dhapri.dll木马病毒清除办法及dhapri.dll专杀工具下载

<BR><P><FONT size=3><STRONG>dhapri.dll木马病毒中毒症状：</STRONG></FONT></P>
<P>木马运行后释放dll到系统目录：<BR><B>%System%\dhapri.dll</B><BR>创建ShellExecuteHooks启动项：<BR><BR>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]<BR>"{12311A42-AC1B-158F-FD32-5674345F23A1}"="dhapri.dll"<BR>[HKEY_CLASSES_ROOT\CLSID\{12311A42-AC1B-158F-FD32-5674345F23A1}\InprocServer32]<BR>@="%System%\dhapri.dll"<BR><BR>使用批处理C:\DeleteFileDos.bat删除原文件：<BR><BR>@echo off<BR>:Loop<BR>attrib "{原文件}" -r -a -s -h<BR>del "{原文件}"<BR>if exist "{原文件}" goto Loop<BR>del %0<BR><BR>当dhapri.dll被调用时，修改AppInit_DLLs值数据：<BR><BR>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]<BR>"AppInit_DLLs"="dhapri.dll"<BR><BR>并修改注册表禁用自动更新：<BR><BR>[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]<BR>"NoAutoUpdate"=dword:00000001<BR>"AUOptions"=dword:00000001<BR><BR>关闭Windows防火墙：<BR><BR>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]<BR>"EnableFirewall"=dword:00000000<BR><BR>木马会不断重写以上相关注册表信息。<BR></P>
<P><STRONG><FONT size=3>dhapri.dll木马病毒清除办法：</FONT></STRONG></P>
<P><STRONG>1.</STRONG> 重命名木马文件：<BR><B>%System%\dhapri.dll</B><BR><BR><B>2.</B> 重新启动计算机<BR><BR><B>3.</B> 删除重命名过的木马文件(如遇提示无法删除文件，到down.45it.com下载费尔木马强制删除器工具进行强制删除)：<BR><B>%System%\dhapri.dll</B><BR><BR><B>4.</B> 删除ShellExecuteHooks启动项(开始菜单－运行－输入“regedit”)：</P>
<DIV class=msgborder id=code5>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]<BR>"{12311A42-AC1B-158F-FD32-5674345F23A1}"="dhapri.dll"<BR>[HKEY_CLASSES_ROOT\CLSID\{12311A42-AC1B-158F-FD32-5674345F23A1}]</DIV>
<P><BR><B>5.</B> 编辑AppInit_DLLs值数据为空，删除“dhapri.dll”(开始菜单－运行－输入“regedit”)：</P>
<DIV class=msgborder id=code6>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]<BR>"AppInit_DLLs"=""<BR><BR><B>6.</B> 删除木马修改的注册表信息(开始菜单－运行－输入“regedit”)：</DIV>
<DIV class=msgborder id=code7>[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]<BR>"NoAutoUpdate"=dword:00000001<BR>"AUOptions"=dword:00000001<BR><BR>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]<BR>"EnableFirewall"=dword:00000000<BR>（或根据自己需要进行设置）</DIV>
<P><STRONG><FONT size=3>dhapri.dll木马病毒专杀工具下载地址：</FONT></STRONG></P> <BR>