运行SREng2,使用“启动项目”--注册表--删除
C:\Program Files\Common Files\{2A1D0905-02DF-2052-0110-010426010056}\Update.exe
运行(双击)SRENG2,点“启动项目,服务,点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
Computer Storage
Remote Procedure Call System
Remote Route Service
Vsn xwyg Service
,选择“删除服务”
点“设置”选择“否”
运行(双击)SRENG2,点“启动项目,服务,点“驱动程序”
勾选“隐藏微软服务”选中病毒服务
jgjficic
vktfcl7
ntvmof6
,选择“删除服务”
点“设置”选择“否”
运行SREng2,使用“系统修复”--浏览器加载项--删除
[MyLoader Class]
{09BA1AA9-CAD4-4C14-BDE6-922DFF5F6F38} <C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEMDATA\lZdXzdNgid_2002.dll, >
CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[]
{B432D70A-E457-4DBD-823F-B88095FADB54} <C:\WINDOWS\system32\jpzfoiqljhech.dll, N/A>
[Bar888]
{C1B4DEC2-2623-438e-9CA2-C9043AB28508} <C:\PROGRA~1\COMMON~1\{3A1D0~1\Bar888.dll, N/A>
browser Class]
{C86488AF-13D5-4FEF-9DDF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\Office\USERDATA\tx4e5UK9Kp_2002.dll, Microsoft Corporation>
browser Class]
{C86488AF-13D5-4FEF-9DDF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\Office\USERDATA\tx4e5UK9Kp_2002.dll, Microsoft Corporation>
[]
{E9020D2E-DEC9-4EBE-B38D-E1E6AE13D13F} <C:\WINDOWS\system32\vlwmlevpjheuq.dll, N/A>
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
重启按F8进入安全模式下
显示隐藏文件
删除:
C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEMDATA\lZdXzdNgid_2002.dll
C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
C:\WINDOWS\system32\jpzfoiqljhech.dll
C:\PROGRA~1\COMMON~1\{3A1D0~1\Bar888.dll
C:\WINDOWS\system32\vlwmlevpjheuq.dll
C:\PROGRA~1\dcem\hgiq.dll
\SystemRoot\System32\DRIVERS\ntvmof68.sys
\SystemRoot\System32\DRIVERS\vktfcl75.sys
\SystemRoot\system32\drivers\jgjficic.sys
C:\WINDOWS\system32\nwstt.dll
C:\PROGRA~1\dcem\kjlt.dll
C:\WINDOWS\system32\Rpcs11.exe
C:\WINDOWS\SYSTEM32\WBEM\HMPKS.DLL
