今天上网好好的,突然弹出个窗口
我在事件查看器里找到了
弹出应用程序: 16 位 MS-DOS 子系统: C:\WINDOWS\system32\krwkmu.exe
NTVDM CPU 遇到无效的指令。
CS:0dc9 IP:01a7 OP:63 68 61 72 73 选择“关闭”终止应用程序。
然后去看看这个EXE,才2KB
用最新更新的卡巴6查了1下,没问题,试着用记事本打开,发现里面竟然是文本
内容如下
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The requested URL could not be retrieved</TITLE>
<STYLE type="text/css"><!--BODY{background-color:#ffffff;font-family:verdana,sans-serif}PRE{font-family:sans-serif}--></STYLE>
</HEAD><BODY>
<H2>The requested URL could not be retrieved</H2>
<HR noshade size="1px">
<P>
While trying to retrieve the URL:
<A HREF="http://www.ntp2-greenwich.com/update/correct.rar">http://www.ntp2-greenwich.com/update/correct.rar</A>
<P>
The following error was encountered:
<BLOCKQUOTE>
Unable to determine IP address from host name for
<I>www.ntp2-greenwich.com</I>
</BLOCKQUOTE>
<P>
The dnsserver returned:
<BLOCKQUOTE>
Name Error: The domain name does not exist.
</BLOCKQUOTE>
<P>
This means that:
<PRE>
The cache was not able to resolve the hostname presented in the URL.
Check if the address is correct.
</PRE>
<P>Your cache administrator is <A HREF="mailto:webmaster">webmaster</A>.
<BR clear="all">
<HR noshade size="1px">
<ADDRESS>
Generated Sun, 01 Oct 2006 16:23:27 GMT by ps.neptunus.com (squid/2.5.STABLE14)
</ADDRESS>
</BODY></HTML>文件在这里,大家可以下载回去看下
http://sic.szpt.net/webdisk2/13498/krwkmu.rar