA Corporation, 6.14.11.5822]
[PID: 528 / SYSTEM][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 548 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe][Microsoft Corporation, 5.2. built by: dnsrv(bld4act)]
[PID: 608 / SYSTEM][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe][ Beijing WatchData System Co., Ltd., 3, 2, 0, 0]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\TokenMgr.dll][ Beijing WatchData System Co., Ltd., 3, 6, 3, 2]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDAlg.DLL][ Beijing WatchData System C0., Ltd., 3, 5, 12, 20]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll][Watchdata, 1, 0, 0, 11]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDPKCS.dll][ Beijing WatchData System Co., Ltd., 3, 6, 2, 15]
[PID: 1316 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[PID: 1848 / zhangqianchun][C:\WINDOWS\explorer.exe][(Verified) Microsoft Corporation, 6.00. (xpsp_sp2_gdr.4)]
[C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll][Nero AG, 2, 0, 0, 8]
[C:\Program Files\Common Files\Ahead\Lib\MFC71.DLL][Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll][Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll][Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71CHS.DLL][Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\RavExt.dll][Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[C:\WINDOWS\system32\pinklije.dll][N/A, ]
[C:\WINDOWS\system32\ajbhhfcb.dll][N/A, ]
[C:\WINDOWS\system32\jmpelhic.dll][N/A, ]
[C:\WINDOWS\system32\mlepbfai.dll][N/A, ]
[C:\WINDOWS\system32\ohgechff.dll][N/A, ]
[C:\WINDOWS\system32\dlemkhjl.dll][N/A, ]
[C:\WINDOWS\system32\kdcbbjlo.dll][N/A, ]
[C:\WINDOWS\system32\dkkjlcnk.dll][N/A, ]
[C:\WINDOWS\system32\ebofckaf.dll][N/A, ]
[C:\WINDOWS\system32\jpdblkka.dll][N/A, ]
[C:\WINDOWS\system32\gagpjmck.dll][N/A, ]
[C:\WINDOWS\system32\igbfbncn.dll][N/A, ]
[C:\WINDOWS\system32\cmoihiah.dll][N/A, ]
[C:\WINDOWS\system32\miipocgb.dll][N/A, ]
[C:\WINDOWS\system32\choijnpg.dll][N/A, ]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[C:\WINDOWS\system32\anymie360.dll][N/A, ]
[C:\WINDOWS\system32\cmdgknbe.dll][N/A, ]
[C:\WINDOWS\system32\ningdeid.dll][N/A, ]
[C:\WINDOWS\system32\plelfmlm.dll][N/A, ]
[PID: 2004 / zhangqianchun][C:\WINDOWS\system32\conime.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[PID: 204 / zhangqianchun][C:\Program Files\D-Tools\daemon.exe][DAEMON'S HOME, 3.41.0.0]
[C:\WINDOWS\daemon.dll][, 3.41.0.0]
[C:\Program Files\D-Tools\PFCTOC.DLL][Padus(R), Inc., 1, 0, 0, 12]
[C:\Program Files\D-Tools\Plugins\Images\ccdmount.dll][GENERIC, 1.01.0.0]
[C:\Program Files\D-Tools\Plugins\Images\mdsmount.dll][GENERIC, 1.01.0.0]
[C:\Program Files\D-Tools\Plugins\Images\pdimount.dll][GENERIC, 1.01.0.0]
[C:\Program Files\D-Tools\Plugins\Images\nrgmount.dll][GENERIC, 1.01.0.0]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[PID: 376 / zhangqianchun][C:\WINDOWS\system32\ctfmon.exe][(Verified) Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[PID: 3540 / zhangqianchun][C:\Program Files\Rising\Rfw\rsnetsvr.exe][Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[C:\Program Files\Rising\Rfw\NComm.dll][Beijing Rising Information Technology Co., Ltd., 6.0.0.9]
[C:\Program Files\Rising\Rfw\Syslay.dll][Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[C:\WINDOWS\system32\pinklije.dll][N/A, ]
[C:\WINDOWS\system32\ajbhhfcb.dll][N/A, ]
[C:\WINDOWS\system32\jmpelhic.dll][N/A, ]
[C:\WINDOWS\system32\mlepbfai.dll][N/A, ]
[C:\WINDOWS\system32\ohgechff.dll][N/A, ]
[C:\WINDOWS\system32\dlemkhjl.dll][N/A, ]
[C:\WINDOWS\system32\kdcbbjlo.dll][N/A, ]
[C:\WINDOWS\system32\dkkjlcnk.dll][N/A, ]
[C:\WINDOWS\system32\ebofckaf.dll][N/A, ]
[C:\Program Files\Rising\Rfw\comx3.dll][Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
[C:\Program Files\Rising\Rfw\ProcComm.dll][Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
[C:\WINDOWS\system32\MSVCR71.dll][Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll][Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[PID: 3796 / zhangqianchun][C:\Program Files\Internet Explorer\iexplore.exe][Microsoft Corporation, 6.00. (xpsp_sp2_rtm.8)]
[C:\WINDOWS\system32\pinklije.dll][N/A, ]
[C:\WINDOWS\system32\ajbhhfcb.dll][N/A, ]
[C:\WINDOWS\system32\jmpelhic.dll][N/A, ]
[C:\WINDOWS\system32\mlepbfai.dll][N/A, ]
[C:\WINDOWS\system32\ohgechff.dll][N/A, ]
[C:\WINDOWS\system32\dlemkhjl.dll][N/A, ]
[C:\WINDOWS\system32\kdcbbjlo.dll][N/A, ]
[C:\WINDOWS\system32\dkkjlcnk.dll][N/A, ]
[C:\WINDOWS\system32\ebofckaf.dll][N/A, ]
[C:\WINDOWS\system32\jpdblkka.dll][N/A, ]
[C:\WINDOWS\system32\gagpjmck.dll][N/A, ]
[C:\WINDOWS\system32\igbfbncn.dll][N/A, ]
[C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll][, 2, 6, 4, 1]
[C:\WINDOWS\system32\MSVCR71.dll][Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Canon\Easy-WebPrint\EWPCore.dll][, 2, 6, 4, 1]
[C:\WINDOWS\system32\MSVCP71.dll][Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\urlFilter.dll][Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
[C:\Program Files\Rising\AntiSpyware\UrlRule.dll][Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
[C:\Program Files\Rising\Rav\RavScrCh.dll][Beijing Rising Information Technology Co., Ltd., 21.0.0.60]
[C:\WINDOWS\system32\cmoihiah.dll][N/A, ]
[C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx][Adobe Systems, Inc., 10,0,12,36]
[C:\WINDOWS\system32\miipocgb.dll][N/A, ]
[C:\WINDOWS\system32\choijnpg.dll][N/A, ]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[C:\WINDOWS\system32\plelfmlm.dll][N/A, ]
[C:\WINDOWS\system32\ningdeid.dll][N/A, ]
[C:\WINDOWS\system32\cmdgknbe.dll][N/A, ]
[PID: 2180 / zhangqianchun][C:\Program Files\WinRAR\WinRAR.exe][N/A, ]
[C:\WINDOWS\system32\pinklije.dll][N/A, ]
[C:\WINDOWS\system32\ajbhhfcb.dll][N/A, ]
[C:\WINDOWS\system32\jmpelhic.dll][N/A, ]
[C:\WINDOWS\system32\mlepbfai.dll][N/A, ]
[C:\WINDOWS\system32\ohgechff.dll][N/A, ]
