看来你已经杀过一次毒了
开始操作之前,先把网络断开;
———————————————————————————————————————
.建议使用XDelBox(Xdelbox解压后运行)删除以下文件:(
http://bbs.ikaka.com/attachment.aspx?attachmentid=462487)
使用说明:(先勾选抑制再生)删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择从剪贴板导入不检查路径,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等)。
C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll
C:\Program Files\Internet Explorer\D9.dll
d:\program files\tencent\qq\usp10.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~10171d9.tmp
———————————————————————————————————————
———————————————————————————————————————
从下面项可看出系统文件可能已被病毒修改:
C:\WINDOWS\system32\userinit.exe
见附件———————————————————————————————————————
打开SREng,选择【启动项目】-【注册表】,将以下项删除:
<{69B265A2-A172-4D27-BDF1-917E6D8B1DCC}><C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon> [File is missing]
<{E3531A16-FFEA-416F-82DF-32FEDE02EABF}><C:\WINDOWS\system32\emHnPuBAaF7XjuXBbdxSg.dll> [File is missing]
<{AB900155-F1F0-4165-9E73-67BC13BBCE89}><C:\WINDOWS\system32\xg4hAPNygs29.dll> [File is missing]
<{427E02E6-39DB-4424-A49C-7553CD1331F5}><C:\WINDOWS\system32\WcCtgJ4zcxHF.dll> [File is missing]
<{407C7A80-4656-4C4A-81C6-DFFB8009B80F}><C:\WINDOWS\system32\MV3ArsBMAPjxBcRuu.dll> [File is missing]
<{108DA6C0-CFBF-41D4-9A09-C4D06AE6FFD2}><C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll> [File is missing]
<{D6129F8A-6F6E-41D7-BBC9-AC7426759CED}><C:\WINDOWS\system32\w7uds3zyayg9.dll> [File is missing]
<{A761BE8E-C15A-4DDD-A777-2C683E9E96C8}><C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll> [File is missing]
<{76B9BA7A-81D0-4979-8598-8471F2AB5186}><C:\WINDOWS\system32\76B9BA7A.dll> [File is missing]
<{B8898C49-7B3A-4306-A9EF-8E186EDEE5EA}><C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll> [File is missing]
<{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}><C:\WINDOWS\system32\122B901E.dll> [File is missing]
<{762D618C-E2CB-4217-8275-03302A93073F}><C:\WINDOWS\fonts\zEfE48cw9EmcFaR.fon> [File is missing]
<{704C3595-DB85-40F6-A601-8D6F346907BD}><C:\WINDOWS\system32\704C3595.dll> [File is missing]
<{E762D574-B60E-4160-B417-4788469ECB3E}><C:\WINDOWS\system32\ZZZCz7d8yS9vy.dll> [File is missing]
<{76CBCF38-0583-44C7-A1AE-D463DFE625EC}><C:\WINDOWS\system32\skcfujQ5EDN.dll> [File is missing]
<{8708994F-1758-4C2C-9A3F-FA22D6CCCB41}><C:\WINDOWS\fonts\A97CRaCB.fon> [File is missing]
<{5405A7B2-F3F5-446F-8715-2A4EF674E079}><C:\WINDOWS\system32\rfpz9wwyy2np.dll> [File is missing]
<{44145A62-C003-4C0E-ADDE-4AB37A7FD38B}><C:\Program Files\Internet Explorer\D9.dll> []
<Userinit><C:\WINDOWS\system32\userinit.exe,> []
———————————————————————————————————————
打开SREng,选择【启动项目】-【服务】-【驱动程序】,将以下项删除:
[zx / zx][Stopped/Manual Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~10171d9.tmp><N/A>
——————————————————————————————————
打开SREng,选择【启动项目】-【计划任务】,将以下项删除:
GoogleUpdateTaskUserS-1-5-21-515967899-839522115-1343024091-500Core.job
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
使用“Windows清理助手”清理一下;
W i n d o w s 清理助手 下载:
http://www.arswp.com/———————————————————————————————————————
