病毒名称
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
Trojan.Clicker.Win32.PopHot.dth
Trojan.Win32.Undef.ftq
Trojan.Win32.Undef.enq
AdWare.Win32.Cpush.ah
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
RootKit.Win32.Mie.d
RootKit.Win32.Mie.d
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
RootKit.Win32.Mont.a
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
Trojan.Clicker.Win32.PopHot.dth
Trojan.Clicker.Win32.PopHot.dth
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mont.a
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
RootKit.Win32.Mie.d
Trojan.Clicker.Win32.PopHot.dth
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
Trojan.Clicker.Win32.PopHot.dth
Trojan.Win32.Undef.ftq
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
Trojan.Win32.Undef.ftq
RootKit.Win32.Mie.d
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
Backdoor.Win32.Gpigeon2007.mou
Backdoor.Win32.Gpigeon2007.mou
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
Trojan.Clicker.Win32.PopHot.dth
Trojan.Win32.Undef.ftq
Trojan.Win32.Undef.enq
AdWare.Win32.Cpush.ah
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
RootKit.Win32.Mie.d
RootKit.Win32.Mie.d
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
RootKit.Win32.Mont.a
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
Trojan.Clicker.Win32.PopHot.dth
Trojan.Clicker.Win32.PopHot.dth
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mont.a
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Mnless.ax
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
RootKit.Win32.Mie.d
Trojan.Clicker.Win32.PopHot.dth
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
Trojan.Clicker.Win32.PopHot.dth
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Mnless.ax
Trojan.Win32.Undef.ftq
Trojan.Win32.Undef.ftq
RootKit.Win32.Mie.d
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
Backdoor.Win32.Gpigeon2007.mou
Backdoor.Win32.Gpigeon2007.mou
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
Trojan.Clicker.Win32.PopHot.dth
Trojan.Win32.Undef.ftq
Trojan.Win32.Undef.enq
AdWare.Win32.Cpush.ah
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
RootKit.Win32.Mie.d
RootKit.Win32.Mie.d
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
RootKit.Win32.Mont.a
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
Trojan.Clicker.Win32.PopHot.dth
Trojan.Clicker.Win32.PopHot.dth
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mont.a
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
RootKit.Win32.Mie.d
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
RootKit.Win32.Mie.d
Trojan.Clicker.Win32.PopHot.dth
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
AdWare.Win32.Stdup.w
Trojan.Win32.Undef.fdv
Trojan.Clicker.Win32.PopHot.dth
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a
Trojan.Win32.Undef.ftq
Trojan.Win32.Undef.ftq
Trojan.Win32.Undef.ftq
RootKit.Win32.Mie.d
AdWare.Win32.Cinmus.cgg
RootKit.Win32.Mie.a

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)

扫SRENG日志 发 论坛来
http://www.kztechs.com/sreng/download.html
下载System Repair Engineer
1 解压缩sreng2.zip（建议解压到系统Windows文件夹里）
2 运行SREng.exe  ((将SREng.exe改名为123.com运行))
3 智能扫描=》扫描=》保存报告
4 把报告保存后，直接将日志文件以附件的形式 发 论坛来。
一定以附件形式发这论坛来。
点击我这贴右下角的“引用”然后就应该知道怎么发了。

养狮子呢啊。这么多还能运行的起来真强。电脑

用工具删除掉下面的文件，然后在安全模式下用卡卡修复IE和浏览器插件，在看看劫持情况。都修复了以后在近系统。我觉得就应该差不多了，在用最新的瑞星查下毒。

使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择从剪贴板导入，导入后在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质（包括U盘，MP3，手机存储卡等）。
用XDELBOX 删除下面的文件。
如果瑞星已经最新版，并且对下面的无法查杀。打包上传
c:\windows\system32\bjrvm.dll
c:\windows\system32\cdxbfxdb.dll
c:\windows\system32\dscef.dll
c:\windows\system32\ethsh.dll
c:\windows\system32\fjyjy.dll
c:\windows\system32\fxgnfx.dll
c:\windows\system32\gjjte.dll
c:\windows\system32\jzijj.dll
c:\program files\internet explorer\plugins\nt_sys32.sys
c:\windows\system32\mpmycapi.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\oohxbbyt.dll
c:\windows\system32\ypcqbhlp.dll
c:\windows\system32\ypdjdbmp.dll
c:\windows\system32\yxcsbhlp.dll
c:\windows\system32\yzztdmsn.dll
c:\windows\system32\zjydcx.dll
c:\windows\system32\zptlbsys.dll
c:\windows\system32\zxmsawin.dll
c:\windows\system32\zxptdjpg.dll
c:\windows\system32\zycbbime.dll
c:\windows\zssnp211.exe
c:\windows\system32\jwlah.dll
c:\windows\system32\mpwdbapi.dll
c:\windows\system32\梦幻水~1.scr
c:\windows\system32\dqwhxwhx1029.dll
c:\windows\system32\dqbaibai1067.dll
c:\windows\system32\dqdabdab1071.dll
c:\windows\system32\ttcbdcbd1049.dll
c:\windows\system32\dqdxydxy1006.dll
c:\windows\system32\aywhxwhx1010.dll
c:\windows\system32\dqbaibai1063.dll
c:\windows\system32\dqdabdab1067.dll
c:\windows\system32\mndhbdwd.dll
c:\windows\system32\ptjhchlp.dll
c:\windows\system32\mpwdaapi.dll
ghjdtry.dll,dgxsrr.dll,fdght.dll,rgghjj.dll,sefawe.dll,frntrn.dll,qrhhb.dll,drghszd.dll,fngn.dll,gjjte.dll,xgnfn.dll,xfgnhcgfm.dll,serger.dll,bnxnb.dll,fxgnfx.dll,jzijj.dll,xfgnfx.dll,serghjm.dll,thsddh.dll,xbcvxb.dll,zfdzb.dll,xdndn.dll,xdfntt.dll,hgfhk.dll,dnteh.dll,xfng.dll,njritc.dll,chmfcmh.dll,jwlah.dll,gmnait.dll,hfjg.dll,thurh.dll,mgmgmm.dll,oqrthc.dll,hktrre.dll,jyjlt.dll,ijatnaw.dll,sehhter.dll,fhjfg.dll,zdbdb.dll,ydgn.dll,dbfb.dll,fjnbv.dll,fghshj.dll,setrhes.dll,cdxbfxdb.dll,xfgnxfn.dll,gjkhj.dll,xdhdg.dll,rhs.dll,mrjhtjd.dll,zdbfbd.dll,fjyjy.dll,fxnfnh.dll,bjrvm.dll,ektvm.dll,rdthr.dll,rgfjj.dll,dscef.dll,crugd.dll,lariytrz.dll,hjaiq.dll,kduy.dll,hkfgh.dll,awef.dll,dfhsh.dll,ethsh.dll,stehs.dll,sthth.dll,wfhyt.dll,sperls.dll,
c:\windows\system32\msnlive.exe
c:\windows\domino.exe
c:\boot\yxyeah\scvhost.exe
c:\windows\system32\svchost.exe -k netsvcs-->%systemroot%\system32\hidserv.dll
c:\windows\system32\boboturbo\boboturbo.exe

