近10月份,病毒比较多,特别是不好的网站,我昨天下个图中了,今天又中招了,哈哈
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <KavPFW><"D:\aa\KPFW32.EXE">  [Kingsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <wow><C:\WINDOWS\System32\Launcher.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <EM_EXEC><D:\新建文~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE>  [Logitech Inc.                    ]
    <Thunder><"D:\weeew\Thunder.exe" /s>  [Thunder Networking Technologies,LTD]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <KavStart><"D:\aa\KAVStart.exe" -startup>  [Kingsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\System32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

自己先顶一下,可别被自己打沉了