desktoplayer.exe病毒及d:\w7rtm\base\wcp\sil\merged\ntu\ntsystem.cpp的解決方案

1 前言

該病毒，使用360普通殺毒殺不出來，而且會伴隨以下問題：

a.電腦藍屏問題[多圖]

 

 

 

 

 

 

b.fsc/scannow CbS.log d:\w7rtm\base\wcp\sil\merged\ntu\ntsystem.cpp

 

CBS.log

POQ 47 ends.

2019-11-12 14:50:48, Info CSI 000000e6 [SR] Verify complete

2019-11-12 14:50:48, Info CSI 000000e7 [SR] Verifying 100 (0x0000000000000064) components

2019-11-12 14:50:48, Info CSI 000000e8 [SR] Beginning Verify and Repair transaction

2019-11-12 14:50:48, Error CSI 000000e9 (F) STATUS_OBJECT_NAME_NOT_FOUND #4549741# from Windows::Rtl::SystemImplementation::DirectFileSystemProvider::SysCreateFile(flags = (AllowSharingViolation), handle = {provider=NULL, handle=0}, da = (SYNCHRONIZE|FILE_READ_ATTRIBUTES), oa = @0x238c7e0->OBJECT_ATTRIBUTES {s:48; rd:NULL; on:[105]"\??\C:\Windows\WinSxS\amd64_atiilhag.inf.resources_31bf3856ad364e35_6.1.7600.16385_zh-cn_07d1a0ddfebc8ffd"; a:(OBJ_CASE_INSENSITIVE)}, iosb = @0x238c7c0, as = (null), fa = 0, sa = (FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE), cd = FILE_OPEN, co = (FILE_SYNCHRONOUS_IO_NONALERT|0x00004000), eab = NULL, eal = 0, disp = Invalid)

[gle=0xd0000034]

2019-11-12 14:50:48, Error CSI 000000ea@2019/11/12:06:50:48.749 (F) d:\w7rtm\base\wcp\sil\merged\ntu\ntsystem.cpp(2057): Error STATUS_OBJECT_NAME_NOT_FOUND originated in function Windows::Rtl::SystemImplementation::DirectFileSystemProvider::SysCreateFile expression: (null)

[gle=0x80004005]

2019-11-12 14:50:48, Error CSI 000000eb (F) STATUS_OBJECT_NAME_NOT_FOUND #4549740# from Windows::Rtl::SystemImplementation::CDirectory::OpenExistingDirectory(...)[gle=0xd0000034]

2019-11-12 14:50:48, Error CSI 000000ec (F) STATUS_OBJECT_NAME_NOT_FOUND #4549739# from Windows::Rtl::SystemImplementation::CDirectory_IRtlDirectoryTearoff::OpenExistingDirectory(flags = 0, da = (SYNCHRONIZE), oa = @0x238d0d8->SIL_OBJECT_ATTRIBUTES {s:40; on:"amd64_atiilhag.inf.resources_31bf3856ad364e35_6.1.7600.16385_zh-cn_07d1a0ddfebc8ffd"; a:(OBJ_CASE_INSENSITIVE)}, sa = (FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE), oo = (FILE_DIRECTORY_FILE|FILE_SYNCHRONOUS_IO_NONALERT|FILE_OPEN_FOR_BACKUP_INTENT), dir = NULL, disp = Invalid)

[gle=0xd0000034]

 

2 解決方案

2.1 解決1.a的問題

使用360系統急救箱中強力模式

 

2.2 解決1.b問題

//使用第一條命令

DISM.exe /Online /Cleanup-image /Scanhealth

DISM.exe /Online /Cleanup-image /Restorehealth[4]

 

重新掃描結果如下：

　

3  參考資料

1.https://bbs.kafan.cn/thread-1608705-1-1.html

2.https://zhidao.baidu.com/question/2057069465664257947.html（Ramnit感染型蠕蟲病毒專殺工具，由賽門鐵克安全中心發布）

3.360系統急救箱（采用有效清除）

4.dism RestoreHealth 和 CheckHealth選項時提示錯誤：87