收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 杀不死地木马
12下一页
返回列表 发新帖
查看: 3769|回复: 15
收起左侧

杀不死地木马

[复制链接]
zch100
发表于 2007-5-27 01:00:16 | 显示全部楼层 |阅读模式
[localimg=700,525]1[/localimg]附件是我的电脑每次开机都被卡巴扫描出来的病毒,但卡巴不能彻底删除它们。求助于大侠们!
回复

举报

csscz.love
发表于 2007-5-27 01:07:31 | 显示全部楼层
附件还是没看到...可能附件大了..分卷传吧
回复

举报

zch100
 楼主| 发表于 2007-5-27 01:09:26 | 显示全部楼层

木马

[localimg=700,525]1[/localimg]
回复

举报

zch100
 楼主| 发表于 2007-5-27 01:24:40 | 显示全部楼层

求助删除木马

刚才文件太大了,发不上来,现在重发,请各位大侠们帮我看看

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

aoyang
头像被屏蔽
发表于 2007-5-27 01:37:15 | 显示全部楼层
我的老大啊,你传这个上来有什么用?

下载执行System Repair Engineer (SREng)

按「智能扫描」,再按「扫描
最后,按「保存报告」,保存到桌面
SREngLOG.log 中内容完整的复制粘贴上来,不要做任何修改。
如出现无法运行,请重命名或修改扩展名,如abc.exe/abc.com/abc.bat/abc.scr等

明天你再来看别人的分析报告,闪了,好运。
回复

举报

zch100
 楼主| 发表于 2007-5-27 02:07:50 | 显示全部楼层

老大你真厉害,还有这样的好东东。下面是我粘上去的扫描报告



  3. 2007-05-27,02:00:46

  5. System Repair Engineer 2.4.12.806
  6. Smallfrogs ([url]http://www.KZTechs.com[/url])

  8. Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

  10. 以下内容被选中:
  11.     所有的启动项目(包括注册表、启动文件夹、服务等)
  12.     浏览器加载项
  13.     正在运行的进程(包括进程模块信息)
  14.     文件关联
  15.     Winsock 提供者
  16.     Autorun.inf
  17.     HOSTS 文件


  20. 启动项目
  21. 注册表
  22. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  23.     <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
  24.     <bxwmfmydx01c8d><C:\DOCUME~1\aaa\LOCALS~1\Temp\1explore.exe>  [N/A]
  25.     <wf5><C:\DOCUME~1\aaa\LOCALS~1\Temp\c0nime.exe>  [N/A]
  26.     <z1uu92jswib><C:\DOCUME~1\aaa\LOCALS~1\Temp\iexpl0re.exe>  [N/A]
  27.     <kkese><C:\DOCUME~1\aaa\LOCALS~1\Temp\Servera.exe>  [N/A]
  28.     <k1c9zxtfxr8><C:\DOCUME~1\aaa\LOCALS~1\Temp\crasos.exe>  [N/A]
  29.     <3q8tye714u991hv><C:\DOCUME~1\aaa\LOCALS~1\Temp\winlog0n.exe>  []
  30.     <dlm><C:\DOCUME~1\aaa\LOCALS~1\Temp\iexp10re.exe>  [N/A]
  31.     <v8kkiu8cr6><C:\DOCUME~1\aaa\LOCALS~1\Temp\exp10rer.exe>  []
  32. [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  33.     <load><>  [N/A]
  34. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  35.     <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
  36.     <TVTray><>  [N/A]
  37.     <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
  38.     <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe">  [Kaspersky Lab]
  39. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  40.     <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
  41.     <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
  42. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  43.     <AppInit_DLLs><C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll>  [Kaspersky Lab]
  44. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  45.     <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
  46. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
  47.     <{A6011F8F-A7F8-49AA-9ADA-49127D43138F}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk>  [N/A]
  48. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
  49.     <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [Kaspersky Lab]
  50. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
  51.     <WinlogonNotify: NavLogon><C:\WINDOWS\system32\NavLogon.dll>  []

  53. ==================================
  54. 启动文件夹
  55. N/A

  57. ==================================
  58. 服务
  59. [卡巴斯基互联网安全套装6.0个人版 / AVP][Running/Auto Start]
  60.   <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r><Kaspersky Lab>
  61. [DefWatch / DefWatch][Stopped/Auto Start]
  62.   <C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe><N/A>
  63. [Human Interface Device Access / HidServ][Stopped/Disabled]
  64.   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
  65. [LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
  66.   <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
  67. [Distributed Application Client / Mercha2][Stopped/Auto Start]
  68.   <C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE C:\WINDOWS\SYSTEM32\WBEM\QKNVU.DLL,Export 1087><Microsoft Corporation>
  69. [Symantec AntiVirus Client / Norton AntiVirus Server][Stopped/Auto Start]
  70.   <C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe><N/A>
  71. [NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  72.   <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
  73. [P4P Service / P4P Service][Running/Auto Start]
  74.   <C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>
  75. [Remote Procedure Call System(RPCSx) / Remo][Stopped/Auto Start]
  76.   <C:\WINDOWS\system32\Rpcsx.exe><N/A>
  77. [Windows DDOS(DOS) / WINDDOS][Stopped/Auto Start]
  78.   <C:\WINDOWS\system32\windoss.exe><N/A>
  79. [Windows RPCS / WINRPCS][Stopped/Auto Start]
  80.   <C:\WINDOWS\system32\winrpcs.exe><N/A>

  82. ==================================
  83. 驱动程序
  84. [a347bus / a347bus][Running/Boot Start]
  85.   <\SystemRoot\system32\DRIVERS\a347bus.sys><>
  86. [a347scsi / a347scsi][Running/Boot Start]
  87.   <\SystemRoot\System32\Drivers\a347scsi.sys><>
  88. [标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start]
  89.   <\SystemRoot\system32\DRIVERS\atapi.sys><N/A>
  90. [Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  91.   <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
  92. [713x_Genius TV Card Capture / Cap7134][Running/Manual Start]
  93.   <system32\DRIVERS\Cap7134.sys><Philips Semiconductors>
  94. [DSDrv4 / DSDrv4][Stopped/Manual Start]
  95.   <\??\C:\PROGRA~1\10Moons\REMOTE~1\DSDrv4.sys><N/A>
  96. [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start]
  97.   <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
  98. [GMSIPCI / GMSIPCI][Stopped/Manual Start]
  99.   <\??\G:\INSTALL\GMSIPCI.SYS><N/A>
  100. [kl1 / kl1][Running/Boot Start]
  101.   <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
  102. [klif / klif][Running/System Start]
  103.   <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
  104. [mpjq / mpjqq][Running/Boot Start]
  105.   <\SystemRoot\System32\DRIVERS\mpjqq.sys><N/A>
  106. [MSICPL / MSICPL][Stopped/Manual Start]
  107.   <\??\G:\install4\MSICPL.sys><N/A>
  108. [NAVAP / NAVAP][Stopped/Manual Start]
  109.   <\??\C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAP.sys><N/A>
  110. [NAVAPEL / NAVAPEL][Stopped/Auto Start]
  111.   <\??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS><N/A>
  112. [NAVENG / NAVENG][Stopped/Manual Start]
  113.   <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070518.019\NAVENG.sys><Symantec Corporation>
  114. [NAVEX15 / NAVEX15][Stopped/Manual Start]
  115.   <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070518.019\NAVEX15.sys><Symantec Corporation>
  116. [Netgroup Packet Filter / NPF][Stopped/Manual Start]
  117.   <system32\DRIVERS\npf.sys><N/A>
  118. [npkcrypt / npkcrypt][Running/Auto Start]
  119.   <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
  120. [NTACCESS / NTACCESS][Stopped/Manual Start]
  121.   <\??\G:\NTACCESS.sys><N/A>
  122. [nv / nv][Running/Manual Start]
  123.   <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
  124. [TV BABY2, WDM TVTuner / PhTVTune][Running/Manual Start]
  125.   <system32\DRIVERS\PhTVTune.sys><Philips Semiconductors>
  126. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  127.   <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
  128. [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
  129.   <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
  130. [Secdrv / Secdrv][Stopped/Manual Start]
  131.   <system32\DRIVERS\secdrv.sys><N/A>
  132. [SetupNTGLM7X / SetupNTGLM7X][Stopped/Manual Start]
  133.   <\??\G:\NTGLM7X.sys><N/A>
  134. [SymEvent / SymEvent][Stopped/Manual Start]
  135.   <\??\C:\Program Files\Symantec\SYMEVENT.SYS><N/A>
  136. [ViaIde / ViaIde][Running/Boot Start]
  137.   <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
  138. [VIA AC'97 Audio Controller (WDM) / VIAudio][Running/Manual Start]
  139.   <system32\drivers\viaudios.sys><VIA Technologies, Inc.>
  140. [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  141.   <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
  142. [VIMICRO USB PC Camera / ZSMC301b][Running/Manual Start]
  143.   <System32\Drivers\usbVM31b.sys><VM>