2.删除重启后使用SREng修复下面各项：

    启动项目 －－ 注册表之如下项删除：
[SCRNSAVE.EXE]    <C:\WINDOWS\system32\梦幻水~1.SCR>
[{674bbd87-85d0-4144-849d-6c6d3b76cdec}]    <C:\WINDOWS\system32\dqWHXWHX1029.dll>
[{3c0a13c5-4df0-4430-9718-bf99ff81334a}]    <C:\WINDOWS\system32\dqBAIBAI1067.dll>
[{86ba2ef4-3501-47cf-a71d-8759997a44d0}]    <C:\WINDOWS\system32\dqDABDAB1071.dll>
[{25694105-5108-9405-3695-954187462152}]    <C:\WINDOWS\system32\mpwdbapi.dll>
[{ba2e3580-64db-4d59-85ad-7a6415485954}]    <C:\WINDOWS\system32\ttCBDCBD1049.dll>
[{bf56f015-2762-4119-8559-af6b3a0f41bc}]    <C:\WINDOWS\system32\dqDXYDXY1006.dll>
[{613249e5-bc12-4ecf-89cf-81ba3068f585}]    <C:\WINDOWS\system32\ayWHXWHX1010.dll>
[{45AADFAA-DD36-42AB-83AD-0521BBF58C24}]    <C:\WINDOWS\system32\zjydcx.dll>
[{40940F85-F015-14F1-A05F-F69858AC6D04}]    <C:\WINDOWS\system32\zptlbsys.dll>
[{3B1AEF69-DDAE-FDAD-DCAB-698F026ABDB3}]    <C:\WINDOWS\system32\oohxbbyt.dll>
[{25671234-7890-ABCD-CDEF-567801237652}]    <C:\WINDOWS\system32\yxcsbhlp.dll>
[{2A698102-5904-AFD0-20DF-CD1A65829CA2}]    <C:\WINDOWS\system32\zycbbime.dll>
[{8acaf49b-40ee-4714-b0e4-d8039d5a0122}]    <C:\WINDOWS\system32\dqBAIBAI1063.dll>
[{61954FAC-1023-154F-895A-1458258AD816}]    <C:\WINDOWS\system32\ypdjdbmp.dll>
[{1a8c0ef1-2e46-407d-b3f9-343fec736b6c}]    <C:\WINDOWS\system32\dqDABDAB1067.dll>
[{81698482-6555-3666-1222-954784129018}]    <C:\WINDOWS\system32\zxptdjpg.dll>
[{2C648541-1025-9650-9057-6541258720C2}]    <C:\WINDOWS\system32\mndhbdwd.dll>
[{328DF602-9541-A985-210A-984A698C6F23}]    <C:\WINDOWS\system32\ptjhchlp.dll>
[{4490415F-65F8-B5C5-D8BA-9405FB120544}]    <C:\WINDOWS\system32\yzztdmsn.dll>
[{30AF1289-F140-A140-D012-C1458759FC03}]    <C:\WINDOWS\system32\ypcqbhlp.dll>
[{15694105-5108-9405-3695-954187462151}]    <C:\WINDOWS\system32\mpwdaapi.dll>
[{15694105-5108-9405-3695-954187462151}]    <C:\WINDOWS\system32\mpwdaapi.dll>
[{3629FF4F-ACDB-5C90-A098-FACB3456A263}]    <C:\WINDOWS\system32\mpmycapi.dll>
[{398C9B84-4EF7-47B5-9862-DE29543B3C42}]    <C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys>
[{4A041F13-A111-12A3-B0CF-F99818AA68A4}]    <C:\WINDOWS\system32\zxmsawin.dll>
注意该项[AppInit_DLLs]修改：把<ghjdtry.dll,dgxsrr.dll,fdght.dll,rgghjj.dll,sefawe.dll,frntrn.dll,qrhhb.dll,drghszd.dll,fngn.dll,gjjte.dll,xgnfn.dll,xfgnhcgfm.dll,serger.dll,bnxnb.dll,fxgnfx.dll,jzijj.dll,xfgnfx.dll,serghjm.dll,thsddh.dll,xbcvxb.dll,zfdzb.dll,xdndn.dll,xdfntt.dll,hgfhk.dll,dnteh.dll,xfng.dll,njritc.dll,chmfcmh.dll,jwlah.dll,gmnait.dll,hfjg.dll,thurh.dll,mgmgmm.dll,oqrthc.dll,hktrre.dll,jyjlt.dll,ijatnaw.dll,sehhter.dll,fhjfg.dll,zdbdb.dll,ydgn.dll,dbfb.dll,fjnbv.dll,fghshj.dll,setrhes.dll,cdxbfxdb.dll,xfgnxfn.dll,gjkhj.dll,xdhdg.dll,rhs.dll,mrjhtjd.dll,zdbfbd.dll,fjyjy.dll,fxnfnh.dll,bjrvm.dll,ektvm.dll,rdthr.dll,rgfjj.dll,dscef.dll,crugd.dll,lariytrz.dll,hjaiq.dll,kduy.dll,hkfgh.dll,awef.dll,dfhsh.dll,ethsh.dll,stehs.dll,sthth.dll,wfhyt.dll,sperls.dll,>修改为<>即清空
[wscripte]    <C:\WINDOWS\system32\msnlive.exe>
[Domino]    <C:\WINDOWS\Domino.exe>
[ZSSnp211]    <C:\WINDOWS\ZSSnp211.exe>

