史萊姆論壇 - 中毒了..T

Click Start, and then click Run. (The Run dialog box appears.)

Type regedit

Then click OK. (The Registry Editor opens.)

Navigate to each of these the keys:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

NOTE: All the keys do not exist on all the systems.

For each one, in the right pane, delete any of the following values:

"svchost"="%System%\Svch0st.exe"
"winlogon"="%System%\Winlogon.exe"
"system"="%System%\Explorer.exe"

If you are running Windows NT/2000/XP, navigate to the key:

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows

In the right pane, delete the value:

run %system%\svch0st.EXE

Exit the registry editor.

4. Reversing the changes made to the Win.ini file
If you are running Windows 95/98/Me, follow these steps:

The function you perform depends on your operating system:
Windows 95/98: Go to step b.
Windows Me: If you are running Windows Me, the Windows Me file-protection process may have made a backup copy of the Win.ini file that you need to edit. If this backup copy exists, it will be in the C:\Windows\Recent folder. Symantec recommends deleting this file before continuing with the steps in this section. To do this:
Start Windows Explorer.
Browse to and select the C:\Windows\Recent folder.
In the right pane, select the Win.ini file and delete it. The Win.ini file will be regenerated when you save your changes to it in step f.

For each one, in the right pane, delete any of the following values:

"svchost"="%System%\Svch0st.exe"
"winlogon"="%System%\Winlogon.exe"
"system"="%System%\Explorer.exe"

If you are running Windows NT/2000/XP, navigate to the key:

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows

In the right pane, delete the value:

run %system%\svch0st.EXE

Exit the registry editor.

開始->執行->regedit
然後到
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
這三各地方看看有無以下直,若有按滑鼠右鍵刪除
"svchost"="%System%\Svch0st.exe"
"winlogon"="%System%\Winlogon.exe"
"system"="%System%\Explorer.exe"
若是NT/2000/XP則到
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
刪除以下值
run %system%\svch0st.EXE

離開

Click Start, and then click Run.

Type the following:

edit c:\windows\win.ini

and then click OK. (The MS-DOS Editor opens.)

NOTE: If Windows is installed in a different location, make the appropriate path substitution.

In the [windows] section of the file, look for a line similar to:

run=C:\WINDOWS\SYSTEM\SVCH0ST.EXE

If this line exists, delete the entire line.

Click File, and then click Save.

Click File, and then click Exit.

開始->執行->edit c:\windows\win.ini
到[windows]這區找找有無此行run=C:\WINDOWS\SYSTEM\SVCH0ST.EXE?
若有刪除此行,然後存檔,注意win.ini是隱藏加唯讀檔喔

<參考看看啦,因為小弟也是各英痴:D>