现在流氓软件越来越多,所以自己平时也很谨慎,不乱下载和运行不明来源的软件,也不太喜欢装杀毒软件,觉得有点影响系统的效率。
前一段时间忙于交一份差,随便下了几个小软件用了,之后就发现系统中有好几个流氓软件,有随机打开 IE 窗口显示广告的,有从网上偷偷下载东西的,还有得经常导致 Explorer.exe 出错。
一般来说,对付这些软件有以下一些手段:
- Regedit/msconfig 检查注册表
- Services.msc 检查服务
- Ctrl + Alt + Delete 检查进程
对于那些 Inject 到系统服务或应用程序中的 DLL ,都好对付,结合 “Who Lock me”工具,先杀掉进程,再删除 DLL。但是如果 DLL Inject 到 Explorer.exe 上,那就删不掉了,除非重启进行安全模式,这来回一折腾,至少得10分钟 …
无意间发现一个好办法:调用任务管理器,把 Explorer.exe 给结束掉,这时候屏幕上只剩下任务管理器了,单击其”文件“-”新建任务“菜单,再点击”浏览“,这时候可以把这个定位文件的对话框当 Explorer 来用,找到那个罪恶的 DLL, 删除之,然后再在任务管理里输入 Explorer ,这样不用重启进入安全模式,就能删除那些 Inject 到 Explorer 上的流氓 DLL 了,有点象“刮骨疗毒”,呵呵。
好主意!
不过检查进程不用“Ctrl + Alt + Delete”,Win2K以后在任务栏点右键,选Task Manager(任务管理器)即可
另外想问,金山词霸2006 SP1带的那个baidu bar,原来还能选择是否安装的,现在根本不让选,tnnd,这个不装“超级兔子”等软件的情况下怎么把它干掉?
这样不彻底的,注册表中留下东东了
杀掉explorer 开启CMD
regsvr32 /u dllname.dll
del dllname.dll
start explorer
如果我是流氓软件的作者的话,我不会主动在我写的 DLL 中提供 regsvr32 /u 能够调用的接口。如果你能用这种方法卸掉那个 DLL,说明作者根本就是用 AppWizard 直接生成了代码框架,都懒得去修改,居然主动提供卸载接口。
关机Dialog时,按CTRL+ALT+SHIFT点取消,就能退出Explorer
但如何直接知道INJECT的DLL文件呢?
推荐使用:www.tommsoft.com
清理流氓工具
朋友,有些程序的DLL并不是注入到explorer.exe当中的,而且大多数情况下必须结束explorer.exe才能删除的DLL原因都是explorer.exe当中缓存有其中的数据,而并不是explorer.exe调用了这个DLL
大多数的流氓软件都是用rundll32.exe来加载自己的文件,而不是explorer.exe,因此我们必须要结束rundll32.exe才能删除,而不是explorer.exe。特别像3721这样的软件,这种方式根本不可能删除掉他的。
另外就是想要删除一个流氓插件,一定要先完全关闭IE浏览器,否则很难清除。毕竟IE开着就等于这个插件正在使用,我们都知道windows是无法删除一个正在使用的文件的
以上是我的拙见,不对之处还望指教
windows是无法删除一个正在使用的文件的
以上是我的拙见,不对之处还望指教
The trick is to make sure you don’t die waiting for prosperity to come.
You can tell a lot about a fellow’s character by his way of eating jellybeans.
You don’t have to cook fancy or complicated masterpieces – just good food from fresh ingredients.
To have a right to do a thing is not at all the same as to be right in doing it.
Go through your phone book, call people and ask them to drive you to the airport. The ones who will drive you are your true friends. The rest aren’t bad people; they’re just acquaintances.
If you want to be respected, you must respect yourself.
Writing gives you the illusion of control, and then you realize it’s just an illusion, that people are going to bring their own stuff into it.
There is surely a piece of divinity in us, something that was before the elements, and owes no homage unto the sun.
What other dungeon is so dark as one’s own heart! What jailer so inexorable as one’s self!
A man without ambition is dead. A man with ambition but no love is dead. A man with ambition and love for his blessings here on earth is ever so alive. Having been alive, it won’t be so hard in the end to lie down and rest.
Not everything that can be counted counts, and not everything that counts can be counted.
He who is not very strong in memory should not meddle with lying.
Equal opportunity means everyone will have a fair chance at being incompetent.
We think in generalities, but we live in detail.
We think in generalities, but we live in detail.
Read over your compositions, and wherever you meet with a passage which you think is particularly fine, strike it out.
Keep cool and you command everybody.
The trick is to make sure you don’t die waiting for prosperity to come.
There is no stigma attached to recognizing a bad decision in time to install a better one.
It is easier to exclude harmful passions than to rule them, and to deny them admittance than to control them after they have been admitted.
I never know how much of what I say is true.
Love is, above all else, the gift of oneself.
还真行,但是不知道注册表内还有没有残留的东东。谢谢啦