[C:\WINDOWS\system32\dlemkhjl.dll][N/A, ]
[C:\WINDOWS\system32\kdcbbjlo.dll][N/A, ]
[C:\WINDOWS\system32\dkkjlcnk.dll][N/A, ]
[C:\WINDOWS\system32\ebofckaf.dll][N/A, ]
[C:\WINDOWS\system32\jpdblkka.dll][N/A, ]
[C:\WINDOWS\system32\gagpjmck.dll][N/A, ]
[C:\WINDOWS\system32\igbfbncn.dll][N/A, ]
[C:\WINDOWS\system32\cmoihiah.dll][N/A, ]
[C:\WINDOWS\system32\miipocgb.dll][N/A, ]
[C:\WINDOWS\system32\choijnpg.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[C:\WINDOWS\system32\plelfmlm.dll][N/A, ]
[C:\WINDOWS\system32\ningdeid.dll][N/A, ]
[C:\WINDOWS\system32\cmdgknbe.dll][N/A, ]
[PID: 2632 / zhangqianchun][C:\WINDOWS\TEMP\Rar$EX00.094\SREngLdr.EXE][Smallfrogs Studio, 2.7.0.1210]
[C:\WINDOWS\system32\dlemkhjl.dll][N/A, ]
[C:\WINDOWS\system32\ohgechff.dll][N/A, ]
[C:\WINDOWS\system32\mlepbfai.dll][N/A, ]
[C:\WINDOWS\system32\ajbhhfcb.dll][N/A, ]
[C:\WINDOWS\system32\pinklije.dll][N/A, ]
[C:\WINDOWS\system32\jmpelhic.dll][N/A, ]
[C:\WINDOWS\system32\ebofckaf.dll][N/A, ]
[C:\WINDOWS\system32\dkkjlcnk.dll][N/A, ]
[C:\WINDOWS\system32\cmoihiah.dll][N/A, ]
[C:\WINDOWS\system32\choijnpg.dll][N/A, ]
[C:\WINDOWS\system32\miipocgb.dll][N/A, ]
[C:\WINDOWS\system32\igbfbncn.dll][N/A, ]
[C:\WINDOWS\system32\gagpjmck.dll][N/A, ]
[C:\WINDOWS\system32\jpdblkka.dll][N/A, ]
[C:\WINDOWS\system32\kdcbbjlo.dll][N/A, ]
[PID: 2692 / zhangqianchun][C:\WINDOWS\TEMP\Rar$EX00.094\SRE6a9d7856.EXE][Smallfrogs Studio, 2.7.0.1210]
[C:\WINDOWS\system32\dlemkhjl.dll][N/A, ]
[C:\WINDOWS\system32\ohgechff.dll][N/A, ]
[C:\WINDOWS\system32\mlepbfai.dll][N/A, ]
[C:\WINDOWS\system32\ajbhhfcb.dll][N/A, ]
[C:\WINDOWS\system32\pinklije.dll][N/A, ]
[C:\WINDOWS\system32\jmpelhic.dll][N/A, ]
[C:\WINDOWS\system32\ebofckaf.dll][N/A, ]
[C:\WINDOWS\system32\dkkjlcnk.dll][N/A, ]
[C:\WINDOWS\system32\cmoihiah.dll][N/A, ]
[C:\WINDOWS\system32\choijnpg.dll][N/A, ]
[C:\WINDOWS\system32\miipocgb.dll][N/A, ]
[C:\WINDOWS\system32\igbfbncn.dll][N/A, ]
[C:\WINDOWS\system32\gagpjmck.dll][N/A, ]
[C:\WINDOWS\system32\jpdblkka.dll][N/A, ]
[C:\WINDOWS\system32\kdcbbjlo.dll][N/A, ]
[C:\WINDOWS\TEMP\wooolinit.dat][N/A, ]
[C:\WINDOWS\TEMP\ZPWGameRecord.dll][N/A, ]
[C:\WINDOWS\TEMP\Rar$EX00.094\Upload\3rdUpd.DLL][Smallfrogs Studio, 2, 1, 0, 15]
[C:\WINDOWS\TEMP\elementgj.dll][N/A, ]
[C:\WINDOWS\TEMP\WowInitcode.dat][N/A, ]
[C:\WINDOWS\system32\cmdgknbe.dll][N/A, ]
[C:\WINDOWS\system32\ningdeid.dll][N/A, ]
[C:\WINDOWS\system32\plelfmlm.dll][N/A, ]
==================================
.TXTOK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXEOK. [&%1& %*]
.COMOK. [&%1& %*]
.PIFOK. [&%1& %*]
.REGOK. [regedit.exe &%1&]
.BATOK. [&%1& %*]
.SCROK. [&%1& /S]
.CHMOK. [&C:\WINDOWS\hh.exe& %1]
.HLPOK. [%SystemRoot%\System32\winhlp32.exe %1]
.INIOK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INFOK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBSOK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.JS OK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.LNKOK. [{0-}]
==================================
Winsock 提供者
==================================
Autorun.inf
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
特殊特权被允许: SeDebugPrivilege [PID = 1784, C:\WINDOWS\SYSTEM32\USERINIT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 608, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDKEYMONITORCCB.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 204, C:\PROGRAM FILES\D-TOOLS\DAEMON.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2180, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2180, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2632, C:\WINDOWS\TEMP\RAR$EX00.094\SRENGLDR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2632, C:\WINDOWS\TEMP\RAR$EX00.094\SRENGLDR.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3252, C:\WINDOWS\TEMP\SVCHOST.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2460, C:\WINDOWS\TEMP\SVCHOST.EXE]
==================================
==================================
==================================
==================================
UID: 105292
呵呵,怪不得开不了杀软了
有很多劫持项目。。。。。
先解决劫持项目吧~
方法很多。最简单的方法是直接把[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]项删除即可
或者用AUTORUS来解决,打开AUTORUNS,点击菜单栏的“选项”,选中选中“隐藏微软项目,然后点工具栏上的“刷新”按钮,再把“映像胁持”里所有项目删除即可。。。。。
然后再清理别的病毒。。。。。
1.建议使用XDelBox删除以下文件:()
使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择剪贴板导入不检查路径,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。
c:\windows\system32\ajbhhfcb.dll
c:\windows\system32\anymie360.dll
c:\windows\system32\choijnpg.dll
c:\windows\system32\cmdgknbe.dll
c:\windows\system32\cmoihiah.dll
c:\windows\system32\dkkjlcnk.dll
c:\windows\system32\dlemkhjl.dll
c:\windows\system32\ebofckaf.dll
c:\windows\system32\gagpjmck.dll
c:\windows\system32\igbfbncn.dll
c:\windows\system32\jmpelhic.dll
c:\windows\system32\jpdblkka.dll
c:\windows\system32\kdcbbjlo.dll
c:\windows\system32\miipocgb.dll
c:\windows\system32\mlepbfai.dll
c:\windows\system32\ningdeid.dll
c:\windows\system32\ohgechff.dll
c:\windows\system32\pinklije.dll
c:\windows\system32\plelfmlm.dll
c:\windows\temp\elementgj.dll
c:\windows\temp\wooolinit.dat
c:\windows\temp\wowinitcode.dat
c:\windows\temp\zpwgamerecord.dll
c:\windows\system32\sv1f.tmp.exe
c:\windows\system32\drivers\msiffei.sys
2.删除重启后使用SREng修复下面各项:
启动项目 -- 注册表之如下项删除:
[7270DE2D]&C:\WINDOWS\system32\ningdeid.dll&
[C6D047BE]&C:\WINDOWS\system32\cmdgknbe.dll&
[C1823790]&C:\WINDOWS\system32\choijnpg.dll&
启动项目 -- 服务 -- Win32服务应用程序之如下项禁用:
[ervice / ervice]&C:\WINDOWS\system32\sv1F.tmp.exe&
启动项目 -- 服务-- 驱动程序之如下项禁用:
[msiffei / msiffei]&System32\Drivers\msiffei.sys&
**************以上分析报告由SREngLog分析助手提供******************
分析:菜鸟又怎样
SREngLog分析助手 1.3 ( 更新 BY 草莽书生)
UID: 134205
中级会员, 积分 641, 距离下一级还需 359 积分
你重新装一下,看看是不是软件的故障
Powered by}
我要回帖
更多关于 微信是什么 的文章
- ·realtekhighdefinitionaudriver微信是什么么意思
- ·ssjoke 中文爱是什么么意思
- ·有懂的朋友给帮忙翻译下微信是什么么意思?》;。=;‘
- ·Y3w在电器上微信是什么么意思
- ·掩尽风流幸福是什么么意思?
