兄弟,你真命苦啊.
删除启动项:
<FixCamera><C:\WINDOWS\FixCamera.exe> []
<tsnpstd3><C:\WINDOWS\tsnpstd3.exe> []
<Kvsc3><C:\WINDOWS\Kvsc3.exe> [N/A]
<cmdbcs><C:\WINDOWS\cmdbcs.exe> [N/A]
<winform><C:\WINDOWS\winform.exe> [N/A]
<mppds><C:\WINDOWS\mppds.exe> [N/A]
<upxdnd><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\upxdnd.exe> [N/A]
<cmdbs><C:\WINDOWS\cmdbs.exe> [N/A]
<testrun><C:\WINDOWS\testexe.exe> [N/A]
<shualai><C:\WINDOWS\shualai.exe /i> [N/A]
<snpstd3><C:\WINDOWS\vsnpstd3.exe> []
<KSVSvc><C:\WINDOWS\KSVSvc.exe /i> [N/A]
删除服务:
[Windows_SystemDown / WindowsDown][Stopped/Auto Start]
<C:\WINDOWS\system32\servet.exe><N/A>
[WinWMServiceNow / WinWMServiceNow][Stopped/Auto Start]
<C:\WINDOWS\TEMP\RAVWM.EXE><N/A>
(果然让阳光言中了)
删除文件:
[C:\WINDOWS\system32\RAVWM429.dll] [N/A, N/A]
[C:\WINDOWS\system32\winform.dll] [N/A, N/A]
[C:\WINDOWS\system32\mppds.dll] [N/A, N/A]
[C:\WINDOWS\TEMP\upxdnd.dll] [N/A, N/A]
[C:\WINDOWS\system32\cmdbs.dll] [N/A, N/A]
[C:\WINDOWS\system32\Kvsc3.dll] [N/A, N/A]
[C:\WINDOWS\system32\testdll.dll] [N/A, N/A]
[C:\WINDOWS\system32\nwizAsktao.dll] [N/A, N/A]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, N/A]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\upxdnd.dll] [N/A, N/A]
[C:\WINDOWS\system32\shualai.dll] [N/A, N/A]
[C:\WINDOWS\system32\KSVSvc.dll] [N/A, N/A]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\upxdnd.dll] [N/A, N/A]
[C:\WINDOWS\system32\shualai.dll] [N/A, N/A]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, N/A]
[C:\WINDOWS\system32\KSVSvc.dll] [N/A, N/A]
[C:\WINDOWS\system32\testdll.dll] [N/A, N/A]
[C:\WINDOWS\system32\Kvsc3.dll] [N/A, N/A]
[C:\WINDOWS\system32\cmdbs.dll] [N/A, N/A]
[C:\WINDOWS\TEMP\upxdnd.dll] [N/A, N/A]
[C:\WINDOWS\system32\mppds.dll] [N/A, N/A]
[C:\WINDOWS\system32\winform.dll] [N/A, N/A]
[PID: 1096][C:\WINDOWS\KSVSvc.exe] [N/A, N/A]
[C:\WINDOWS\system32\KSVSvc.dll] [N/A, N/A]
[PID: 1100][C:\WINDOWS\system32\systemm.exe] [N/A, N/A]
[PID: 3076][C:\WINDOWS\shualai.exe] [N/A, N/A]
[C:\WINDOWS\system32\shualai.dll] [N/A, N/A]
[PID: 3108][C:\WINDOWS\vsnpstd3.exe] [, 1, 0, 2, 2]
