| 引用: |
【hyg001的贴子】电脑中毒了,瑞星怎么也杀不干净,高手们帮忙看下吧。谢谢了!
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
……………… |
1、将下列文件名及其路径拷贝到剪贴板。由剪贴板导入XDELBOX“待删除文件列表”。用XDELBOX执行“重启删除”,删除下列文件:
c:\program files\common files\msdtc.exe
C:\Program Files\Internet Explorer\PLUGINS\WinSys8k.Sys
C:\WINDOWS\system32\jhrcar.dll
C:\WINDOWS\system32\hfrdzx.dll
C:\WINDOWS\system32\zjydcx.dll
C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ntuser.com
C:\DOCUME~1\320\LOCALS~1\Temp\tmp58.tmp
2、重启后,用SRENG删除下列注册表内容:
启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<msdtc><c:\program files\common files\msdtc.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{6167F471-EF2B-41DD-A5E5-C26ACDB5C096}><C:\Program Files\Internet Explorer\PLUGINS\WinSys8k.Sys> [N/A]
<{CAED0F3B-DF8B-4DBF-BB20-8DFBC3199068}><C:\WINDOWS\system32\jhrcar.dll> [N/A]
<{1DB3C525-5271-46F7-887A-D4E1ADAA7632}><C:\WINDOWS\system32\hfrdzx.dll> [N/A]
<{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><C:\WINDOWS\system32\zjydcx.dll> [N/A]
启动文件夹
[ntuser]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ntuser.com --> [N/A]><N>
驱动程序
[mxfp / mxfp][Stopped/Auto Start]
<\??\C:\DOCUME~1\320\LOCALS~1\Temp\tmp58.tmp><N/A>
浏览器加载项
[]
{6167F471-EF2B-41DD-A5E5-C26ACDB5C096} <C:\Program Files\Internet Explorer\PLUGINS\WinSys8k.Sys, N/A>