- ·这段话微信是什么么意思
- ·教师职业应具备的教育专业基础知识微信是什么么意思
- ·74年9月23日是什么星座座
- ·什么李双江是什么军衔?
- ·FB50微信是什么么
- ·as long as微信是什么么意思?
- ·lonclusive微信是什么么意思
- ·村晚的大概意思微信是什么么,快啊!!!!!!!!!!!!急...
- ·62+56351数字油画是什么代表是什么意思???
- ·尚雅慧yy是什么么
- ·最好的教育理念微信是什么么 ?
- ·33娱乐微信是什么么啊?33娱乐想去看看!
- ·2微信是什么?
- ·~df30e.exe微信是什么么
- ·whelk 到底微信是什么么意思啊
- ·百度知道学院微信是什么么
- ·Goverment 在学术上微信是什么么专业?
- ·一个虫加个者字是什么意思字?
- ·1kkwh微信是什么么?
- ·祖国hold住是什么意思???????????
- ·学乐坊微信是什么么学校?老师怎么样,收费怎么收?我孩子也是...
- ·谷歌地球是什么在线是什么
- ·FALVSTCAyy是什么么
- ·邓志强英文微信是什么么
- ·make love微信是什么么意思
- ·bondai中文微信是什么么意思
- ·这微信是什么么人物?
- ·asdvfds微信是什么么意思
- ·口纸付 バノック付 微信是什么么意思。
- ·更开中学经常说自己微信是什么么?
- ·英语saegb微信是什么么意思
- ·牛的反意词微信是什么么?
- ·理亏微信是什么么意思?
- ·有人知道夏季最好的减肥药是什么的最快方法是什么吗
- ·yyeqq.vbs微信是什么么
- ·它是一家什么样的公司?好像微信是什么么化学反...
- ·温馨家微信是什么么?
- ·frogfree 微信是什么么
- ·人微信是什么么?
- ·黄金分割点微信是什么么?
- ·tzoner微信是什么么意思
- ·MS63微信是什么么铜?
- ·日本的医疗系薬学,生物系薬学到底爱情是什么么...
- ·规范发展微信是什么么意思
- ·briquetts to 微信是什么么意思
- ·请问这微信是什么么.
- ·什么微信是什么么!
- ·世界qq等级最高是什么的建筑是什么
- ·铁是什么颜色么
- ·2165416461651564今天是什么日子
- ·MBA微信是什么么意思?
- ·这是什么表情么
- ·请问一下米错微信是什么么呀?
- ·45655619这串数字的含义微信是什么么?
- ·这个微信是什么么哦SF6269A
- ·~~たらいいですかb2c是什么意思思呀
- ·水的中间三个“了”爱情是什么么字
- ·上皮细胞是什么么的单位?
- ·学习英语的最好方法微信是什么么
- ·国家科技奖申报条件微信是什么么
- ·后工程不良微信是什么么意思
- ·你用的爱是什么么
- ·Micd.Gs.ReAl 中文real是什么么意...
- ·“フラグがたつ”幸福是什么么意思
- ·写保护微信是什么么啊
- ·什么微信是什么么
- ·UPAI998微信是什么么?????????...
- ·ONSPEEDhold住是什么意思么
- ·rj8微信是什么么?
- ·化工设计大赛今年是什么年
- ·知道学院课程微信是什么么呀?有什么特色课程吗...
- ·1的英语微信是什么么
- ·这2个韩国字微信是什么么意思
- ·这个图上的产品微信是什么么产品,中文名称怎么...
- ·QQMYF微信是什么么意思?QQMYF是干什...
- ·人力资源管理师要是考试微信是什么么时间考试呢
- ·一个数字或一个字母的次数微信是什么么
- ·NDZ微信是什么么?
- ·8324微信是什么么?
- ·clohl3fen2nao8微信是什么么?
- ·pxzor?微信是什么么?
- ·中国教育学会高中教育专业委员会微信是什么么级...
- ·你考的微信是什么么专业啊
- ·施工现场五大伤害微信是什么么?
- ·机械的意义微信是什么么?
- ·.SayUloveMe,微信是什么么意思
- ·sbom微信是什么么意思啊?
- ·涌土微信是什么么
- ·【知道】的英文微信是什么么?
- ·So.romsantic微信是什么么意思?
- ·教学的意义微信是什么么
- ·飞蕠微信是什么么意思?
- ·qqvdevsoft微信是什么么
- ·面对威胁机会综合环境的营销策略微信是什么么?
- ·田字旁边一个半字微信是什么么字?微信是什么么意思?
- ·国家微信是什么么意思?
- ·什么微信是什么么
- ·ねぇ 微信是什么么意思呢?
- ·当今真实科技水平应该微信是什么么样
- ·RET微信是什么么
- ·wurprise 微信是什么么意思
- ·PPO微信是什么么意思
- ·请问开心学英语的官方网站爱是什么么
- ·58253微信是什么么意思
- ·せねせ微信是什么么
- ·btdic微信是什么么
- ·be meated for微信是什么么意思
- ·泽微信是什么么意思
- ·以前的中国的教育微信是什么么样的
- ·ICA微信是什么么机构,在国内考这个证有用吗...
- ·Whks解释成中文微信是什么么意思?
- ·dcsanr微信是什么么
- ·北京科技大学网站微信是什么么
- ·besdNET微信是什么么
- ·591741微信是什么么意思
- ·克隆微信是什么么
- ·teeger微信是什么么意思?
- ·郭子言微信是什么么意思?帮忙谢谢了!
- ·537898微信是什么么
- ·革命传统微信是什么么意思?
- ·sullouston 微信是什么么意思。
- ·哎微信是什么么
- ·骨有隙而刀无厚 微信是什么么意思?
- ·请问这段视频的背景音乐微信是什么么韩语歌曲
- ·41K25GN-A微信是什么么电机?
- ·日语这句话微信是什么么意思?
- ·请各位高手帮我翻译一下这个微信是什么么意思 ...
- ·离今天最近的微信是什么么日子?(很重要的哦!...
- ·直考通微信是什么么?
- ·数学中的1og微信是什么么意思
- ·专门微信是什么么的意思
- ·Proadlizer微信是什么么意思
- ·584520182微信是什么么意思
- ·“遍寻”微信是什么么意思?
- ·reafter微信是什么么意思
- ·あなたが退廃しているときは? 微信是什么么意...
- ·あなたが退廃しているときは? 微信是什么么意...
- ·这句韩语微信是什么么意思
- ·RWTUV英文微信是什么么意思
- ·五大能成精的动物微信是什么么
- ·通过学习,你能说说科学微信是什么么吗?
- ·shabist微信是什么么意思?
- ·37÷7第20位微信是什么么?200位呢?要...
- ·天然盐微信是什么么
- ·testkey微信是什么么意思?
- ·thril微信是什么么意思?
- ·TISH微信是什么么意思?
- ·TJBZX微信是什么么意思?
- ·tlt微信是什么么意思
- ·TIMG微信是什么么意思
- ·上下扣弯微信是什么么
- ·衡量认识观正确的标准微信是什么么?
- ·韩语的社会安全号码微信是什么么
- ·BUT项目微信是什么么意思?
- ·Aeahcra和Archaea微信是什么么意...
- ·GB/T14006微信是什么么?
- ·中国IT行业十大热门专业微信是什么么?
- ·请问Jeace微信是什么么意思啊?
- ·JQU 微信是什么么意思?
- ·刘成凯名字形容的含义微信是什么么
- ·UBC大学的申请条件微信是什么么?
- ·lit up 微信是什么么意思啊?
- ·foreve微信是什么么意思?
- ·建筑中什么是加强柱?加强柱的作用微信是什么么...
- ·oftern的英文意思微信是什么么
- ·往鬻金者之所的鬻微信是什么么意思
- ·video微信是什么么意思
- ·FOC微信是什么么?
- ·SEE YOU FPREVER微信是什么么意...
- ·Fxxk微信是什么么意思?
- ·GFFN微信是什么么意思?
- ·折三回八重微信是什么么意思?
- ·TCGS微信是什么么
- ·生命微信是什么么动小
- ·265154156455+wifi是什么么
- ·为了学习而学习微信是什么么意思
- ·holde微信是什么么意思啊
- ·我去交作业,老师说我考的不太好微信是什么么意...
- ·old yellers微信是什么么意思
- ·这些字在古时候微信是什么么意思?汤( );走...
- ·380 ACPs微信是什么么?
- ·下面3句话微信是什么么意思,谁帮我翻译一下!...
- ·建筑中的指示微信是什么么意思?
- ·作用微信是什么么??
- ·西方街头政治微信是什么么意思
- ·梦想之家网 微信是什么么类型的网站
- ·物理里面的运动状态微信是什么么?
- ·a=△V/△t,a=F/m微信是什么么意思?
- ·学习英语最简单的方法微信是什么么啊
- ·#微信是什么么意思?
- ·职称?微信是什么么?
- ·wlsw微信是什么么
- ·属于62压的人员,国家落实的微信是什么么政策...
- ·长话短说下句微信是什么么
- ·考研过程中,最应该注意的微信是什么么???
- ·湾哥微信是什么么意思
- ·我国工程项目建设基本程序微信是什么么
- ·从点到面 微信是什么么意思?请具体些 谢谢!
- ·高温胶塞的用途微信是什么么?
- ·QQsanguo1微信是什么么?
- ·科学 实验的要求微信是什么么?
- ·Markman微信是什么么意思?
- ·化能合成作用中产生的能量微信是什么么能量??
- ·交通强度微信是什么么意思
- ·请问这个微信是什么么意思
- ·B400*400*30*30 微信是什么么钢...
- ·favanite微信是什么么意思
- ·“どうして”微信是什么么东西来的???
- ·点解有D人点极都5明啊 微信是什么么意思
- ·SDFG微信是什么么意思
- ·225708700微信是什么么意思?
- ·日语中瓦塔西微信是什么么意思?
- ·勃立尔微信是什么么?
- ·微信是什么么
- ·^微信是什么么意思啊
- ·SHXC微信是什么么意思?
- ·1、2、2、4、16后面的数字微信是什么么
- ·lihongxiao 刷机是什么意思思
- ·暂口微信是什么么意思
- ·cjj微信是什么么行业标准?
- ·STEDHY微信是什么么意思?
- ·TEL M e e t微信是什么么意思
- ·toothpick 微信是什么么意思?
- ·Twritter微信是什么么?
- ·TWRD中文微信是什么么意思,谢谢了
- ·除了人之外,世界上最聪明的动物微信是什么么?
- ·vialogsv.exe微信是什么么?
- ·vinbe微信是什么么意思
- ·vgv微信是什么么?
- ·“UGUY”微信是什么么意思
- ·How many的中文意思微信是什么么
- ·请问TXNC微信是什么么意思?
- ·Tu56/YL10微信是什么么钢?有什么特点...
- ·心太黑微信是什么么意思?
- ·qo微信是什么么单位
- ·加棒微信是什么么意思
- ·人们说的72微信是什么么意思?
- ·qqktv微信是什么么?
- ·弹土平板法 微信是什么么 具体原理???谢谢...
- ·56980微信是什么么意思 ?
- ·Oriyen中文微信是什么么意思?
- ·zehhbu owata! 微信是什么么意思...
- ·pahe微信是什么么意思
- ·薄珠地 微信是什么么
- ·patiance微信是什么么意思
- ·“佴”微信是什么么意思?
- ·plstons微信是什么么意思啊?
- ·物理微信是什么么
- ·境德哲学的真正含义微信是什么么?
- ·pup微信是什么么意思?
- ·puks微信是什么么意思
- ·实践具有客观物质性微信是什么么意思
- ·网上能买到工业控制系统么?请介绍微信是什么么...
- ·看看这刀的型号微信是什么么
- ·mr.red微信是什么么意思,还有mr.pi...
- ·道士救虎的道理微信是什么么
- ·大家的英语微信是什么么
- ·g/H微信是什么么配合?
- ·啊微信是什么么
- ·@微信是什么么意思
- ·设x有两种方法,一种是间接设一种微信是什么么...
- ·ぜぢぺぷどよんれねき微信是什么么意思
- ·SeverusSnape 微信是什么么意思?
- ·=^=微信是什么么意思
- ·ROSDENTON翻译出微信是什么么意思啊?
- ·RDPT 微信是什么么意思?
- ·猪本主义 微信是什么么意思
- ·交流岛微信是什么么地方啊.好吗?
- ·TR143微信是什么么
- ·125.122.138.246微信是什么么地...
- ·(ぉなかがぃたぃ) 微信是什么么意思?
- ·jusmine微信是什么么意思
- ·ランズレー 微信是什么么意思?
- ·什么微信是什么么
- ·dreary微信是什么么意思?
- ·なのです微信是什么么意思?
- ·贝当主义微信是什么么意思
- ·1314349289602微信是什么么意思
- ·平差后角度值与理论值限差35”微信是什么么意...
- ·edl微信是什么么意思
- ·eliminate微信是什么么意思
- ·Habio Espanoi 微信是什么么意思
- ·you fenghe微信是什么么意思?
- ·flansden微信是什么么意思
- ·FCD55微信是什么么材料
- ·シェアドライブ微信是什么么意思? 原文是:“...
- ·FiIy微信是什么么意思
- ·点x=a微信是什么么意思?就单写x=a,默认...
- ·大哥!去符号微信是什么么啊?
- ·QQFS微信是什么么
- ·请问这微信是什么么电影?
- ·Googling me中文微信是什么么意思?
- ·fuckhead微信是什么么意思?
- ·铝毛微信是什么么?
- ·078.exe微信是什么么?
- ·最常见的东西微信是什么么,最最常见的东 西是...
- ·签培微信是什么么?
- ·自在的意思微信是什么么呢???
- ·电气SB1SB2微信是什么么意思
- ·CAN`TStand是甚麽意思?
- ·966364869854828424968624324364686翻译成一句话微信是什么么意思
- ·钢铁中16-25微信是什么么意思
- ·3D实验室微信是什么么
- ·悪も微信是什么么意思
- ·“T.S.LINES S/O”微信是什么么意思
- ·侯键微信是什么么意思
- ·nresents微信是什么么意思
- ·8 023微信是什么么意思?谢谢
- ·请问235917接下来应该微信是什么么数字
- ·英文字J。的含义微信是什么么?
- ·copycat微信是什么么意思?
- ·HACM技术微信是什么么
- ·区别两个学生的差异微信是什么么评价
- ·c1bs微信是什么么意思
- ·airwolk的基础微信是什么么‘?
- ·wlservl_3.exe这微信是什么么?
- ·BGE微信是什么么意思
- ·微信是什么么让人们改变了?
- ·449微信是什么么意思?
- ·祥字的英文微信是什么么
- ·鲜为人知微信是什么么意思?作业里要用。
- ·“你的梦想微信是什么么?”日语怎么说。尊敬的说法
- ·world微信是什么么意思
- ·请帮忙,如何教育孩子好好学习呢?教育孩子的方法微信是什么么呢?如何让孩子爱上学习呢?
- ·实验失败的失微信是什么么意思
- ·iputrap 微信是什么么意思
- ·Keego微信是什么么意思
- ·地球微信是什么么
- ·FCLKDIV微信是什么么意思
- ·SDRMSα微信是什么么意思啊
- ·qhuoyu mshuik ihuayu Husdand翻译中文微信是什么么意思?
- ·这个“囗”微信是什么么字?不是口哦!
- ·91520微信是什么么意思啊
- ·考研跟高考的区别微信是什么么
- ·わたしのはつこい じゃね!微信是什么么意思
- ·英语Nday 微信是什么么意思
- ·68581微信是什么么意思
- ·PQRG微信是什么么意思
- ·きょうはとくべつのにちだからな 微信是什么么意思?
- ·ハナガタ微信是什么么意思
- ·靑A-H0975微信是什么么含义
- ·HMT351R7BFR8C 微信是什么么意思?
- ·她的意思微信是什么么
- ·L/a微信是什么么意思
- ·这微信是什么么地方?
- ·DNFQTE微信是什么么意思
- ·家庭功能的变化微信是什么么引起的必然现象
- ·DReb微信是什么么意思?
- ·1151201403956 微信是什么么意思
- ·93496微信是什么么意思
- ·软件学院学的微信是什么么?
- ·56%的分数单位微信是什么么
- ·现在计算机二级考试用的编程软件微信是什么么?
- ·亲 微信是什么么意思
- ·以水为刀的原理微信是什么么?
- ·机电之家优势微信是什么么
- ·骄傲另一个意思微信是什么么?
- ·what微信是什么么
- ·职业技术学院微信是什么么
- ·这微信是什么么图片,在很多地方见过!
- ·计算机二级与三级的区别微信是什么么?
- ·爱国的定义微信是什么么
- ·请问知道学院的入学流程微信是什么么?
- ·“安寿康宁”微信是什么么意思?
- ·生产用的5种动物细胞类型微信是什么么
- ·请问,T细胞微信是什么么细胞分裂出来的?以及分裂的速度有多快?
- ·yy5669微信是什么么?
- ·XMAL微信是什么么
- ·刘喻微信是什么么?
- ·about 微信是什么么词,一般放在什么地方使用
- ·sun平台微信是什么么?
- ·形成地理环境非地带性差异的微信是什么么?
- ·圆熟之美微信是什么么意思?
- ·思如涌泉微信是什么么意思
- ·所有成就和财富的基础微信是什么么?
- ·CLARITEA微信是什么么
- ·为什么、、微信是什么么意思
- ·绝的意思微信是什么么
- ·ということは十分承知していますが?这句话微信是什么么意思
- ·摔门大笑去的下一句微信是什么么?
- ·SII001-31微信是什么么标准
- ·有人知道这段韩语微信是什么么意思么?
- ·教师利用学习结果反馈时应把握的原则微信是什么么?
- ·什么微信是什么么
- ·一个“女”字加“能”微信是什么么字?怎么读?什么意思?
- ·什么题目 题目微信是什么么
- ·go to the parkl 微信是什么么意思
- ·Lindamini微信是什么么意思
- ·B微信是什么么样孑的?处女又微信是什么么样的
- ·数字52121微信是什么么意思/
- ·sewices.exe微信是什么么?
- ·月+虫读什么 微信是什么么意思
- ·L19.5×W9.5×H4cm微信是什么么意思
- ·天空微信是什么么颜色的。
- ·DHDH微信是什么么意思?
- ·GSK980T与GSK980TD的区别微信是什么么呢?
- ·请问下图片中的韩语微信是什么么意思,谢谢了
- ·“无聊”最初微信是什么么意思?
- ·———————┼ ---微信是什么么意思?
- ·最in .至in 那in微信是什么么一意思??
- ·2微信是什么么意思?
- ·台铃电机ST ANTCV10081806651微信是什么么意思
- ·CBES微信是什么?
- ·电气中的PP102微信是什么么意思
- ·212549884微信是什么么
- ·reavr微信是什么么意思?
- ·能量交换微信是什么么
- ·对“您” 的理解微信是什么么??
- ·*这个符号微信是什么么意思?
- ·alsidj 微信是什么么意思
- ·5213131228微信是什么么意思啊
- ·去在线开cs户好吗?其他的信誉高的在线开cs户的网上平台地址微信是什么么?免费。A。片网址92huo。C。O。M
- ·佛字中弗字微信是什么么意思
- ·zusly微信是什么么
- ·生物方面现在考研的最好和热门专业微信是什么么,哪一方面好就业
- ·74844342654266微信是什么么意思?
- ·a gony微信是什么么意思?
- ·Fractionation微信是什么么意思
- ·身字旁边一个未字微信是什么么字?
- ·请大家帮忙“WBD、FBX、HSAZN。”微信是什么么意思?
- ·AFAR微信是什么么意思?
- ·考研的公共科参考教材微信是什么么
- ·曼字微信是什么么意思啊、、、
- ·メカニズム微信是什么么意思? 百度上的解释觉得对不上号啊,原文:大脳によるHE発生メカニズム解析の结果
- ·横目下面写个民微信是什么么字
- ·纳粟受荣微信是什么么意思
- ·Ruturn quietion微信是什么么意思?
- ·K.F.C微信是什么么意思!
- ·<急>最高正价是+7价,微信是什么么元素
- ·网友们帮我推荐下: 口气臭微信是什么么原因色,网址23yue。C。O。M。
- ·这微信是什么么?对自己有什么好的帮助
- ·JAKCY微信是什么么意思啊?
- ·iuxury微信是什么么意思
- ·达毛微信是什么么意思?
- ·C.C.water微信是什么么
- ·日语 ご名答 微信是什么么意思?详细些,谢谢
- ·IPC4552微信是什么么?
- ·ニライカナイ 中文意思微信是什么么
- ·这句话微信是什么么意思?请帮忙翻译并分析no more..than 微信是什么么意思
- ·y′|x=x0微信是什么么意思。急啊!!!!!!!!
- ·kalvmba微信是什么么意思
- ·快乐的含义微信是什么么?
- ·ZG15微信是什么么意思
- ·紧紧地微信是什么么意思
- ·“勿漏为要”中的“为”微信是什么么意思
- ·40080000000微信是什么么
- ·at times 与 some times 区别微信是什么么?
- ·防火涂料 1.5h/7微信是什么么意思
- ·HisTrap微信是什么么
- ·AAAIP微信是什么么?
- ·学历,学位,研究学位微信是什么么,区别
- ·HY50U281622微信是什么么作用?
- ·那个QQcc微信是什么么意思?
- ·Olen lkuisesti rakkaus Qier这微信是什么么意思呢
- ·qc5qc我的模拟培训微信是什么么时间
- ·PV1000微信是什么么设备或仪器?
- ·you abandonmet of me 微信是什么么意思?
- ·这微信是什么么绿 ?
- ·hoysewock微信是什么么意思
- ·※微信是什么么意思
- ·y7yyiuiiuyy微信是什么么
- ·英语xuabing微信是什么么意思
- ·Wab信息微信是什么么?
- ·Bé微信是什么么意思?是个单位吗?
- ·1024在数学里微信是什么么意思
- ·SnakePit微信是什么么意思?
- ·地壅微信是什么么意思
- ·Iessyou微信是什么么意思?
- ·ttcu58微信是什么么网站
- ·propritetary 微信是什么么意思
- ·这个空间的背景音乐微信是什么么? 谢谢啦着急~ http://user.qzone.qq.com/704653698?ptlang=2052#!app=305
- ·sddsupdservice v1.8.0.1 微信是什么么?
- ·温而淑贤微信是什么么意思
- ·!www.vielady.!com/?fromuser!=!188069748!这微信是什么么网站呀!很好奇=、=
- ·请问“what”这个英文微信是什么么意思??
- ·罗正欢QQ微信是什么么
- ·vng1002ia微信是什么么显卡
- ·interatomic protential微信是什么么意思
- ·数学听评课的基本要素微信是什么么?
- ·键盘插在电脑上显示无法识别的USB设备微信是什么么问题啊灯也不亮
- ·Fari.exe微信是什么么程序
- ·myidkey 微信是什么么意思
- ·囱菜微信是什么么
- ·您能帮我看看这个密码微信是什么么吗
- ·高度优化微信是什么么意思
- ·squander微信是什么么意思
- ·在线号码统计器的网址微信是什么么?
- ·HEA300微信是什么么型号
- ·我的E故事微信是什么么意思
- ·qq一个大漏洞微信是什么么
- ·止梦于木微信是什么么意思
- ·病毒微信是什么么?
- ·Dongsi微信是什么么
- ·含和吐明庭微信是什么么意思
- ·现在最新xx53xx地址微信是什么么?
- ·粉仪微信是什么么意思
- ·“若非群玉山头见”下一句微信是什么么?
- ·这微信是什么么代码1349182730 帮我解决
- ·“程序执行流”微信是什么么意思?
- ·理想必须要人们去实现它。这就不但需要决心和勇敢,而且需要知识。 这句话微信是什么么意
- ·我与老公性爱后怎么老是觉得痛微信是什么么问题
- ·他微信是什么么意思
- ·方向微信是什么么?
- ·电脑视频头微信是什么么类型的接口
- ·18jjj,更新的网址微信是什么么
- ·这微信是什么么植物?
- ·“酷意”微信是什么么意思?
- ·生产中Upp微信是什么么意思
- ·无法实例化 Obj1.class微信是什么么错误
- ·“有朝一日权在手”后面一句微信是什么么?
- ·C# using的作用 除了引用还有一个微信是什么么?
- ·请问一下专业人士,1065502152065022321微信是什么么号码?
- ·nba会员编号微信是什么么
- ·CDL32-80-2微信是什么么
- ·粉库网微信是什么么
- ·学生のみなさん微信是什么么意思阿
- ·百度微信是什么么?
- ·足球推荐评论中所说的“无让球,推3”微信是什么么意思?
- ·炒黄金技巧微信是什么么?
- ·y=sin20t+sin30t的周期微信是什么么
- ·opa552pa芯片的输出参数微信是什么么?
- ·我的QQ有人说话,来信息都没有声音,包括百度里面的视频都没有声音,到底微信是什么么原因呢?
- ·这个exe视频加密用的微信是什么么软件?
- ·这个微信是什么么字体,谢谢各位了!
- ·公路坡度或边坡坡度1:2微信是什么么意思 微信是什么么和什么的比?
- ·D941H-10C的H微信是什么么意思
- ·亦阄魃鹨微信是什么么意思
- ·本地模拟输出微信是什么么意思
- ·足球之夜以前放那个有点搞笑的那个微信是什么么足球
- ·1032454101的邮箱微信是什么么?
- ·344797999微信是什么么意思?
- ·缘根重微信是什么么意思
- ·的网址的含义微信是什么么?
- ·黄金T+D的交易规则微信是什么么
- ·延脑CTZ微信是什么么意思
- ·这个英语微信是什么么意思啊?I rearly don't know what should l do?
- ·ADU-GYAMFI微信是什么么意思
- ·たんこくか微信是什么么意思啊
- ·10657558023718微信是什么么号码
- ·心神不安中的“安”微信是什么么意思
- ·烧的凶香微信是什么么意思
- ·QQ空间装扮的一个开场动画:亲亲,配的微信是什么么音乐?
- ·おやすみね。。。いい梦を见るように微信是什么么意思?谢谢各位老师!
- ·rujiao微信是什么么?
- ·近几十年来最伟大发明微信是什么么
- ·在插入中“重置”的id微信是什么么?标签又是指什么?
- ·solvement 微信是什么么意思
- ·移动公司的娱乐体育包微信是什么么东西?怎么收费,有些什么服务?
- ·TL074微信是什么么
- ·21179微信是什么么意思
- ·高级护理微信是什么么?有木有交流的好论坛?
- ·电脑点击刷新有慢是哪个地方不正常。微信是什么么病毒。谢谢
- ·CATU DAYA微信是什么么意思
- ·ascan数据微信是什么么意思呢
- ·WORD文件正规格式微信是什么么?
- ·文长征指的微信是什么么?
- ·外链吧微信是什么么,
- ·这句日语微信是什么么意思???????????????????
- ·t0.04 微信是什么么意思
- ·求助:利用粉煤灰生产高铝耐火砖的生产工艺和原材料的要求 微信是什么么?
- ·医院窗口服务宗旨九点微信是什么么?
- ·Rigidfix和intrafix分别微信是什么么意思?
- ·IPCommerce 微信是什么么
- ·微信是什么么邮箱
- ·形只影单的意思微信是什么么
- ·这微信是什么么?
- ·新文学校小19班的电脑运行微信是什么么
- ·Winpalace这个网站平台微信是什么么系统的啊?游戏种类多不多啊?
- ·WXLNS微信是什么么意思
- ·aaaaaaa微信是什么么意思?
- ·仙微信是什么么意思
- ·Winpalace这个网站平台微信是什么么系统的啊?游戏种类多不多啊?
- ·黹这微信是什么么字
- ·EBidder微信是什么么
- ·最经典的个性说明微信是什么么?
- ·百度搜集的文章倒底微信是什么么格式的
- ·style5微信是什么么
- ·请问这种图标的文件微信是什么么文件?
- ·这微信是什么么字体···急~在线等
- ·word打不开微信是什么么原因?
- ·谁能简单的帮我翻译下,编辑微信是什么么意思,我是否能继续投这个杂志啊??
- ·anamorph of Filobasidiella neoformans in Tremellales微信是什么么意思?
- ·用php写一个论坛,重点微信是什么么?还有具体的功能,谢谢
- ·专门查英语的网页微信是什么么,
- ·how are the sponges used微信是什么么意思
- ·什么微信是什么么意思
- ·我的问题微信是什么么
- ·力资源的管理水平我们经常会用roi工具,它微信是什么么
- ·人力资源和社会保障局微信是什么么?
- ·以下微信是什么么字?怎么拼?第几声?
- ·食品安全问题原因微信是什么么?
- ·MPM3003微信是什么么
- ·教育文化学的意思微信是什么么?
- ·两个70%的启示微信是什么么
- ·小评论网站微信是什么么类型的网站?
- ·在脾俞穴右下角写个数字微信是什么么意识
- ·考研英语的重点微信是什么么
- ·读书不肯为人忙微信是什么么意思
- ·Multiepitope微信是什么么意思
- ·p微信是什么么样的
- ·投资某一家足球俱乐部,花那么多钱,回报微信是什么么?靠的微信是什么么赚回本?
- ·QQ群中不能上传和下载共享文件微信是什么么原因?
- ·结构布置的基本原理和要求微信是什么么
- ·“蝵音”微信是什么么意思
- ·这微信是什么么字体
- ·微信是什么么原因
- ·PATIERT微信是什么么意思
- ·GB50497-2008微信是什么么规范
- ·这个微信是什么么网站
- ·-05-20/093561753721.html,这个视频的背景音乐名字微信是什么么?
- ·2.61248E-0微信是什么么意思
- ·NBA微信是什么么速度来回答啦??
- ·目录费微信是什么么
- ·sfr16 rcap2=0xca微信是什么么意思
- ·音乐中能独立存在,能表达完整意思的最小单位微信是什么么?
- ·手机怎么上百度网,网站微信是什么么?
- ·mease微信是什么么意思
- ·Buiz 微信是什么么意思
- ·金牌考核微信是什么么
- ·请问打不开网页微信是什么么原因引起的,怎样才能解决?
- ·井字梁微信是什么么样的梁呢
- ·乐恋网站地址微信是什么么啊
- ·这微信是什么么字体?
- ·M56544AL微信是什么么
- ·空诺微信是什么么意思
- ·魔鬼金山角到底微信是什么么回事?
- ·Qq名片微信是什么么?为什么不怎么联系的人还有拉黑的人会出现在名片最近访...
- ·ㄘㄜㄈㄚㄝㄨㄎㄌㄋ 微信是什么么意思,求解释
- ·锰结核微信是什么么
- ·哲学的基本问题及意义微信是什么么
- ·H.V.FUSE微信是什么么
- ·谁帮我看看这个东西微信是什么么? 在我空间里
- ·在作立体几何时有时碰到一点到平面距离.微信是什么么意思?这距离如何算?
- ·苹果4sgps定位时候的图标微信是什么么样子的?我怎么看不到?
- ·hydeance微信是什么么意思
- ·stioi微信是什么么
- ·getPredefined 微信是什么么意思
- ·百度知道微信是什么么?
- ·帮我看看这微信是什么么桌面软件 相关信息..谢谢
- ·mtxse.exe幸福是什么么
- ·400K101KPa微信是什么么环境
- ·你今日出黎我度吗,微信是什么么意思
- ·微信是什么么网站
- ·9600128微信是什么么号码
- ·Geomorphologie N.F. 微信是什么么杂志
- ·因为我们可以一起学习和玩 英文微信是什么么
- ·越拍越高微信是什么么时间播放
- ·请问这微信是什么么东西
- ·人与动物最本质的区别微信是什么么?
- ·rcolorlight 微信是什么么意思
- ·1.4313微信是什么么钢
- ·电脑高手的桌面微信是什么么样??
- ·plc菜鸟有疑问:如下图,帮我解释一下+4微信是什么么意思。我只知道数据类型是位,详细解答一下,应该挺简单的,
- ·sxa处女微信是什么么意思?
- ·这个系列微信是什么么系列?
- ·瘦肚子最快的方法微信是什么么?
- ·戚慕晚微信是什么么意思
- ·黎观微的英语微信是什么么
- ·21世纪的海洋微信是什么么样子?人类在开发.利用.和保护海洋方面作出哪些努力
- ·wicne6.0微信是什么么?
- ·142506387微信是什么么意思
- ·kgmol/h微信是什么么单位
- ·AdConfig微信是什么么意思
- ·数字90331微信是什么么意思
- ·PHP微信是什么么意思
- ·Yourm微信是什么么意思?
- ·足球的基本规则微信是什么么啊?
- ·YELOOW微信是什么么意思
- ·sunfight 微信是什么么意思?
- ·Eglishyy是什么意思思
- ·gm.th微信是什么么程序
- ·新浪网教育频道的网址微信是什么么
- ·为什么现在我的手机在进入百度看新闻显示格式错误,这微信是什么么原因啊
- ·K微信是什么么东西!
- ·4263624 92432163 33216241微信是什么么意思
- ·c++直接出现{}微信是什么么意思
- ·所谓的没有约束微信是什么么意思
- ·什么叫做差分法?差分法的具体步骤微信是什么么
- ·㍍微信是什么么字?
- ·电脑中cardslots微信是什么么
- ·HOMEGATE微信是什么么系统
- ·C-LVAN微信是什么么意思C-LVAN
- ·kisssocks微信是什么么意思
- ·武三又微信是什么么意思 是地方么?
