瑞星卡卡安全论坛

附SRENGLOG

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)

附件: SREngLOG.log

用附件的XDELBOX删除文件
C:\WINDOWS\system32\bbrqwemh.dll
C:\WINDOWS\system32\hscuewll.dll
C:\WINDOWS\system32\lgykihje.dll
C:\WINDOWS\system32\opnnnnMc.dll
C:\WINDOWS\system32\__c00478A7.dat
C:\WINDOWS\system32\__c005A010.dat
C:\WINDOWS\system32\__c005A349.dat
C:\WINDOWS\system32\__c005C564.dat
C:\Documents and Settings\All Users\Application Data\ylmvifih\kbaxsvwb.exe
C:\WINDOWS\Installer\{30676f3c-8757-4e67-8378-0351e31ee54c}\zip.dll
C:\WINDOWS\Resources\RomBoot.dll
C:\WINDOWS\omlbpkaw.dll
C:\WINDOWS\pmsoarbf.dll
选择重起删除

删除以后用SRENG删除

注册表中
    <iqmbquep><C:\WINDOWS\system32\gvglmdyf.exe>  []
    <PCDrProfiler><>  [N/A]
<BXNGA711rY><C:\Documents and Settings\All Users\Application Data\ylmvifih\kbaxsvwb.exe>  []
    <RomBoot><C:\WINDOWS\Resources\RomBoot.dll>  []
    <zip><C:\WINDOWS\Installer\{30676f3c-8757-4e67-8378-0351e31ee54c}\zip.dll>  []
    <omlbpkaw><C:\WINDOWS\omlbpkaw.dll>  [File is missing]
    <pmsoarbf><C:\WINDOWS\pmsoarbf.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00478A7]
    <WinlogonNotify: __c00478A7><__c00478A7.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c005A010]
    <WinlogonNotify: __c005A010><__c005A010.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c005A349]
    <WinlogonNotify: __c005A349><__c005A349.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c005C564]
    <WinlogonNotify: __c005C564><__c005C564.dat>  []
    <IFEO[Your Image File Name Here without a path]><ntsd -d>  [N/A]

删除浏览器加载项
[]
  {3033CA2C-411B-4C43-B846-ED082BC12574} <C:\WINDOWS\system32\opnnnnMc.dll, N/A>







如果有你认识的自己安装的程序，请不要删除

附件: xdelboxnN.rar