    启动项目 －－ 服务 －－ Win32服务应用程序之如下项禁用：
[Volume Shadow Copyreyx080317 / SCopyreyx080317]    <c:\boot\yxyeah\scvhost.exe>
[Human Intexxxce Device Access / HidServ]    <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll>
[BoBoTurbo / BoBoTurbo]    <C:\WINDOWS\system32\BoBoTurbo\BoBoTurbo.exe>

    系统修复－－　浏览器加载项之如下项删除：
[]    <C:\WINDOWS\system32\zxptdjpg.dll>
[]    <C:\WINDOWS\system32\ypdjdbmp.dll>
[]    <C:\WINDOWS\system32\zxmsawin.dll>
[]    <C:\WINDOWS\system32\yzztdmsn.dll>
[]    <C:\WINDOWS\system32\zptlbsys.dll>
[]    <C:\WINDOWS\system32\oohxbbyt.dll>
[]    <C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys>
[]    <C:\WINDOWS\system32\mpmycapi.dll>
[]    <C:\WINDOWS\system32\ptjhchlp.dll>
[]    <C:\WINDOWS\system32\ypcqbhlp.dll>
[]    <C:\WINDOWS\system32\mndhbdwd.dll>
[]    <C:\WINDOWS\system32\zycbbime.dll>
[]    <C:\WINDOWS\system32\mpwdbapi.dll>
[]    <C:\WINDOWS\system32\yxcsbhlp.dll>
[]    <C:\WINDOWS\system32\mpwdaapi.dll>
[]    <C:\WINDOWS\system32\mpmycapi.dll>
[]    <C:\WINDOWS\system32\ptjhchlp.dll>
[]    <C:\WINDOWS\system32\ypcqbhlp.dll>
[]    <C:\WINDOWS\system32\mndhbdwd.dll>
[]    <C:\WINDOWS\system32\zycbbime.dll>
[]    <C:\WINDOWS\system32\mpwdbapi.dll>
[]    <C:\WINDOWS\system32\yxcsbhlp.dll>
[]    <C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys>

xxxxxxxxxxxx**以上分析报告由SREngLog分析助手提供xxxxxxxxxxxxxxxxxx

自动清理方案操作步骤：

1。下载通用病毒杀灭机正式版(点击下载)，请先参考软件帮助说明。

2。复制符号区域的修复指令或者下载附件中的修复指令文件*.dat 。

  ========指令正文，复制以下内容========

[复制到剪贴板]

CODE:

复制指令区

========指令结束，复制以上内容========

3。打开通用病毒杀灭机（打不开的建议改名，如abc.exe，abc.bat等），复制修复指令者使用剪贴板导入；下载修复指令文件的使用文件导入
    重启即可删除病毒，并帮助你删除自启动项和禁用服务。

（注：第一次重启有时候会弹出文件夹，那是由于自启动项目还没有删除，而文件已经被XDELBOX删除并用文件夹替代的结果）