请求帮助：MMLUCJ.DLL,SEVERE.DLL如何解决 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛请求帮助：MMLUCJ.DLL,SEVERE.DLL如何解决

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

请求帮助：MMLUCJ.DLL,SEVERE.DLL如何解决

刘伟华初生襁褓狮帖子:11 注册: 2004-06-27 来自:	发表于： 2007-03-25 16:04 \| 只看楼主短消息资料字号：小中大 1楼请求帮助：MMLUCJ.DLL,SEVERE.DLL如何解决感染病毒，360SAFE，熊猫专杀都无法启用。注册表、组策略、MSCONFIG在安全模式下也不能开启。不断出现对话框，提示X000……错误诺顿和瑞星无法安装和启动。用瑞星U盘病毒库0301，查出病毒，但是启动后依然出现问题，再杀害能发现并删除，但启动后又发现。请帮助出出主意。两个DLL，都不能手动停止，停止后出来更多的同名进程。 2007-03-27 13:13:46
刘伟华初生襁褓狮帖子:11 注册: 2004-06-27 来自:	分享到：

紫墨蓝尘初生襁褓狮帖子:476 注册: 2006-10-12 来自:	发表于： 2007-03-25 16:11 \| 短消息资料字号：小中大 2楼 SRENG日志上来把SRENG.EXE重命名为123.BAT 然后再运行
紫墨蓝尘初生襁褓狮帖子:476 注册: 2006-10-12 来自:

紫墨蓝尘初生襁褓狮帖子:476 注册: 2006-10-12 来自:	发表于： 2007-03-25 16:11 \| 短消息资料字号：小中大 3楼 SRENG日志上来把SRENG.EXE重命名为123.BAT 然后再运行晕发多了```管理员删帖 SORRY````
紫墨蓝尘初生襁褓狮帖子:476 注册: 2006-10-12 来自:

刘伟华初生襁褓狮帖子:11 注册: 2004-06-27 来自:	发表于： 2007-03-25 21:42 \| 只看楼主短消息资料字号：小中大 4楼 [C:\Program Files\racer-henan-cnc\dhcpplus.dll] [北京润汇科技有限公司, 0, 13, 21, 45] [C:\Program Files\racer-henan-cnc\components\racer_nss4_comp.dll] [Putian Runway, 2,0,47,87] [C:\Program Files\racer-henan-cnc\nss4.dll] [北京普天润汇科技有限公司, 1, 0, 0, 3] [C:\Program Files\racer-henan-cnc\wpcap.dll] [Politecnico di Torino, 3, 0, 0, 18] [C:\Program Files\racer-henan-cnc\pthreadVC.dll] [N/A, N/A] [C:\Program Files\racer-henan-cnc\packet.dll] [Politecnico di Torino, 3, 0, 0, 18] [C:\WINDOWS\system32\sbfyrn.dll] [N/A, N/A] [PID: 1196][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\sbfyrn.dll] [N/A, N/A] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.9 19Nov04] [PID: 1856][C:\Program Files\racer-henan-cnc\RacerKp.exe] [北京润汇科技有限公司, 1, 0, 0, 1] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.9 19Nov04] [C:\WINDOWS\system32\sbfyrn.dll] [N/A, N/A] [PID: 392][C:\WINDOWS\system32\severe.exe] [N/A, N/A] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.9 19Nov04] [C:\WINDOWS\system32\sbfyrn.dll] [N/A, N/A] [PID: 1904][C:\WINDOWS\system32\sbfyrn.exe] [N/A, N/A] [C:\WINDOWS\system32\sbfyrn.dll] [N/A, N/A] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.9 19Nov04] [PID: 464][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.9 19Nov04] [C:\WINDOWS\system32\sbfyrn.dll] [N/A, N/A] [C:\WINDOWS\system32\msdmo.dll] [N/A, N/A] [PID: 248][C:\Documents and Settings\Admin\桌面\杀杀杀.EXE] [Smallfrogs Studio, 2.3.13.690] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.12.9 19Nov04] [C:\WINDOWS\system32\sbfyrn.dll] [N/A, N/A] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf [C:\] [AUTORUN] shell=verb shell\verb\command=svchost.exe shell\verb=打开(&O) [D:\] [AutoRun] open=OSO.exe shellexecute=OSO.exe shell\Auto\command=OSO.exe [E:\] [AutoRun] open=OSO.exe shellexecute=OSO.exe shell\Auto\command=OSO.exe ================================== HOSTS 文件 127.0.0.1 localhost 127.0.0.1 mmsk.cn 127.0.0.1 safe.qq.com 127.0.0.1 360safe.com 127.0.0.1 www.mmsk.cn 127.0.0.1 www.360safe.com 127.0.0.1 zs.kingsoft.com 127.0.0.1 forum.ikaka.com 127.0.0.1 up.rising.com.cn 127.0.0.1 scan.kingsoft.com 127.0.0.1 kvup.jiangmin.com 127.0.0.1 reg.rising.com.cn 127.0.0.1 update.rising.com.cn 127.0.0.1 update7.jiangmin.com 127.0.0.1 download.rising.com.cn 127.0.0.1 dnl-us1.kaspersky-labs.com 127.0.0.1 dnl-us2.kaspersky-labs.com 127.0.0.1 dnl-us3.kaspersky-labs.com 127.0.0.1 dnl-us4.kaspersky-labs.com 127.0.0.1 dnl-us5.kaspersky-labs.com 127.0.0.1 dnl-us6.kaspersky-labs.com 127.0.0.1 dnl-us7.kaspersky-labs.com 127.0.0.1 dnl-us8.kaspersky-labs.com 127.0.0.1 dnl-us9.kaspersky-labs.com 127.0.0.1 dnl-us10.kaspersky-labs.com 127.0.0.1 dnl-eu1.kaspersky-labs.com 127.0.0.1 dnl-eu2.kaspersky-labs.com 127.0.0.1 dnl-eu3.kaspersky-labs.com 127.0.0.1 dnl-eu4.kaspersky-labs.com 127.0.0.1 dnl-eu5.kaspersky-labs.com 127.0.0.1 dnl-eu6.kaspersky-labs.com 127.0.0.1 dnl-eu7.kaspersky-labs.com 127.0.0.1 dnl-eu8.kaspersky-labs.com 127.0.0.1 dnl-eu9.kaspersky-labs.com 127.0.0.1 dnl-eu10.kaspersky-labs.com ================================== API HOOK N/A ================================== [/CODE]
刘伟华初生襁褓狮帖子:11 注册: 2004-06-27 来自:

枫笑九洲强壮不惑狮帖子:881 注册: 2007-03-19 来自:	发表于： 2007-03-25 21:50 \| 短消息资料字号：小中大 5楼修复host文件
枫笑九洲强壮不惑狮帖子:881 注册: 2007-03-19 来自:

刘伟华初生襁褓狮帖子:11 注册: 2004-06-27 来自:	发表于： 2007-03-27 12:51 \| 只看楼主短消息资料字号：小中大 6楼 Logfile of HijackThis v1.99.1 Scan saved at 9:14:03, on 2004-1-22 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\mmlucj.exe C:\WINDOWS\system32\drivers\conime.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\conime.exe C:\Program Files\Sony\VAIO Launcher\Launcher.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe C:\Program Files\WinRAR\WinRAR.exe C:\WINDOWS\system32\severe.exe C:\DOCUME~1\GAOHJG~1.000\LOCALS~1\Temp\Rar$EX16.665\HijackThis.exe F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\drivers\conime.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [avipit] C:\WINDOWS\system32\mmlucj.exe O4 - HKLM\..\Run: [mmlucj] C:\WINDOWS\system32\severe.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [svcshare] C:\WINDOWS\system32\drivers\spoclsv.exe O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://vaio-online.sony.com/cn/ O16 - DPF: {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} (Submit Class) - https://pbank.95559.com.cn/personbank/ocx/safe.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F08B316A-79B6-4562-84C5-7A3AB9A453CD}: NameServer = 202.102.134.68,202.102.224.68 O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
刘伟华初生襁褓狮帖子:11 注册: 2004-06-27 来自:

newcenturymoon 社区嘉宾帖子:15158 注册: 2005-08-03 来自:	发表于： 2007-03-27 12:52 \| 短消息资料字号：小中大 7楼 sreng日志贴全
newcenturymoon 社区嘉宾帖子:15158 注册: 2005-08-03 来自:

枫笑九洲强壮不惑狮帖子:881 注册: 2007-03-19 来自:	发表于： 2007-03-27 12:59 \| 短消息资料字号：小中大 8楼楼主请把C:\WINDOWS\system32\mmlucj.exe打包，加密发我邮箱，qgnck1999@163.com 谢谢
枫笑九洲强壮不惑狮帖子:881 注册: 2007-03-19 来自:

饭后点心初生襁褓狮帖子:380 注册: 2006-11-14 来自:	发表于： 2007-03-27 13:23 \| 短消息资料字号：小中大 9楼又是OSO.EXE这个U盘弄的......最近中这个的人好像很多啊.这个映像劫持做的不错嘛. 请参考:http://forum.ikaka.com/topic.asp?board=28&artid=8257332 或者http://bbs.360safe.com/viewthread.php?tid=98279&highlight 还有http://hi.baidu.com/readon99/blog/item/829ee924598c01014c088da1.html
饭后点心初生襁褓狮帖子:380 注册: 2006-11-14 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT