瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 被http://www.xbdym.com/?duote2上身了
白练123 - 2012-6-16 20:05:00
http://www.xbdym.com/?duote2上身了
电脑菜鸟,恳求解救!扫描日记如下:
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <iDuba Personal FireWall><>  [N/A]
    <eMuleAutoStart><; E:\骡子下载\eMule\eMule.exe -AutoStart>  [N/A]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Kavrun><>  [N/A]
    <iDuba Personal FireWall><>  [N/A]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <OfficeScanNT Monitor><"C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow>  [Trend Micro Inc.]
    <ATIPTA><; C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <BIE><; Rundll32 C:\WINDOWS\DOWNLO~1\BDPlugin.dll,Rundll32>  [N/A]
    <helper.dll><; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  [N/A]
    <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <KBD><; C:\HP\KBD\KBD.EXE>  [Hewlett-Packard Company]
    <LoadService><; C:\WINDOWS\system32\LoadService.exe>  [N/A]
    <MINI_BFYY><; C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe>  [N/A]
    <RemoteControl><; "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe">  [Cyberlink Corp.]
    <Sunkist2k><; C:\Program Files\Multimedia Card Reader\shwicon2k.exe>  [Alcor Micro, Corp.]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <yassistse><; "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [N/A]
    <YLive.exe><; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [N/A]
    <zcom><; C:\Program Files\zcom\zPlatform.exe MIN>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><; C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
networkedition - 2012-6-18 9:25:00
将sreng日志压缩发来,以附件形式。
可参考此帖:
关于如何截图和以附件形式发图到论坛:http://bbs.ikaka.com/showtopic-8616820.aspx
1
查看完整版本: 被http://www.xbdym.com/?duote2上身了