发表于: 2007-05-30 12:04 | 短消息 资料
字号: 11楼

结束下列进程
[PID: 1236][C:\WINNT\Explorer.EXE] [Microsoft Corporation, 5.00.3700.6690]
[PID: 1492][C:\Program Files\ChinaNet\VnetClient.exe] [, 2005, 3, 7, 1]
[PID: 1552][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2800.1106]
[PID: 1220][E:\迅雷\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5, 5, 6, 274]


启动SRENG
ICESWORD禁止进程创建
SRENG-启动项-注册表-删除
<C:\WINNT\system32\ntsokele.exe><N/A>
<{131AB311-16F1-F13B-1E43-11A24B51AFD1}><C:\WINNT\system32\gdipri.dll> []
服务-隐藏微软服务-删除
[Remote Help Session Manager / Rasautol][Stopped/Auto Start]
<C:\WINNT\system32\ntsokele.exe><N/A>
[Windows / Windowcmd][Stopped/Auto Start]
<C:\WINNT\system32\servc.exe><N/A>
[WinWMServiceNow / WinWMServiceNow][Stopped/Auto Start]
<><N/A>
驱动
<\??\C:\WINNT\system32\cdcd.sys><N/A>
及上面对应的文件