瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 网络连接打不开,复制粘贴都不行,有检查日志

1   1  /  1  页   跳转

[求助] 网络连接打不开,复制粘贴都不行,有检查日志

网络连接打不开,复制粘贴都不行,有检查日志

XP系统
我家是小区宽带电信的,网络连接打开不了,新建连接也不行,什么东西最小化后,会消失,图片打不开
还有复制剪切都不行了,用映像动持工具弄完后还是不行.
请高手指点谢谢

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; TheWorld)

附件附件:

文件名:SREngLOG.log
下载次数:193
文件类型:application/octet-stream
文件大小:
上传时间:2009-2-18 20:41:48
描述:log

分享到:
gototop
 

回复: 网络连接打不开,复制粘贴都不行,有检查日志

好像是中的usp10.dll,杀的差不多了,只剩一个文件,注册表有点残留。
建议使用XDelBox(下载地址:http://bbs.ikaka.com/attachment.aspx?attachmentid=446806
删除以下文件:(使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择剪贴板导入不检查路径,导入后记得勾选抑制其再生,在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储设备)
C:\WINDOWS\System32\anymie360.exe
C:\WINDOWS\System32\Drivers\msiffei.sys
C:\WINDOWS\System32\new.sys
删除注册表项。
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><>  [N/A]
    <{021F087F-4378-545F-74FA-37D345AD7A8C}><C:\WINDOWS\System32\mjgfth.dll>  [File is missing]
    <{C0595A7E-2E2F-4B34-A83A-019270A0A464}><C:\WINDOWS\System32\tdffdl.dll>  [File is missing]
    <{8C41B7F7-3168-400D-A702-0E7EFE0BA304}><C:\WINDOWS\System32\sgdewg.dll>  [File is missing]
    <{28EB3777-3E23-4E72-8449-A992D09D24C3}><C:\WINDOWS\System32\zefdst.dll>  [File is missing]
    <{461D2AB4-29A5-45C2-9134-D52272D3DE38}><C:\WINDOWS\System32\rfdswc.dll>  [File is missing]
    <{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><C:\WINDOWS\System32\zggxrx.dll>  [File is missing]
    <{53D44DB6-E22B-4B17-97D3-572C96CCA6E1}><C:\WINDOWS\System32\zsdgff.dll>  [File is missing]
    <{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}><C:\WINDOWS\System32\hhrdxd.dll>  [File is missing]
    <{84143967-B645-4BFF-B873-DA1DC886E9A7}><C:\WINDOWS\System32\cedafb.dll>  [File is missing]
    <{841529CB-7F77-4B99-A895-B5441E0D302F}><C:\WINDOWS\System32\jfrwdh.dll>  [File is missing]
    <{0B846B26-BFE6-4E8E-A948-1DB17B77B483}><C:\WINDOWS\System32\tdfhex.dll>  [File is missing]
    <{EA5D4B0E-B8CE-4761-8C7E-5D26369F0EC6}><C:\WINDOWS\System32\fsrgeb.dll>  [File is missing]
    <{B29583D8-033A-4B9F-8553-7C5458F3FB8E}><C:\WINDOWS\System32\jdsaex.dll>  [File is missing]
    <{4D165A2A-4BC1-4CA8-8299-08E05AAAB5A4}><C:\WINDOWS\System32\tdggrz.dll>  [File is missing]
    <{E8A3B193-77E3-4FB3-986D-F4FA4828BAFC}><C:\WINDOWS\System32\wklsdd.dll>  [File is missing]
    <{73AE86E6-7F03-4C3B-8980-FB1DA157D3C7}><C:\WINDOWS\System32\fmcvxy.dll>  [File is missing]
    <{5E907A48-400E-4EA8-9792-FFAE052D59E9}><C:\WINDOWS\System32\pedadt.dll>  [File is missing]
    <{3A698452-C5D8-C584-C256-C264C987C5A3}><C:\WINDOWS\Fonts\ijdycpaw.dll>  [File is missing]
    <{C629FF4F-ACDB-5C90-A098-FACB3456A26C}><C:\WINDOWS\Fonts\lopdfeab.dll>  [File is missing]
    <{9FD45A54-9875-698F-E56E-65102358FDF9}><C:\WINDOWS\Fonts\apsghjba.dll>  [File is missing]
    <{F490415F-65F8-B5C5-D8BA-9405FB12054F}><C:\WINDOWS\system32\jlgejgei32fg.dll>  [File is missing]
    <{A0AF1289-F140-A140-D012-C1458759FC0A}><C:\WINDOWS\Fonts\ypcqihlp.dll>  [File is missing]
    <{8C648541-1025-9650-9057-6541258720C8}><C:\WINDOWS\Fonts\mndhhdwd.dll>  [File is missing]
   
