瑞星卡卡安全论坛

反复杀还有，系统还原不行！！

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; MAXTHON 2.0)

附件: SREngLOG.log

用SRENG删除
注册表中
    <kcien32><kcien32.exe>  []
  <MagicPanel><D:\Program Files\MagicPanel\MagicPanel.exe SetTmpOffset>  [File is missing]
<{DC3D30AE-0380-4151-8934-EE98A34B0370}><C:\WINDOWS\system32\mfdesy.dll>  [File is missing]
    <{00230023-0023-0023-0023-00230023BB15}><C:\WINDOWS\system32\rasdlgcq.dll>  [File is missing]
    <{E8A3B193-77E3-4FB3-986D-F4FA4828BAFC}><C:\WINDOWS\system32\wklsdd.dll>  [File is missing]
    <{5E907A48-400E-4EA8-9792-FFAE052D59E9}><C:\WINDOWS\system32\pedadt.dll>  [File is missing]
    <{4D698451-2015-6358-9871-2015987452D4}><C:\WINDOWS\system32\apzhdtde.dll>  [File is missing]
    <{00030003-0003-0003-0003-00030003BB15}><C:\WINDOWS\system32\bootvidgj.dll>  [File is missing]
    <{00050005-0005-0005-0005-00050005BB15}><C:\WINDOWS\system32\cliconfgzx.dll>  [File is missing]
    <{8A041F13-A111-12A3-B0CF-F99818AA68A8}><C:\WINDOWS\system32\zxmsewin.dll>  [File is missing]
    <{C629FF4F-ACDB-5C90-A098-FACB3456A26C}><C:\WINDOWS\system32\hdf453d1.dll>  [File is missing]
    <{189F087F-4378-405F-85FA-37D955AD7A8C}><C:\WINDOWS\system32\mtewdh.dll>  [File is missing]
    <{97FD640A-158F-48AC-FD14-1597F14A9779}><C:\WINDOWS\system32\mndsisrv.dll>  [File is missing]
    <{C0595A7E-2E2F-4B34-A83A-019270A0A464}><C:\WINDOWS\system32\tdffdl.dll>  [File is missing]
    <{8FD45A54-9875-698F-E56E-65102358FDF8}><C:\WINDOWS\system32\apsghjba.dll>  [File is missing]
    <{A1954FAC-1023-154F-895A-1458258AD81A}><C:\WINDOWS\system32\ypdjhbmp.dll>  [File is missing]
    <{00120012-0012-0012-0012-00120012BB15}><C:\WINDOWS\system32\kbdswjr.dll>  [File is missing]
    <{00170017-0017-0017-0017-00170017BB15}><C:\WINDOWS\system32\msobjstl.dll>  [File is missing]
    <{55694105-5108-9405-3695-954187462155}><C:\WINDOWS\system32\mpwdeapi.dll>  [File is missing]
    <{57AC9076-C898-B098-D098-A18319080975}><C:\WINDOWS\system32\nhmxejkl.dll>  [File is missing]
    <{74381DEC-D78B-43E4-BA5D-5244F669EBE4}><C:\Program Files\Internet Explorer\PLUGINS\UnixSys08.Sys>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <rasdlgcq.dll><C:\WINDOWS\system32\rasdlgcq.dll>  [File is missing]
    <bootvidgj.dll><C:\WINDOWS\system32\bootvidgj.dll>  [File is missing]
    <cliconfgzx.dll><C:\WINDOWS\system32\cliconfgzx.dll>  [File is missing]
    <kbdswjr.dll><C:\WINDOWS\system32\kbdswjr.dll>  [File is missing]
    <msobjstl.dll><C:\WINDOWS\system32\msobjstl.dll>  [File is missing]
删除浏览器加载
[]
  {74381DEC-D78B-43E4-BA5D-5244F669EBE4} <C:\Program Files\Internet Explorer\PLUGINS\UnixSys08.Sys, N/A>


修复文件关联~~

更新杀软全盘杀毒~

PS：
SRENG的使用方法可以看：http://bbs.ikaka.com/showtopic-8442813.aspx(注意，删除服务和驱动最后一个对话框选择“否”）

(注意，删除服务和驱动最后一个对话框选择“否”）

没有选择“否”怎么办啊？？？:default2:

按以上办法弄了，从新上传日志，帮忙看下还有问题没有？？

附件: SREngLOG.log

就这些残余的了
启动项目
注册表
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctorMain.exe]
    <IFEO[QQDoctorMain.exe]><TASKMAN.EXE>  [(Verified)Microsoft Windows Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SelfUpdate.exe]
    <IFEO[SelfUpdate.exe]><TASKMAN.EXE>  [(Verified)Microsoft Windows Publisher]

==================================
服务
[Remote IPRIP Service / Iprip][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\liprip.dll><N/A>

[Security Control / seictrl][Stopped/Auto Start]
  <c:\windows\system32\rundll32.exe dbi100.dll,scan><Microsoft Corporation>