| 引用: |
【酒醉的小强的贴子】郁闷,电脑中病毒了~刚才不小心打开了一个垃圾网站,中招了~
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
……………… |
1、用XDELBOX删除下列启动项指向的程序以及C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\文件夹中的所有程序:
启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><msosmhfp00.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{8C41B7F7-3168-400D-A702-0E7EFE0BA304}><C:\WINDOWS\system32\sgrefg.dll> []
<{DC3D30AE-0380-4151-8934-EE98A34B0370}><C:\WINDOWS\system32\mfdesy.dll> []
<{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><C:\WINDOWS\system32\zjydcx.dll> []
<{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}><C:\WINDOWS\system32\hhrdxd.dll> []
<{1DB3C525-5271-46F7-887A-D4E1ADAA7632}><C:\WINDOWS\system32\hfrdzx.dll> []
<{e88e8138-6883-404b-b55c-afe1924d44f4}><C:\WINDOWS\system32\fTQQTQQ1004.dll> []
<{521ad5c7-aa70-46f7-9bfb-8a2d67a3edfa}><C:\WINDOWS\system32\fSABSAB1014.dll> []
<{7bc1b6b2-c9cf-419f-942b-37dd6d5cbdba}><C:\WINDOWS\system32\QABQAB1016.dll> []
<{CAED0F3B-DF8B-4DBF-BB20-8DFBC3199068}><C:\WINDOWS\system32\jhrcar.dll> []
启动文件夹
[AtiSrv]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AtiSrv.exe --> [N/A]><N>
驱动程序
[Sc Manager / Sc Manager][Running/Manual Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\usbcams3.sys><N/A>
[iCafe Manager / iCafe Manager][Running/Manual Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\usbhcid.sys><N/A>
[mhfp / mhfp][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp25.tmp><N/A>
[fpids32 / fpids32][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\msosfpids32.sys><N/A>
2、重启后,用SRENG删除上述注册表内容。