  145. ==================================
  146. 浏览器加载项
  147. [Web反病毒统计]
  148.   {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>
  149. [WebActivater Control]
  150.   {3D8F74EE-8692-4F8F-B8D2-7522E732519E} <C:\WINDOWS\system32\WEBACT~1.OCX, QQ>
  151. [Windows Media Player]
  152.   {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
  153. [HTML Document]
  154.   {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
  155. [DHTML Edit Control Safe for Scripting for IE5]
  156.   {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
  157. [Windows Media Player]
  158.   {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
  159. [Microsoft Web 浏览器]
  160.   {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
  161. [Microsoft Scriptlet Component]
  162.   {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
  163. [SearchAssistantOC]
  164.   {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
  165. [RDS.DataSpace]
  166.   {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
  167. [RealPlayer G2 Control]
  168.   {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
  169. [Shockwave Flash Object]
  170.   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\flash.ocx, Macromedia, Inc.>
  171. [CPasswordEditCtrl Object]
  172.   {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
  173. [导出到 Microsoft Office Excel(&X)]
  174.   <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
  175. [添加到QQ表情]
  176.   <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
  177. [添加到反广告黑名单]
  178.   <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm, N/A>

  180. ==================================
  181. 正在运行的进程
  182. [PID: 620][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  183. [PID: 696][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  184. [PID: 720][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  185.     [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 6.0.2.621]
  186.     [C:\WINDOWS\system32\NavLogon.dll]  [N/A, ]
  187.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  188.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.2.621]
  189. [PID: 764][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  190. [PID: 2768][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  191.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scrchpg.dll]  [Kaspersky Lab, 6.0.2.621]
  192.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ShellEx.dll]  [Kaspersky Lab, 6.0.2.621]
  193.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
  194.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
  195.     [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
  196.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
  197. [PID: 3552][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  198. [PID: 324][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
  199.     [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
  200.     [C:\Program Files\WinRAR\Formats\tar.fmt]  [N/A, ]
  201.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scrchpg.dll]  [Kaspersky Lab, 6.0.2.621]
  202.     [C:\Program Files\WinRAR\Formats\gz.fmt]  [N/A, ]
  203.     [C:\Program Files\WinRAR\Formats\arj.fmt]  [N/A, ]
  204. [PID: 2492][F:\tools工具软件\杀毒工具\卡巴斯基\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
  205.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.2.621]

  207. ==================================
  208. 文件关联
  209. .TXT  Error. [C:\WINDOWS\notepad.exe %1]
  210. .EXE  OK. ["%1" %*]
  211. .COM  OK. ["%1" %*]
  212. .PIF  OK. ["%1" %*]
  213. .REG  OK. [regedit.exe "%1"]
  214. .BAT  OK. ["%1" %*]
  215. .SCR  OK. ["%1" /S]
  216. .CHM  Error. ["hh.exe" %1]
  217. .HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
  218. .INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
  219. .INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
  220. .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  221. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  222. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]

  224. ==================================
  225. Winsock 提供者
  226. N/A

  228. ==================================
  229. Autorun.inf
  230. N/A

  232. ==================================
  233. HOSTS 文件
  234. 127.0.0.1       localhost

