查看單個文章
舊 2006-06-22, 05:19 PM   #10 (permalink)
psac
榮譽會員
 
psac 的頭像
榮譽勳章
UID - 3662
在線等級: 級別:30 | 在線時長:1048小時 | 升級還需:37小時級別:30 | 在線時長:1048小時 | 升級還需:37小時級別:30 | 在線時長:1048小時 | 升級還需:37小時級別:30 | 在線時長:1048小時 | 升級還需:37小時級別:30 | 在線時長:1048小時 | 升級還需:37小時
註冊日期: 2002-12-07
住址: 木柵市立動物園
文章: 17381
現金: 5253 金幣
資產: 33853 金幣
預設

Q:..
中了特諾伊木馬`刪除不了`怎麼辦(已解決)


描述:病毒名稱
圖片:
http://img20.imageshack.us/img20/5429/641291743915e64e0b29ea32xu.jpg
2006-06-21,21:17:54

System Repair Engineer 2.0.12.350 (2.0 RC 1)
Windows XP Professional Service Pack 2 - 管理權限用戶 - 完整功能

以下內容被選中:
所有的啟動專案(包括註冊表、啟動資料夾、服務等)
瀏覽器載入項
正在執行的工作行程(包括工作行程模塊訊息)
文件關聯


啟動專案
註冊表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<run><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<StormCodec_Helper><"E:\播放工具\暴風影音\Storm Codec1\StormSet.exe" /S /opti>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Userinit><C:\WINDOWS\system32\userinit.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><KB496973M.LOG>

==================================
啟動資料夾
服務
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard]
<E:\系統工具\殺毒軟件\ewido anti-spyware 4.0\guard.exe><Anti-Malware Development a.s.>
[GrayPigeonServer / GrayPigeonServer]
<C:\WINDOWS\G_Server2006.exe><N/A>
[Gray_Pigeon_Server2.03 / GrayPigeonServer2.03]
<C:\WINDOWS\G_Server2.03.exe><N/A>
[InstallDriver Table Manager / IDriverT]
<"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[iPodService / iPodService]
<C:\Program Files\iPod\bin\iPodService.exe><Apple Computer, Inc.>
[itshow.com.cn / it.com.cn]
<C:\WINDOWS\Hacker.com.cn.exe><N/A>
[kavsvc / kavsvc]
<"E:\殺毒\Kaspersky Anti-Virus Personal Pro\kavsvc.exe"><Kaspersky Lab>
[NVIDIA Display Driver Service / NVSvc]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[ver / Perver]
<C:\WINDOWS\sz.exe><N/A>
[UFSoft SMS Platform / U8SmsSrv]
<C:\WINDOWS\system32\U8SMSSrv.exe><N/A>
[U8管理軟件 / UFNet]
<C:\WINDOWS\system32\ServerNT.EXE><N/A>
[Network Management Center Task / W32Tasks]
<C:\WINDOWS\system32\taskman32.exe><N/A>
[Window Time / Window Time]
<C:\WINDOWS\svchost.exe><N/A>

