瑞星卡卡安全论坛

首页 » 技术交流区 » 系统软件 » 用完美卸载的朋友来看看?
chenlf - 2006-8-27 15:40:00
这是我开了系统保护大师一会的日志,看看就怕,这么多啊?我还看到有QQ和RAV,RFW(他们记得是瑞星的啊,也危险?),还有几个删除失败的,请高手重点看看,该怎么办?

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\D:\Tencent\qq\qq.exe
[结果]:危险,该操作被完美卸载拒绝!

[进程]:RfwCfg.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfOS\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[进程]:RfwCfg.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfProc\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[进程]:RfwCfg.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfOS\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[进程]:RfwCfg.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfProc\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[危险警告]:C:\WINDOWS\System32\npscan.dll在系统目录下创建

[结果]:删除失败!文件可能在使用!

[进程]:RfwCfg.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfOS\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[进程]:RfwCfg.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfProc\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[进程]:RfwCfg.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfOS\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[进程]:RfwCfg.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfProc\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

]:wuauclt.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wuauclt.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\CategoryMessageFile
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wuauclt.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\CategoryCount
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wuauclt.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\TypesSupported
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\D:\Tencent\qq\QQ.exe
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\D:\Tencent\qq\QQ.exe
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\D:\Tencent\qq\QQ.exe
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\JSFile\Shell\Open
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\JSFile\Shell
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\JSFile\Shell\Open\Command
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\JSFile\Shell
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\JSFile\Shell\Open2
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\JSFile\Shell
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\JSFile\Shell\Open2\Command
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\JSFile\Shell
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\VBSFile\Shell\Open
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\VBSFile\Shell
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\VBSFile\Shell\Open\Command
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\VBSFile\Shell
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\VBSFile\Shell\Open2
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\VBSFile\Shell
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\VBSFile\Shell\Open2\Command
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wscript.exe
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Classes\VBSFile\Shell
[结果]:危险,该操作被完美卸载拒绝!

[危险警告]:C:\WINDOWS\System32\dllcache\iexplore.exe.new在系统目录下创建
[结果]:删除失败!文件可能在使用!

[进程]:Rav.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfOS\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[进程]:Rav.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfProc\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[进程]:qq2006beta2sp1f
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54EBD53A-9BC1-480B-966A-843A333CA162}
[结果]:危险,该操作被完美卸载拒绝!

[进程]:qq2006beta2sp1f
[操作]:\\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54EBD53A-9BC1-480B-966A-843A333CA162}
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\D:\Tencent\QQ\QQ.exe
[结果]:危险,该操作被完美卸载拒绝!

[危险警告]:C:\WINDOWS\System32\dllcache\iexplore.exe.new在系统目录下创建

[结果]:删除失败!文件可能在使用!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\D:\Tencent\QQ\QQ.exe
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\D:\Tencent\QQ\QQ.exe
[结果]:危险,该操作被完美卸载拒绝!

[进程]:RfwCfg.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfOS\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[进程]:RfwCfg.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfProc\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[进程]:RfwCfg.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfOS\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[进程]:RfwCfg.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PerfProc\Performance\Disable Performance Counters
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Epoch\Epoch
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Epoch\Epoch
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Epoch\Epoch
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Epoch\Epoch
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Epoch\Epoch
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Epoch\Epoch
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Epoch\Epoch
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Epoch\Epoch
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Dhcp\Parameters\{C590FE4C-076F-42CE-9497-9330A2078F2E}
[结果]:危险,该操作被完美卸载拒绝!

[进程]:services.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\srservice\Start
[结果]:危险,该操作被完美卸载拒绝!

[进程]:rundll32.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
[结果]:危险,该操作被完美卸载拒绝!

[进程]:rundll32.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\CategoryMessageFile
[结果]:危险,该操作被完美卸载拒绝!

[进程]:rundll32.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\CategoryCount
[结果]:危险,该操作被完美卸载拒绝!

[进程]:rundll32.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\TypesSupported
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wuauclt.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wuauclt.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\CategoryMessageFile
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wuauclt.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\CategoryCount
[结果]:危险,该操作被完美卸载拒绝!

[进程]:wuauclt.exe
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\TypesSupported
[结果]:危险,该操作被完美卸载拒绝!

[进程]:SVCHOST.EXE
[操作]:\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\D:\Tencent\qq\qq.exe
[结果]:危险,该操作被完美卸载拒绝!
chenlf - 2006-8-27 15:42:00
[危险警告]:C:\WINDOWS\System32\dllcache\iexplore.exe.new在系统目录下创建

[结果]:用户放弃删除,该文件仍存在!
还有我这么处理,还是找不到这程序iexplore.exe.new,只要一个iexplore.exe
chenlf - 2006-8-27 22:12:00
顶上去!
oo123oo3 - 2006-8-28 4:02:00
不建议用完美卸载。。误报就几个了
chenlf - 2006-8-28 21:29:00
那用什么?我觉得功能不错啊!
天天泡泡 - 2006-8-28 21:57:00
完美卸载的日志没有研究过,在卡卡主要看HijackThis和SReng的日志。
chenlf - 2006-8-28 22:04:00
引用:
【天天泡泡的贴子】完美卸载的日志没有研究过,在卡卡主要看HijackThis和SReng的日志。
………………

还是谢谢你的热心!
王大灭火器 - 2006-8-29 8:30:00
别用完美卸载的系统保护大师!太麻烦了
chenlf - 2006-8-29 9:16:00
引用:
【王大灭火器的贴子】别用完美卸载的系统保护大师!太麻烦了
………………

麻烦?就是不好吗?
芸秤84 - 2006-9-25 18:52:00
我也是这样。
1
查看完整版本: 用完美卸载的朋友来看看?
© 2000 - 2026 Rising Corp. Ltd.