用sreng
删除启动项目=>注册表
<SystemCheck><%SystemRoot%\system32\syschk.exe> []
<load><D:\WINDOWS\system32\Administrator.vbs> []
<schedl><D:\WINDOWS\Help\schedl.exe> []
<dllhost><D:\WINDOWS\smss.exe> [File is missing]
<zy_df><D:\WINDOWS\system\zydle080701.exe> []
<cchh><rundll32.exe D:\WINDOWS\system32\mywcc080624.dll bgdll> [File is missing]
<ccnhh><rundll32.exe D:\WINDOWS\system32\mywcc080629.dll bgdll> [File is missing]
删除启动项目=>服务=>驱动
[ozddzm2e2c / ozddzm2e2c][Stopped/Boot Start]
<\SystemRoot\system32\drivers\ozddzm2e2c.sys><N/A>
删除系统修复=>浏览器加载项
[]
{0A71FCEB-0184-4347-A345-539CF9F38F6A} <D:\WINDOWS\system32\speajcbmem.dll, Microsoft Inc.>
[]
{28C291DE-8EF2-4E53-ADF2-E410F3C966A3} <D:\WINDOWS\system32\shwstbfmyd.dll, Microsoft Inc.>
[]
{A3975604-5AB7-41DE-B14A-E97E2AB9725E} <D:\WINDOWS\system32\mtnuekshakjny.dll, Microsoft Inc.>
[]
{A7BE9548-E942-44B0-8EB2-B4D52A8158D7} <D:\WINDOWS\system32\mlkwqncltd.dll, Nicrosoft Inc.>
[]
{E5ADFAFA-8542-4BBD-BC1C-B295E63CA728} <D:\WINDOWS\system32\hlagjmgrqp.dll, Microsoft Inc.>
[]
{0A71FCEB-0184-4347-A345-539CF9F38F6A} <D:\WINDOWS\system32\speajcbmem.dll, Microsoft Inc.>
[]
{28C291DE-8EF2-4E53-ADF2-E410F3C966A3} <D:\WINDOWS\system32\shwstbfmyd.dll, Microsoft Inc.>
重启,进入安全模式
删除文件
D:\WINDOWS\system32\syschk.exe
D:\WINDOWS\system32\Administrator.vbs
D:\WINDOWS\Help\schedl.exe
D:\WINDOWS\smss.exe
D:\WINDOWS\system\zydle080701.exe
D:\WINDOWS\system32\drivers\ozddzm2e2c.sys
D:\WINDOWS\system32\speajcbmem.dll
D:\WINDOWS\system32\shwstbfmyd.dll
D:\WINDOWS\system32\mtnuekshakjny.dll
D:\WINDOWS\system32\mlkwqncltd.dll
D:\WINDOWS\system32\hlagjmgrqp.dll
D:\WINDOWS\system32\speajcbmem.dll
D:\WINDOWS\system32\shwstbfmyd.dll
D:\WINDOWS\system\zydld32080628jt.dll
D:\WINDOWS\system\zydld32080701jt.dll
D:\WINDOWS\system32\mywcc080629.dll
C:\Autorun.inf
D:\Autorun.inf
E:\Autorun.inf
F:\Autorun.inf
c:\Administrator.vbs
D:\Administrator.vbs
E:\Administrator.vbs
F:\Administrator.vbs
sreng-系统修复-修复文件关联