==================================
瀏覽器載入項
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <F:\kugoo\KuGoo\KuGoo3DownXControl.ocx, N/A>
[浩方對戰平台]
{0A155D3C-68E2-4215-A47A-E800A446447A} <F:\浩方\HF.Loader.v1.21-Ayu\HFGameOPT\GameClient.exe, 上海浩方線上訊息技術有限公司>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\QQ\qq2006\QQ.EXE, N/A>
[東方衛士]
{A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EF} <C:\PROGRA~1\DFVSIE~1\DFVSIEBR.dll, >
[VTPlug3 Class]
{0400AC1C-EEF0-4638-A501-31D5A0DC2002} <C:\WINDOWS\system32\gxd\VTrans3.dll, >
[PowerPlayer Control]
{5EC7C511-CD0F-42E6-830C-1BD9882F3458} <E:\PPStream\POWERP~1.DLL, PPStream Inc.>
[IMCv1 Control]
{6924091F-CD97-41E1-B1D4-D9079409D413} <C:\PROGRA~1\LtUcx\1003\c0.dll, N/A>
[Filetran Control]
{88734439-46D0-42C0-A13F-7E881EE550CF} <C:\PROGRA~1\Bluesky\BLUESK~1\filetran.ocx, Bluesky Studio(http://www.bluesky.cn)>
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, N/A>
[IMCv1 Control]
{6924091F-CD97-41E1-B1D4-D9079409D413} <C:\PROGRA~1\LtUcx\1003\c0.dll, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\MediaAddin03.dll, Thunder Networking Technologies,LTD>
[Microsoft Web 瀏覽器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[東方衛士]
{A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EF} <C:\PROGRA~1\DFVSIE~1\DFVSIEBR.dll, >
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <F:\kugoo\KuGoo\KuGoo3DownXControl.ocx, N/A>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[&使用迅雷下載全部鏈接]
<C:\Program Files\Thunder Network\Thunder\getallurl.htm, N/A>
[使用網際快車下載]
<F:\FlashGet\jc_link.htm, N/A>
[使用網際快車下載全部鏈接]
<F:\FlashGet\jc_all.htm, N/A>
[匯出到 Microsoft Office Excel(&X)]
<res://E:\學習工具\office\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在執行的工作行程
[PID: 672][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 744][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 768][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 820][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 832][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 1000][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 1064][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 1148][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 1200][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 1276][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 1696][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 1964][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[C:\WINDOWS\G_Server2006Key.DLL] <N/A><N/A>
[C:\WINDOWS\szKey.DLL] <N/A><N/A>
[C:\WINDOWS\svchostKey.DLL] <N/A><N/A>
[PID: 224][E:\系統工具\殺毒軟件\ewido anti-spyware 4.0\guard.exe] <Anti-Malware Development a.s.><4, 0, 0, 172>
[E:\系統工具\殺毒軟件\ewido anti-spyware 4.0\engine.dll] <Anti-Malware Development a.s.><4, 0, 0, 172>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 344][C:\Program Files\Internet Explorer\IEXPLORE.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[C:\WINDOWS\G_Server2006Key.DLL] <N/A><N/A>
[C:\WINDOWS\svchostKey.DLL] <N/A><N/A>
[C:\WINDOWS\szKey.DLL] <N/A><N/A>
[PID: 436][C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe] <Microsoft Corporation><2000.080.0194.00>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 564][C:\WINDOWS\system32\nvsvc32.exe] <NVIDIA Corporation><6.14.10.5216>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[C:\WINDOWS\G_Server2006Key.DLL] <N/A><N/A>
[C:\WINDOWS\szKey.DLL] <N/A><N/A>
[C:\WINDOWS\svchostKey.DLL] <N/A><N/A>
[PID: 664][C:\Program Files\Internet Explorer\IEXPLORE.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[F:\kugoo\KuGoo\KuGoo3DownXControl.ocx] <N/A><N/A>
[C:\WINDOWS\G_Server2006Key.DLL] <N/A><N/A>
[C:\WINDOWS\sz.DLL] <N/A><N/A>
[C:\WINDOWS\szKey.DLL] <N/A><N/A>
[C:\WINDOWS\svchostKey.DLL] <N/A><N/A>
[PID: 704][C:\WINDOWS\system32\U8SMSSrv.exe] <N/A><N/A>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 1268][C:\WINDOWS\system32\ServerNT.EXE] <N/A><N/A>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[C:\WINDOWS\system32\UMiscell.dll] <北京用友軟件股份有限公司><1, 0, 0, 1>
[C:\WINDOWS\system32\sgv.dll] <><8, 2, 0, 0>
[C:\WINDOWS\system\Sense3.dll] <N/A><N/A>
[C:\WINDOWS\system32\SecuComm.dll] <N/A><N/A>