    <{782E4E5C-6965-41BC-9113-58C573E000E0}><C:\WINDOWS\system32\noiekelc.dll>  [File is missing]
    <{405477E5-564A-4D41-A543-74757EF82718}><C:\WINDOWS\system32\kglknnel.dll>  [File is missing]
    <{1B93C461-4B1C-42AE-B009-A1D10E44B34F}><C:\WINDOWS\system32\hbpjckmh.dll>  [File is missing]
    <{D516CB52-16BC-46E6-84C4-16BBAFA684C9}><C:\WINDOWS\system32\dlhmcbli.dll>  [File is missing]
    <{DA63E650-537C-4042-87BB-9D19D844680B}><DA63E650.dll>  [N/A]
    <{9B21A952-5571-4963-ACE1-79A91754FB56}><C:\WINDOWS\system32\pbihapli.dll>  [File is missing]
    <{56BC86C7-0692-4F94-A2C1-6CF1DBF8096C}><56BC86C7.dll>  [N/A]
    <{5B5A55E1-A8BC-450C-A6E5-A5B0D94E43FE}><C:\WINDOWS\system32\lblalleh.dll>  [File is missing]
    <{33E40391-E1D1-47F5-BD8B-53B7CF02021A}><C:\WINDOWS\system32\jjekgjph.dll>  [File is missing]
    <{3582FFDD-6748-48D7-B17A-B328B6490322}><C:\WINDOWS\system32\jloiffdd.dll>  [File is missing]
    <{A7B17E31-A194-41DF-B33A-678241CC2359}><C:\WINDOWS\system32\anbhnejh.dll>  [File is missing]
    <{57180766-6870-4A28-909A-DFE14F8993F0}><C:\WINDOWS\system32\lnhognmm.dll>  [File is missing]
    <{DFBD5278-0807-47DA-B381-22DF3EA03A80}><C:\WINDOWS\system32\dfbdlino.dll>  [File is missing]
    <{6FBD2286-D6E0-4253-BE21-FB857C27DAB6}><C:\WINDOWS\system32\mfbdiiom.dll>  [File is missing]
    <{E1D0F4CF-EB62-4583-B25B-94B0DBF62846}><C:\WINDOWS\system32\ehdgfkcf.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

    <782E4E5C><C:\WINDOWS\system32\noiekelc.dll>  [File is missing]
    <405477E5><C:\WINDOWS\system32\kglknnel.dll>  [File is missing]
    <1B93C461><C:\WINDOWS\system32\hbpjckmh.dll>  [File is missing]
    <D516CB52><C:\WINDOWS\system32\dlhmcbli.dll>  [File is missing]
    <9B21A952><C:\WINDOWS\system32\pbihapli.dll>  [File is missing]
    <5B5A55E1><C:\WINDOWS\system32\lblalleh.dll>  [File is missing]
    <33E40391><C:\WINDOWS\system32\jjekgjph.dll>  [File is missing]
    <3582FFDD><C:\WINDOWS\system32\jloiffdd.dll>  [File is missing]
    <A7B17E31><C:\WINDOWS\system32\anbhnejh.dll>  [File is missing]
    <57180766><C:\WINDOWS\system32\lnhognmm.dll>  [File is missing]
    <DFBD5278><C:\WINDOWS\system32\dfbdlino.dll>  [File is missing]
    <6FBD2286><C:\WINDOWS\system32\mfbdiiom.dll>  [File is missing]
    <E1D0F4CF><C:\WINDOWS\system32\ehdgfkcf.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <Stromliv><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wget.exe>  [File is missing]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <WSockDrv32><C:\WINDOWS\WSockDrv32.exe>  [File is missing]
    <AVPSrv><C:\WINDOWS\AVPSrv.exE>  [File is missing]
    <DbgHlp32><C:\WINDOWS\DbgHlp32.exe>  [File is missing]
    <MsPrint32D><C:\WINDOWS\wvavki.exe>  [File is missing]
    <WinSysM><C:\WINDOWS\235780M.exe>  [File is missing]
    <PTSShell><C:\WINDOWS\PTSShell.exe>  [File is missing]
    <LotusHlp><C:\WINDOWS\LotusHlp.exe>  [File is missing]
    <NVDispDrv><C:\WINDOWS\apwotx.exe>  [File is missing]
    <WINSvr32><C:\WINDOWS\WINSvr32.exE>  [File is missing]
    <NAVMon32><C:\WINDOWS\NAVMon32.exE>  [File is missing]
    <SHAProc><C:\WINDOWS\SHAProc.exe>  [File is missing]
    <WinSysW><C:\WINDOWS\235780L.exe>  [File is missing]
    <RegSrv64D><C:\WINDOWS\RegSrv64D.exE>  [File is missing]
删除服务
[CDF0ADBE / CDF0ADBE][Stopped/Auto Start]
  <C:\WINDOWS\System32\E69D044E.EXE -k><(File is missing)>
删除浏览器加载项
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
用sreng重置一下host文件

只要快乐,不要哀伤。
lose yourself。。。
gototop
 

回复:网络连接打不开,复制粘贴都不行,有检查日志

不行复制粘贴
可能病毒修改系统服务
可以再考这贴http://bbs.ikaka.com/showtopic-8417665.aspx#8926757
下载SREng||下载WinPE||    暑假再来
gototop
 

回复:网络连接打不开,复制粘贴都不行,有检查日志

这两个文件可能受了感染
[DCOM 服务器进程启动器 / DcomLaunch][Stopped/Auto Start]
  <C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><N/A> (需要修复文件)
[Remote Procedure Call (RPC) / RpcSs][Others/Auto Start]
  <C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><N/A> (需要在网上找文件替换)
驱动和后面的还没分析,不过这个是中了木马群吧?只删这些好像不够哎。
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT