删除启动项
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]下注册表项目及对应dll文件
<{021F087F-4378-545F-74FA-37D345AD7A8C}><C:\WINDOWS\system32\mttwfh.dll> [File is missing]
<{841529CB-7F77-4B99-A895-B5441E0D302F}><C:\WINDOWS\system32\jfrwdh.dll> [File is missing]
<{8C41B7F7-3168-400D-A702-0E7EFE0BA304}><> [N/A]
<{A9895933-6636-4281-BC58-EE6DE2AF96E3}><C:\WINDOWS\system32\ddserh.dll> [File is missing]
<{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><> [N/A]
<{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}><> [N/A]
<{E8A3B193-77E3-4FB3-986D-F4FA4828BAFC}><C:\WINDOWS\system32\wklsdd.dll> [File is missing]
<{50A8A8C4-EDC9-4ABD-A0A2-2E2418982189}><C:\WINDOWS\system32\kgfghd.dll> [File is missing]
<{C0595A7E-2E2F-4B34-A83A-019270A0A464}><C:\WINDOWS\system32\tdffdl.dll> [File is missing]
<{000F087F-4378-545F-74FA-37D345AD7A8C}><C:\WINDOWS\system32\mttwfh.dll> [File is missing]
<{28766E1C-74B0-4417-8C75-F12AE309EF35}><C:\WINDOWS\system32\wzcfsw.dll> [File is missing]
删除启动项
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]下注册表项目及对应dll文件
<dtsbijko.dll><C:\WINDOWS\system32\dtsbijko.dll> [File is missing]
<kbdswjr.dll><C:\WINDOWS\system32\kbdswjr.dll> [File is missing]
<dispexcb.dll><C:\WINDOWS\system32\dispexcb.dll> [File is missing]
<bootvidgj.dll><C:\WINDOWS\system32\bootvidgj.dll> [File is missing]
<adsntzt.dll><C:\WINDOWS\system32\adsntzt.dll> [File is missing]
<imgutilhx2.dll><C:\WINDOWS\system32\imgutilhx2.dll> [File is missing]
<slbiopfs2.dll><C:\WINDOWS\system32\slbiopfs2.dll> [File is missing]
删除驱动及对应文件
[000e0f8c / 000e0f8c][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\Drivers\000e0f8c.sys><N/A>
[HiddFldy / HiddFldy][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\d32dx9.sys><N/A>
[IIS Manager / IIS Manager ][Stopped/Manual Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1.tmp><N/A>
以下文件自己去去测下
http://www.virscan.org/http://www.virustotal.com/zh-cn/C:\windos\system32\DRIVERS\secdrv.sys
c:\windossystem32\DRIVERS\yk51x86.sys
PS:瑞星杀毒软件修复或卸载重装
