【讨论】【求助】关于疑似病毒文件
机子为日文版2000pro.某日开机突然发现在winnt和programfiles下多了几个文件夹,文件夹内只有一两个文件.用当日瑞星查杀,报告无毒.想向各位大虾请教:如果这是无毒文件,它们从哪来的?为何那么像系统文件?如果有毒,我要如何清除?
附上注册表相关键值:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="mobsync.exe /logon"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINNT\\System32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINNT\\System32\\NvMcTray.dll,NvTaskbarInit"
"RavTask"="\"C:\\Program Files\\Rising\\Rav\\RavTask.exe\" -system"
"ms"="C:\\Program Files\\Microsoft\\svhost32.exe"
"xy"="C:\\WINNT\\Download\\svhost32.exe"
"Tray"="C:\\WINNT\\command\\rundll32.exe"
"rzt"="C:\\WINNT\\Intel\\rundll32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
L�ÖRì1u*¨
bbs.ikaka.comO%7}%#Ôü