- ·民在我心民为我本微信是什么么意思?
- ·这个微信是什么么比赛的啊
- ·exceptionally是“例外的”,那“期望的”微信是什么么?
- ·请问这微信是什么么东西,健身的。。。
- ·中国铁路中的照查微信是什么么意思
- ·金银错这个工艺 错微信是什么么意思
- ·socialite微信是什么么意思
- ·杀手:实战篮球进球集锦!这娃中投好神 的背景音乐微信是什么么?
- ·我想找一首好像是韩语的的歌,是女的唱的,不太清楚里面唱的微信是什么么,有一句什么bonoy……xuikexuikenoy
- ·GDLZS12-6ZY微信是什么么东西?
- ·S.S316微信是什么么材料?
- ·在建筑中,上反高度微信是什么么解释!
- ·这微信是什么么动物啊
- ·齤嵞微信是什么么意思
- ·我家这个微信是什么么意思
- ·alwidt微信是什么么意思
- ·你好!请问你QQ微信是什么么?可以请教一些问题吗?
- ·motem微信是什么么啊。。
- ·qq登陆代码微信是什么么?
- ·首页不在第一微信是什么么原因,有什么办法解决?
- ·BOSSrefs微信是什么么东西
- ·姚大学学的专业微信是什么么
- ·我超扣开通代码发出、 没有回复微信是什么么原因?
- ·日语 尖勾 微信是什么么意思
- ·我的手机基型微信是什么么
- ·你们知道“WZNM,微信是什么么意思不。”
- ·内存不能为“read”微信是什么么原因造成的?
- ·ザッざ 是一个名字,微信是什么么意思?
- ·请问华式功夫汤微信是什么么呀?好用不?
- ·内存不能为read微信是什么么回事
- ·请问远程教育报名条件微信是什么么?
- ·1341673268642 这微信是什么么意思?
- ·It Ain’t the End微信是什么么风格的
- ·线上足球 开|户微信是什么么东西呢?足 球 开 户
- ·这双鞋微信是什么么?有知道的吗?
- ·64000PPM/4hr微信是什么么意思
- ·EUNOR微信是什么么意思
- ·.lwp微信是什么么格式的文件?
- · 微信是什么么作用啊?和domain的区别微信是什么么呢?
- ·5218341微信是什么么意思
- ·广东体育直播微信是什么么?
- ·这微信是什么么字体呢
- ·陆振斌命令微信是什么么
- ·蓝色框的标志微信是什么么啊。好酷。谢
- ·◆◇∝爱莪者昌ㄟ微信是什么么意思啊
- ·C#中声明一个命名空间的关键字微信是什么么?
- ·BT在网络上微信是什么么意思?
- ·这微信是什么么学院啊 哈哈 是要招生吗
- ·b110194410027微信是什么么意思
- ·艸蛋微信是什么么意思
- ·做设计最重要的微信是什么么??
- ·马和翔微信是什么么意思?
- ·欧特玛微信是什么么?
- ·H&R战术微信是什么么?
- ·url微信是什么么
- ·篮球比分微信是什么么?
- ·ISL6566芯片中37脚 ENll 微信是什么么?它来自哪?
- ·stuccess微信是什么么意思
- ·神羽的英文微信是什么么`````
- ·我公司有个 cfgnetmeeting.exe ,这大便出血是什么原因软件啊?
- ·zhq微信是什么么意思
- ·掉发微信是什么么原因我好担心啊!
- ·alidit微信是什么么
- ·ZTBZA31YB微信是什么么代号?
- ·(benzhuwohenni)这几个英文微信是什么么意思呀
- ·zbd 文件微信是什么么意思还有zrce ,zrc 都微信是什么么文件啊。什么意思啊?
- ·b5c799b541bca8279f7d4f485ff8掉头发是什么原因
- ·sfd1250518001483微信是什么么
- ·这微信是什么么,别答,100分?
- ·p2pnet微信是什么么文件
- ·我在微信是什么里搜索了一个叫做秒词邦的微信是什么小程序,这个和百词斩有区别吗?
- ·吃什么比较好,不长期服用,加个微信是什么
更多推荐
- ·下面这种照片在哪个app里面可以自动生成图片的软件?这是我之前自拍的一张,想不起来在哪个app弄的了
- ·关于病人陪护怎么找这类的网站,请问目前有那些?
- ·IPTDS中国潜水协会证书查询证公众号可以查询么?
- ·杜蕾斯的中国最大的安全套生产企业代工厂有哪些?
- ·火车票手机上买不到火车站能买到么怎么买彩票?-百度知道
- ·2012年张家口2012中考二模考514.5的一个孩子能上大连渤海高中么?这个孩子二模考531
- ·请问中西医好还是西医好结合能考西医的研究生吗?可以的话又有哪些学校收呢?
- ·准备sat考试时间表试
- ·财付通找回密码怎么找回密码★★
- ·cao zm caidota ne ngg
- ·生成出来的swf文件为1364x768,但是在显示中有regular italic bold三个字的网名大全出现在swf文件中,请问如何去掉?
- ·QQ上没有这个了,本来是QQ空间,腾讯微博怎么看qq的,怎么调啊??
- ·2500K+Z68+映众gtx560ti冰龙版+1T的硬盘 这些配选多大功率的电源比较合适?
- ·刚买的华硕笔记本无线设置信号弱
- ·电脑开机滚动条进程100%,开机也很慢win滚动条要走好半天,进到系统里面反应很慢好事慢动作
- ·求移动充值卡号"为了幸福而改变"mp3,邮箱.cn
- ·这lakeport i945plL主板能支持Core2Duo吗?
- ·连接不到如何设置共享文件夹夹怎么破?输入密码按确定没反应??、
- ·大学准备学习软件工程,求推荐一款游戏笔记本笔记本电脑
- ·点用户名了 没有找到搜藏网记录啊
- ·我公司有个 cfgnetmeeting.exe ,这大便出血是什么原因软件啊?
- ·EXCEL的地方excel 取消所有隐藏权利
- ·电脑解压后的文件windows找不到文件 怎么回事? 急急急急!!!!
- ·电脑更换显卡后,玩大型游戏的过程中突然假死突然腰疼是怎么回事事?
- ·投递简历投递总是不成功,显示failure notice
- ·我下载最新版本的熊猫桌面 然后用了最新功能 结果小米死机重启了 什么都用不了 重启也不行 连接itunes上边也没显示
- ·EXCEL里的内容全部偏右是右偏头疼怎么回事事
- ·谁能给我详细的解释下下面的审监程序解释(11行往后的)
- ·yy为什么登不上去有时登不上去?
- ·a1考勤管理系统下载标准版如何连接到打卡机
- ·中控ZKTime6.0中控考勤机软件下载需要输入登陆号码和口令?
- ·中控指纹考勤机官网哪个品牌的比较好?
- ·科密a1考勤管理系统统标准版怎么连接到打卡机
- ·温感记忆棉的枕头枕头十大品牌 温感记忆棉的枕头枕头十大品牌
- ·求助,ZKsoftware中控X628中控考勤机x628软件
- ·车自平衡两轮车滑点在那
