我的电脑感染了病毒——我很确定该rundll32.exe文件及其备份已被替换。
如果我对它的影响的判断是正确的rundll32.exe,那么我能期待什么?没有备份我该如何修复它?我的电脑上预装了 Windows Vista,所以我没有安装盘 -rundll32.exe除了 x86 文件夹内还有其他备份吗?
我怀疑我的 rundll32.exe 的原因是,每当我登录时,该rundll32.exe进程都会尝试打开两个我能够摆脱的病毒。以下是 sfc 扫描详细信息:
2011-05-29 17:15:45, Info CSI 0000013d [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-05-29 17:15:52, Info CSI 0000013f [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-05-29 17:17:21, Info CSI 0000015e [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-05-29 17:17:25, Info CSI 00000160 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-05-29 17:21:07, Info CSI 000001b8 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-05-29 17:21:07, Info CSI 000001ba [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-05-29 17:21:07, Info CSI 000001bc [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-05-29 17:21:07, Info CSI 000001c2 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
答案1
运行系统文件检查器,它将为您替换文件。这适用于 XP、Vista、Windows 7
。
使用系统文件检查器工具 (SFC.exe) 确定导致问题的文件,然后替换该文件。为此,请按照下列步骤操作:
打开提升的命令提示符。为此,请单击“开始”,单击“所有程序”,单击“附件”,右键单击“命令提示符”,然后单击“以管理员身份运行”。如果系统提示您输入管理员密码或进行确认,请键入密码,或单击“允许”。
键入以下命令,然后按 ENTER:
证监会/扫描
sfc /scannow 命令扫描所有受保护的系统文件,并用正确的 Microsoft 版本替换不正确的版本。XP 可能会要求插入 XP 安装 CD。
以下仅适用于 Vista 和 W7
要确定系统文件检查器工具无法修复哪些文件,请执行以下步骤:
打开提升的命令提示符。 键入以下命令,然后按 Enter:
findstr /C:“[SR] 无法修复成员文件” %windir%\logs\cbs\cbs.log >sfcdetails.txt
注意:Sfcdetails.txt 文件包含每次在计算机上运行系统文件检查器工具时的详细信息。该文件包括有关系统文件检查器工具未修复的文件的信息。验证日期和时间条目以确定上次运行系统文件检查器工具时发现的问题文件。
键入以下命令,然后按 ENTER:
编辑 sfcdetails.txt
。
。