也是受木马群影响,系统破坏严重了
————————————————————————————————————
在扫日志的SRENG工具》启动项目》注册表》里面找下面项目删除:
启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll,kmon.dll> [File is missing]
<{69B265A2-A172-4D27-BDF1-917E6D8B1DCC}><C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon> [File is missing]
<{762D618C-E2CB-4217-8275-03302A93073F}><C:\WINDOWS\fonts\zEfE48cw9EmcFaR.fon> [File is missing]
<{AB900155-F1F0-4165-9E73-67BC13BBCE89}><C:\WINDOWS\system32\xg4hAPNygs29.dll> [File is missing]
<{9726072A-8039-4958-B609-565CF7A16B38}><C:\WINDOWS\system32\JPccCJnKygDdp3.dll> [File is missing]
<{A0C86020-5935-4B87-B20E-0B656D450264}><C:\WINDOWS\system32\A0C86020.dll> [File is missing]
<{4F5EEDE5-1687-49D2-8A17-FF0B454FB37B}><C:\WINDOWS\system32\qzp3jTZCSfSh.dll> [File is missing]
<{37C5D66A-8B1B-4545-8112-3751194F6A4A}><C:\WINDOWS\system32\taNjsFa2tT2Dh.dll> [File is missing]
<{704C3595-DB85-40F6-A601-8D6F346907BD}><C:\WINDOWS\system32\704C3595.dll> [File is missing]
<{36AC68E6-0C26-4D39-B98E-54B49DAB6BAA}><C:\WINDOWS\system32\dhDhwS7fFW.dll> [File is missing]
<{93DA1E7D-7C46-4F90-8674-EC90511FCA72}><C:\WINDOWS\system32\CDuAUVkGy9.dll> [File is missing]
<{7A6359F5-6882-4FE9-B1CB-3130860BE4F3}><C:\WINDOWS\system32\BbXhGSfTsBbxT83aR.dll> [File is missing]
<{23DA65D2-C696-4EE4-BEE8-B4841DEC3E30}><C:\WINDOWS\system32\ndxq9awMc.dll> [File is missing]
<{CEBB8F8A-308B-43E9-9789-B6FD6BE1BD97}><C:\WINDOWS\system32\v54M9wWBuNGTf2m.dll> [File is missing]
<{0623DE09-E49D-4695-AA24-88BA7B58A395}><C:\WINDOWS\fonts\xPjWNGd8cERq.fon> [File is missing]
<{76B9BA7A-81D0-4979-8598-8471F2AB5186}><C:\WINDOWS\system32\76B9BA7A.dll> [File is missing]
<{38FEFE05-702C-440D-AD5C-B796209A1CC5}><C:\WINDOWS\system32\Y4npJWJNr.dll> [File is missing]
<{A761BE8E-C15A-4DDD-A777-2C683E9E96C8}><C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll> [File is missing]
<{E0528BDA-C850-4F23-93E4-7F907C1EF30E}><C:\WINDOWS\system32\BRv8dETwEzcN.dll> [File is missing]
<{15882A2F-A06D-486E-8958-E84C86CBF273}><C:\WINDOWS\fonts\fyrwJf5Qfhh.fon> [File is missing]
<{CD95107F-52A5-42A4-9914-18949993E798}><C:\WINDOWS\fonts\tY5UFS434YYd.fon> [File is missing]
<{DA112397-5376-4E52-A333-A85284658DEA}><C:\WINDOWS\fonts\NPPVWvYEyCe8H.fon> [File is missing]
<{91F5C9DB-ACD1-4812-BAB9-6F5AE433930A}><C:\WINDOWS\fonts\MbsV2QQJe.fon> [File is missing]
<{76CBCF38-0583-44C7-A1AE-D463DFE625EC}><C:\WINDOWS\system32\skcfujQ5EDN.dll> [File is missing]
<{F8C6B7B5-DAE0-4B78-BF2A-101C9A9CCA27}><C:\WINDOWS\system32\Va7SpUWgCA5f.dll> [File is missing]
<{822775B8-E45B-4E55-9325-0753A0C1DC00}><C:\WINDOWS\system32\wdGSVBqAs3Xk.dll> [File is missing]
<{EA25F4E7-8B67-452A-B9DD-B38C526250D3}><C:\WINDOWS\fonts\Q9UnbAWWNuSv4.fon> [File is missing]
<{0A2D7F10-1153-4061-AA4B-ACB870212B57}><C:\WINDOWS\system32\z5WRXqHagksJxWt.dll> [File is missing]
<{50EBD6A5-0CF6-4E59-AE08-CCD991AA0596}><C:\WINDOWS\system32\GU6f5sW42mdc.dll> [File is missing]
<{C8417122-386F-48C7-8900-C82E4694FEBC}><C:\Documents and Settings\Administrator\Application Data\Spy009.dll> [File is missing]
<IFEO[boot.exe]><C:\WINDOWS\Fonts\fonts.exe> [File is missing]
<IFEO[Thunder5.exe]><svchost.exe> [(Verified)Microsoft Windows Publisher]
————————————————————————————————————
在扫日志的SRENG工具》启动项目》服务》驱动程序》里面找下面项删除,或将启动类型改为“Disabled”
==================================
驱动程序
[jlobso / jlobso][Running/Boot Start]
<\SystemRoot\system32\drivers\zmhwv.sys><N/A>
[oanfm / oanfm][Stopped/Boot Start]
<\SystemRoot\\SystemRoot\System32\drivers\oanfm.sys><N/A>
—————————————————————————————
在扫日志的SRENG工具》系统修复》浏览器加载项》里面找下面删除
==================================
浏览器加载项
[Info cache]
{296AB1C6-FB22-4D17-8834-064E2BA0A6F0} <C:\WINDOWS\AMD\google.dll, N/A>
[Helper Class]
{6E28339B-7A2A-47B6-AEB2-197004272379} <C:\WINDOWS\vchelper.dll, N/A>
[Info cache]
{296AB1C6-FB22-4D17-8834-064E2BA0A6F0} <C:\WINDOWS\AMD\google.dll, N/A>
[Helper Class]
{6E28339B-7A2A-47B6-AEB2-197004272379} <C:\WINDOWS\vchelper.dll, N/A>
SRENG工具的各项操作看这里:
http://bbs.ikaka.com/showtopic-8545446.aspx