[PID: 1232][C:\WINDOWS\system32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 2380][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[PID: 2396][C:\WINDOWS\system32\wscntfy.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[C:\WINDOWS\svchostKey.DLL] <N/A><N/A>
[C:\WINDOWS\szKey.DLL] <N/A><N/A>
[C:\WINDOWS\G_Server2006Key.DLL] <N/A><N/A>
[PID: 2100][C:\WINDOWS\explorer.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[C:\WINDOWS\szKey.DLL] <N/A><N/A>
[C:\WINDOWS\G_Server2006Key.DLL] <N/A><N/A>
[E:\系統工具\殺毒軟件\ewido anti-spyware 4.0\shellexecutehook.dll] <Anti-Malware Development a.s.><4, 0, 0, 172>
[C:\WINDOWS\svchostKey.DLL] <N/A><N/A>
[F:\kugoo\KuGoo\KuGoo3DownXControl.ocx] <N/A><N/A>
[C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[E:\Right Click Image Converter\extRCIC.dll] <N/A><N/A>
[E:\殺毒\Kaspersky Anti-Virus Personal Pro\shellex.dll] <Kaspersky Lab><5.0.388.1>
[E:\系統工具\殺毒軟件\ewido anti-spyware 4.0\context.dll] <Anti-Malware Development a.s.><4, 0, 0, 172>
[PID: 2556][F:\QQ\06\QQ.exe] <TENCENT><0, 0, 0, 0>
[F:\QQ\06\QQBaseClassInDll.dll] <><1, 0, 0, 1>
[F:\QQ\06\QQHelperDll.dll] <><1, 0, 0, 1>
[F:\QQ\06\BasicCtrlDll.dll] <Tencent><5, 0, 200, 160>
[F:\QQ\06\PYKer.dll] <飄雲 http://www.pyqq.cn><飄雲>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[F:\QQ\06\ipsearcher.dll] <><1.0.0.3>
[C:\WINDOWS\szKey.DLL] <N/A><N/A>
[C:\WINDOWS\G_Server2006Key.DLL] <N/A><N/A>
[F:\QQ\06\QQAPI.dll] <><1, 0, 0, 1>
[F:\QQ\06\TIMProxy.dll] <tencent><0, 3, 2, 4>
[F:\QQ\06\LoginCtrl.dll] <><1, 0, 0, 1>
[F:\QQ\06\npkcntc.dll] <INCA Internet Co., Ltd.><2006, 3, 2, 1>
[F:\QQ\06\npkpdb.dll] <INCA Internet Co., Ltd.><2003, 10, 1, 1>
[F:\QQ\06\QQRes.dll] <tencent><1, 0, 0, 1>
[F:\QQ\06\QQMainFrame.dll] <N/A><N/A>
[F:\QQ\06\CQQApplication.dll] <N/A><N/A>
[F:\QQ\06\NewSkin.dll] <><1, 0, 0, 1>
[F:\QQ\06\HostingMgr.dll] <><1, 0, 0, 1>
[F:\QQ\06\CameraDll.dll] <><1, 0, 0, 1>
[F:\QQ\06\MailSummary.dll] <><1, 0, 0, 1>
[F:\QQ\06\QQSpace.dll] <><1, 0, 0, 1>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[F:\QQ\06\QQGroupMng.dll] <><1, 0, 0, 1>
[F:\QQ\06\GroupLive.dll] <N/A><N/A>
[F:\QQ\06\QQSysMsgMng.dll] <N/A><N/A>
[F:\QQ\06\UserDefinedHead.dll] <><1, 0, 0, 1>
[F:\QQ\06\QQPlugin.dll] <N/A><N/A>
[F:\QQ\06\QQConfigPlugin.dll] <><1, 0, 0, 1>
[F:\QQ\06\LongConnection.dll] <tencent><5, 0, 200, 160>
[F:\QQ\06\QRingMng.dll] <N/A><N/A>
[F:\QQ\06\PhoneAPI.dll] <><1, 0, 0, 1>
[F:\QQ\06\DialerAllinOne.dll] <tencent><1, 4, 0, 0>
[F:\QQ\06\QQAllInOne.dll] <N/A><N/A>
[F:\QQ\06\SCCore.dll] <N/A><N/A>
[F:\QQ\06\QQCustomFace.dll] <N/A><N/A>
[F:\QQ\06\QQPet.dll] <><1, 0, 0, 1>
[F:\QQ\06\QQAvatar.dll] <N/A><N/A>
[F:\QQ\06\FlashAvatarDll.dll] <><1, 4, 0, 1>
[C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx] <Macromedia, Inc.><8,0,24,0>
[F:\QQ\06\QQSceneMng.dll] <N/A><N/A>
[F:\QQ\06\VqqModule.dll] <><1, 0, 0, 1>
[F:\QQ\06\ImageOle.dll] <TODO: <Company name>><1.0.0.1>
[F:\QQ\06\QQMagicFace.dll] <><1, 0, 0, 1>
[F:\QQ\06\QQFileTransfer.dll] <Tencent><5, 0, 202, 180>
[E:\系統工具\殺毒軟件\ewido anti-spyware 4.0\shellexecutehook.dll] <Anti-Malware Development a.s.><4, 0, 0, 172>
[F:\QQ\06\CommercesMng.dll] <><1, 0, 0, 1>
[F:\QQ\06\PersonalDesktop.dll] <深圳市騰訊電腦系統公司QQ工作小組><1, 0, 0, 2>
[F:\QQ\06\QQAddr.dll] <深圳市騰訊電腦系統有限公司><5, 0, 101, 200>
[C:\WINDOWS\svchostKey.DLL] <N/A><N/A>
[F:\QQ\06\GroupConnection.dll] <Tencent><5, 0, 202, 170>
[F:\QQ\06\QQZip.dll] <tencent><0, 3, 2, 4>
[F:\QQ\06\QQPhoneHelper.dll] <騰訊科技(深圳)有限公司><2, 0, 4, 40>
[PID: 1916][F:\QQ\06\TIMPlatform.exe] <tencent><0, 3, 1, 8>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[C:\WINDOWS\szKey.DLL] <N/A><N/A>
[C:\WINDOWS\G_Server2006Key.DLL] <N/A><N/A>
[F:\QQ\06\TIMProxy.dll] <tencent><0, 3, 2, 4>
[PID: 4040][C:\Program Files\WinRAR\WinRAR.exe] <N/A><N/A>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[C:\WINDOWS\svchostKey.DLL] <N/A><N/A>
[C:\WINDOWS\szKey.DLL] <N/A><N/A>
[C:\WINDOWS\G_Server2006Key.DLL] <N/A><N/A>
[PID: 420][C:\DOCUME~1\tony\LOCALS~1\Temp\Rar$EX00.719\SREng.exe] <Smallfrogs Studio><2.0.12.350>
[C:\WINDOWS\KB496973M.LOG] <N/A><N/A>
[C:\WINDOWS\svchostKey.DLL] <N/A><N/A>
[C:\WINDOWS\szKey.DLL] <N/A><N/A>
[C:\WINDOWS\G_Server2006Key.DLL] <N/A><N/A>

