高手们....来看看呀..!!((报告已贴上,版主来看看!!))

显示全部楼层 · 发表于 2007-10-9 19:13:20

昨天晚上...我插入了一个U盘...不料U盘中有毒...系统自动修改时间...卡巴被干掉了...弹出几个窗口后...几秒钟后电脑也死了(不能动)...郁闷呀...真没想到卡巴也有如此致命的弱点...心想还好我有GHOST备份...GHOST还原C盘后发现一个问题..
如下:
   当打开我的电脑,如在本地磁盘C按左键什么事也没有,但是按右键时就会:首先没有出现显示...等几十秒后自动把我的电脑窗口关闭了...
                                    补充...有提示出现drwtsn32.exe和explorer.exe错误对话框!!

这是什么回事?其他本地磁盘(D\E\F)也是这样,但是双键进入了本地磁盘如C,选择文件\文件夹按右键能正常显示出来,同样操作其他本地磁盘(D\E\F)都没有问题....
   郁闷呀...我的备份是一个正常系统...怎么还原出来的是有问题的呢...以前系统出问题也是那样操作还原...为何这次就出现这样的问题...
请问我中了什么毒呀...怎样解决本地磁盘(C\D\E\F)右键不能显示自动关闭的问题....为何GHOST还原C盘还有这种情况??

[ 本帖最后由 on_the_way 于 2007-10-10 20:30 编辑 ]

显示全部楼层 · 发表于 2007-10-9 19:16:53

用置顶工具帖里的usbcleaner查杀下看看!
还有问题用SREng扫个报告贴上来

显示全部楼层 · 发表于 2007-10-9 19:26:02

用usb专杀杀一次

显示全部楼层 · 发表于 2007-10-9 19:43:04

去找U盘专杀吧.卡巴唯一缺点就是自我保护能力弱点

显示全部楼层 · 发表于 2007-10-9 19:59:37

usbcleaner查杀没有毒....SREng的扫描: 我是菜鸟不知道怎样修复...帮帮忙!!谢谢!!

2007-10-09,19:52:03
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
[(Verified)Microsoft Windows Publisher]
[]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
[(Verified)Microsoft Windows Publisher]
[(Verified)Microsoft Windows Publisher]
<"D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"> [Kaspersky Lab]
[(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[(Verified)Microsoft Windows Publisher]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
[Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
[(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[Microsoft Corporation]
==================================
启动文件夹
N/A
==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe">
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
[ATI Smart / ATI Smart][Stopped/Auto Start]
<>
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe">
[卡巴斯基反病毒6.0 / AVP][Running/Auto Start]
<"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r>
[Windows Presentation Foundation Font Cache 3.0.0.0 / FontCache3.0.0.0][Stopped/Manual Start]
[Human Interface Device Access / HidServ][Stopped/Disabled]
%SystemRoot%\System32\hidserv.dll>
[Windows CardSpace / idsvc][Stopped/Manual Start]
<"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe">
[NBService / NBService][Stopped/Manual Start]
[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]
<"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe">
[NMIndexingService / NMIndexingService][Stopped/Manual Start]
<"C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe">
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
[StarWind iSCSI Service / StarWindService][Stopped/Auto Start]
[StyleXPService / StyleXPService][Stopped/Auto Start]
<"C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe"><>
==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
[ati2mtag / ati2mtag][Running/Manual Start]
[BaseTDI / BaseTDI][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\basetdi.sys>
[10Moons TV Baby, WDM Video Captures / Cap7134][Running/Manual Start]
[Intel(R) PRO Adapter Driver / E100B][Running/Manual Start]
[HookUrl / HookUrl][Running/Auto Start]
<\??\D:\Program Files\Rising\Rfw\HookUrl.sys>
[kl1 / kl1][Running/Boot Start]
<\SystemRoot\system32\drivers\kl1.sys>
[klif / klif][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys>
[mProcRs / mProcRs][Running/Auto Start]
<\??\d:\program files\rising\rfw\mProcRs.sys>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
<\SystemRoot\system32\drivers\RsBoot.sys>
[RsFwDrv / RsFwDrv][Running/Auto Start]
<\??\D:\Program Files\Rising\Rfw\RsFwDrv.sys>
[Secdrv / Secdrv][Stopped/Manual Start]
[Intel (R) System Management BIOS Service / SMBios][Running/Manual Start]
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys>
[StyleXPHelper / StyleXPHelper][Running/System Start]
<\??\C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
==================================
浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233}
[Thunder Browser Helper]
{06849E9E-C8D7-4D59-B87D-784B7D6BE0B3}
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
[Web反病毒保护]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}
[金山快译(&K)]
{6C3797D2-3FEF-4cd4-B654-D3AE55B4128C}
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C}
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000}
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233}
[Thunder Browser Helper]
{06849E9E-C8D7-4D59-B87D-784B7D6BE0B3}
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700}
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C}
[金山快译(&K)]
{6C3797D2-3FEF-4CD4-B654-D3AE55B4128C}
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000}
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}
[使用迅雷下载]
[使用迅雷下载全部链接]
[导出到 Microsoft Office Excel(&X)]
[添加到QQ表情]
==================================
正在运行的进程
[PID: 696 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 780 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 804 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4107]
[C:\WINDOWS\system32\klogon.dll] [Kaspersky Lab, 6.0.0.299]
[PID: 848 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 860 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1028 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4107]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2495]
[PID: 1052 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1136 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1244 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1408 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1480 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1524 / SYSTEM][d:\program files\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 35]
[d:\program files\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
[d:\program files\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
[d:\program files\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
[d:\program files\rising\rfw\psapi.dll] [Microsoft Corporation, 4.00]
[d:\program files\rising\rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[d:\program files\rising\rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
[d:\program files\rising\rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1660 / Administrator][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4107]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2495]
[PID: 1864 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll] [Microsoft Corporation, 6.0.5824.16384 (winmain(wmbla).060911-0725)]
[PID: 2016 / Administrator][d:\program files\rising\rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72]
[d:\program files\rising\rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[d:\program files\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[d:\program files\rising\rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[d:\program files\rising\rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[d:\program files\rising\rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 1604 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1432 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 192 / Administrator][D:\Program Files\Tencent\TT\TTraveler.exe] [Tencent, 3, 8, 308, 201]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 16.2.54.0]
[D:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll] [腾讯公司, 1, 1, 0, 5]
[D:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll] [, 1, 0, 0, 3]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll] [Kaspersky Lab, 1.0.6.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll] [Kaspersky Lab, 6.0.0.299]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl] [Kaspersky Lab, 6.0.0.304]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl] [Kaspersky Lab, 6.0.0.299]
[D:\Program Files\Tencent\TT\TTNetFavor.dll] [N/A, ]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl] [Kaspersky Lab, 6.0.0.299]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl] [Kaspersky Lab, 6.0.0.299]
[C:\WINDOWS\system32\JPWB.IME] [常诚研制, 4.00.950]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll] [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc., 2, 0, 0, 1]
[C:\WINDOWS\system32\dllMergeDict.dll] [N/A, ]
[c:\Program Files\SogouInput\Plugin\SgImeWord.dll] [, 1, 0, 0, 31]
[PID: 2000 / Administrator][J:\下载\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[J:\下载\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[J:\下载\sreng2\Plugins\NTFSTREAM.SRE] [Smallfrogs Studio, 1, 0, 0, 5]
[PID: 2704 / Administrator][C:\WINDOWS\system32\drwtsn32.exe] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[PID: 1808 / Administrator][C:\WINDOWS\explorer.exe] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 16.2.54.0]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 192, D:\PROGRAM FILES\TENCENT\TT\TTRAVELER.EXE]
==================================
API HOOK
RVA 错误： LoadLibraryA (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA 错误： LoadLibraryExA (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA 错误： LoadLibraryExW (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA 错误： LoadLibraryW (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA 错误： GetProcAddress (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
==================================
隐藏进程
N/A
==================================

复制代码

显示全部楼层 · 发表于 2007-10-11 08:52:09

啊................

,没有人知道吗?

显示全部楼层 · 发表于 2007-10-11 10:09:43

用KIS7.0.125吧，下载个USBKILLER做全盘扫描，效果比USBCLEANER好。

显示全部楼层 · 发表于 2007-10-11 15:18:00

简单说怎样处理由病毒引起的本地磁盘(C\D\E\F)右键不能显示自动关闭窗口的问题