  236. ==================================
  237. API HOOK
  238. RVA  错误: LoadLibraryA (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xF8002AF0)
  239. RVA  错误: LoadLibraryExA (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xF8002CD0)
  240. RVA  错误: LoadLibraryExW (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xF8002E30)
  241. RVA  错误: LoadLibraryW (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xF8002BE0)
  242. RVA  错误: GetProcAddress (危险等级: 高,  被下面模块所HOOK: Dest Addr: 0xF8002DE0)

  244. ==================================
  245. 隐藏进程
  246. N/A

  248. ==================================


复制代码
回复

举报

e-long
发表于 2007-5-27 02:21:17 | 显示全部楼层
着文件怎么使用呀 !我的机器里面也是这样! 都着急上火了!
回复

举报

jlennon
头像被屏蔽
发表于 2007-5-27 04:12:19 | 显示全部楼层
删除下面这些
c:\docume~1\aaa\locals~1\temp\exp10rer.exe
c:\docume~1\aaa\locals~1\temp\iexp10re.exe
c:\docume~1\aaa\locals~1\temp\winlog0n.exe
c:\docume~1\aaa\locals~1\temp\crasos.exe
c:\docume~1\aaa\locals~1\temp\servera.exe
c:\docume~1\aaa\locals~1\temp\iexpl0re.exe
c:\docume~1\aaa\locals~1\temp\c0nime.exe
c:\docume~1\aaa\locals~1\temp\1explore.exe

删除重启后使用SREng修复下面各项:

    启动项目 -- 注册表之如下项删除:
[v8kkiu8cr6]    <C:\DOCUME~1\aaa\LOCALS~1\Temp\exp10rer.exe>
[dlm]    <C:\DOCUME~1\aaa\LOCALS~1\Temp\iexp10re.exe>
[3q8tye714u991hv]    <C:\DOCUME~1\aaa\LOCALS~1\Temp\winlog0n.exe>
[k1c9zxtfxr8]    <C:\DOCUME~1\aaa\LOCALS~1\Temp\crasos.exe>
[kkese]    <C:\DOCUME~1\aaa\LOCALS~1\Temp\Servera.exe>
[z1uu92jswib]    <C:\DOCUME~1\aaa\LOCALS~1\Temp\iexpl0re.exe>
[wf5]    <C:\DOCUME~1\aaa\LOCALS~1\Temp\c0nime.exe>
[bxwmfmydx01c8d]    <C:\DOCUME~1\aaa\LOCALS~1\Temp\1explore.exe>

[ 本帖最后由 jlennon 于 2007-5-27 04:14 编辑 ]
回复

举报

jlennon
头像被屏蔽
发表于 2007-5-27 04:14:09 | 显示全部楼层
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.CHM  Error. ["hh.exe" %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
用sreng修复这三个错误文件关联
回复

举报

csscz.love
发表于 2007-5-27 04:35:31 | 显示全部楼层
<{A6011F8F-A7F8-49AA-9ADA-49127D43138F}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk>  [N/A](参考以下网:http://hi.baidu.com/peaset/blog/ ... 91f455b219a8f5.html)

用工具 SREng 启动项目 -->服务-->Win32服务应用程序 的如下项删除
Distributed Application Client / Mercha2][Stopped/Auto Start]
  <C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE C:\WINDOWS\SYSTEM32\WBEM\QKNVU.DLL,Export 1087><Microsoft Corporation>
[P4P Service / P4P Service][Running/Auto Start]
  <C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>
[Remote Procedure Call System(RPCSx) / Remo][Stopped/Auto Start]
  <C:\WINDOWS\system32\Rpcsx.exe><N/A>
[Windows DDOS(DOS) / WINDDOS][Stopped/Auto Start]
  <C:\WINDOWS\system32\windoss.exe><N/A>
[Windows RPCS / WINRPCS][Stopped/Auto Start]
  <C:\WINDOWS\system32\winrpcs.exe><N/A>
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-1-12 16:09 , Processed in 0.129362 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表