==================================
文件關聯
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP Error. [winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================



A:


1. 使用SREng (相關操作說明)

-刪除以下的啟動項
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><KB496973M.LOG>

-刪除以下的服務
[GrayPigeonServer / GrayPigeonServer]
<C:\WINDOWS\G_Server2006.exe><N/A>
[Gray_Pigeon_Server2.03 / GrayPigeonServer2.03]
<C:\WINDOWS\G_Server2.03.exe><N/A>
[itshow.com.cn / it.com.cn]
<C:\WINDOWS\Hacker.com.cn.exe><N/A>
[ver / Perver]
<C:\WINDOWS\sz.exe><N/A>
[Network Management Center Task / W32Tasks]
<C:\WINDOWS\system32\taskman32.exe><N/A>
[Window Time / Window Time]
<C:\WINDOWS\svchost.exe><N/A>


2. 重新啟動電腦,之後刪除以下檔案 (看注1)
C:\WINDOWS\KB496973M.LOG
C:\WINDOWS\sz.exe
C:\WINDOWS\sz.DLL
C:\WINDOWS\szKey.DLL
C:\WINDOWS\G_Server2006.exe
C:\WINDOWS\G_Server2006.DLL
C:\WINDOWS\G_Server2006Key.DLL
C:\WINDOWS\svchost.exe
C:\WINDOWS\svchost.DLL
C:\WINDOWS\svchostKey.DLL

注1: 如果找不到以上檔案,先作出以下設定
a) 在 我的電腦 ,點擊 工具--->資料夾選項
b) 點 檢視 選擇項,然後去掉 隱藏受保護的操作系統文件 前的勾,點選 顯示所有文件和資料夾 ,最後 確定
or...
用軟件Unlocker(最好的頑固軟件刪除工具) v1.8.1 官方中文版,沒有刪除不了的文件。我一直用它



Q:

刪除以下的啟動項
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><KB496973M.LOG>

它說這個文件對系統很重要,不能夠刪除~只能夠編輯~那怎麼辦??謝謝了




A:

把AppInit_DLLs編輯一下,改做空白的.....
再重新啟動刪除相關檔案
__________________
http://bbsimg.qianlong.com/upload/01/08/29/68/1082968_1136014649812.gif
psac 目前離線  
送花文章: 3, 收花文章: 1630 篇, 收花: 3203 次