被遗忘的角落 - 2006-7-25 22:15:00
不能显示隐藏文件,在文件夹选项中设置“显示所有文件”后会自动跳回“不显示隐藏文件”,现在已经没有办法显示全部文件了,隐藏文件都看不了了,有没有办法啊,晚上中过病毒,隐藏受保护的文件夹的选项的勾可以去掉,但也不会显示出来,也失效了,怎么办啊,救命版主
开始,运行,输入regedit
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL,把CheckedValue改为1
改了。还是没用。
我把瑞星听诊信息传给你看一下。
未知家族病毒分析
扫描结果:
C:\WINDOWS\LSASS.EXE --> 与 Trojan.PSW.LMir 70%相似.
C:\WINDOWS\SYSTEM\ALGESTEIEBS.EXE --> 与 Trojan.PSW.FodOnline 60%相似.
C:\WINDOWS\SYSTEM\ALGESTEIYES.EXE --> 与 Trojan.PSW.FodOnline 60%相似.
系统活动进程
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\ALGESTEIEBS.EXE
C:\WINDOWS\SYSTEM\ALGESTEIYES.EXE
C:\PROGRAM FILES\TENCENT\QQ\QQ.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\TENCENT\QQ\TIMPLATFORM.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\LSASS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\8PIZ896V\RSDETECT[1].EXE
普通自启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ToP = C:\WINDOWS\LSASS.EXE
internat.exe = INTERNAT.EXE
ScanRegistry = C:\WINDOWS\SCANREGW.EXE /AUTORUN
TaskMonitor = C:\WINDOWS\TASKMON.EXE
PCHealth = C:\WINDOWS\PCHEALTH\SUPPORT\PCHSCHD.EXE -S
SystemTray = SYSTRAY.EXE
LoadPowerProfile = RUNDLL32.EXE POWRPROF.DLL,LOADCURRENTPWRSCHEME
C-Media Mixer = C:\PROGRAM FILES\PCI AUDIO APPLICATIONS\MIXER.EXE /STARTUP
Syetwlyls = C:\WINDOWS\SYSTEM\ALGESTEIEBS.EXE
Syetwlysh = C:\WINDOWS\SYSTEM\ALGESTEIYES.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
LoadPowerProfile = RUNDLL32.EXE POWRPROF.DLL,LOADCURRENTPWRSCHEME
SchedulingAgent = MSTASK.EXE
*StateMgr = C:\WINDOWS\SYSTEM\RESTORE\STATEMGR.EXE
AppInit_DLLs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs =
系统文件关联
.exe ==> exefile = "%1" %*
.com ==> comfile = "%1" %*
.bat ==> batfile = "%1" %*
.txt ==> txtfile = NOTEPAD.EXE %1
.scr ==> scrfile = "%1" /S
.reg ==> regfile = regedit.exe "%1"
.doc ==> Word.Document.8 = "C:\Program Files\Microsoft Office\Office\WINWORD.EXE" /n
其它启动项
WIN.INI
无信息
SYSTEM.INI
SHELL = Explorer.exe
Winlogon 启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
IE - BHO
Winsock SPI
MS.w95.spi.osp = C:\WINDOWS\SYSTEM\MSWSOSP.DLL
MS.w95.spi.tcp = C:\WINDOWS\SYSTEM\MSAFD.DLL
MS.w95.spi.udp = C:\WINDOWS\SYSTEM\MSAFD.DLL
MS.w95.spi.raw = C:\WINDOWS\SYSTEM\MSAFD.DLL
MS.w95.spi.rsvptcp = C:\WINDOWS\SYSTEM\RSVPSP.DLL
MS.w95.spi.rsvpudp = C:\WINDOWS\SYSTEM\RSVPSP.DLL
系统服务项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
文件驱动
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
系统驱动项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
rt = C:\WINDOWS\SYSTEM32\DRIVERS\RT.SYS
WDMFS = C:\WINDOWS\SYSTEM32\DRIVERS\WDMFS.SYS
ATMARPC = C:\WINDOWS\SYSTEM\ATMARPC.SYS
© 2000 - 2025 Rising Corp. Ltd.