1   1  /  1  页   跳转

[求助] 我中了严重的毒紧急求助

收藏
俹当
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2008-07-19
  • 来自:
发表于: 2008-07-19 23:09 | 只看楼主 短消息 资料
字号: 1楼

我中了严重的毒紧急求助

我的电脑中毒了输入法图标消失,只能出现原来按Ctrl+空格出现的第一个输入法,在瑞星卡卡那查出了3个毒(由于没下载瑞星杀毒就用卡卡了)            C:\WINDOWS\system32\zsqf.dll
          C:\WINDOWS\system32\cliconfgzx.dll   
  显示都是盗号木马,请问这2个病毒怎么处理,中了毒后日志我自己都打不开,急啊,在线等,大哥大姐们帮帮我,谢谢叻!

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

附件附件:

文件名:SREngLOG.log
下载次数:87
文件类型:application/octet-stream
文件大小:
上传时间:2008-7-19 23:08:51
描述:log
分享到:
gototop
 
aaccbbdd
头像
卡卡巡查
  • 帖子:45933
  • 注册: 2007-11-17
  • 来自:蜀山仙剑派
论坛8周年活动礼物卡卡名人堂祖国六十华诞09欢乐圣诞吃货勋章2012我眼中的你们幸福玫瑰
发表于: 2008-07-19 23:25 | 短消息 资料
字号: 2楼

回复:我中了严重的毒紧急求助

手工杀毒操作方法看我签名
删除启动项
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]下注册表项目及对应文件
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [File is missing]
    <bndfxdh><C:\WINDOWS\system32\bndfxdh.exe>  [File is missing]
    <HBmhly><"C:\WINDOWS\system32\HBmhly.exe" -r>  [File is missing]
修改启动项
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe,und15.exe,icp15.exe,,hicp15.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,svchost.xy3>  [(Verified)Microsoft Windows Publisher]
为  <shell><Explorer.exe>
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]


改注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><wcomipe.dll longasus.dll sctzxy.dll mssddyn.dll comremo.dll welycz.dll joliom.dll follwel.dll pcibexl.dll ceshleo.dll,kmon.dll>  [N/A]
为    <AppInit_DLLs><>
删除启动项
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]下注册表项目及<>内的DLL文件
    <{8C8D1401-A58D-A81C-CD24-A5915C4517C8}><C:\WINDOWS\system32\mnmhhsrv.dll>  [File is missing]
    <{00170017-0017-0017-0017-00170017BB15}><C:\WINDOWS\system32\msobjstl.dll>  []
    <{8FD45A54-9875-698F-E56E-65102358FDF8}><C:\WINDOWS\system32\apsghjba.dll>  [File is missing]
    <{00050005-0005-0005-0005-00050005BB15}><C:\WINDOWS\system32\cliconfgzx.dll>  []
    <{00230023-0023-0023-0023-00230023BB15}><C:\WINDOWS\system32\rasdlgcq.dll>  []
    <{00330033-0033-0033-0033-00330033BB15}><C:\WINDOWS\system32\tscfgwmijxsj.dll>  []
    <{2A698452-C5D8-C584-C256-C264C987C5A2}><C:\WINDOWS\system32\ijdybpaw.dll>  [File is missing]
    <{00010001-0001-0001-0001-00010001BB15}><C:\WINDOWS\system32\adsntzt.dll>  []
    <{00040004-0004-0004-0004-00040004BB15}><C:\WINDOWS\system32\catsrvwl.dll>  []
    <{00030003-0003-0003-0003-00030003BB15}><C:\WINDOWS\system32\bootvidgj.dll>  []
    <{4D698451-2015-6358-9871-2015987452D4}><C:\WINDOWS\system32\apzhdtde.dll>  [File is missing]
    <{7C648541-1025-9650-9057-6541258720C7}><C:\WINDOWS\system32\mndhgdwd.dll>  [File is missing]
    <{00120012-0012-0012-0012-00120012BB15}><C:\WINDOWS\system32\kbdswjr.dll>  []
    <{00060006-0006-0006-0006-00060006BB15}><C:\WINDOWS\system32\dispexcb.dll>  []
    <{57AC9076-C898-B098-D098-A18319080975}><C:\WINDOWS\system32\nhmxejkl.dll>  [File is missing]
    <{00270027-0027-0027-0027-00270027BB15}><C:\WINDOWS\system32\wmpuiqhx.dll>  []
    <{00320032-0032-0032-0032-00320032BB15}><C:\WINDOWS\system32\xolehlpjh.dll>  []
    <{64FAE856-AD58-20CB-A025-CD4895FA6E46}><C:\WINDOWS\system32\pjjxfdwd.dll>  [File is missing]
    <{00250025-0025-0025-0025-00250025BB15}><C:\WINDOWS\system32\slbiopfs2.dll>  []
    <{6A069845-2036-6084-9054-6087502480A6}><C:\WINDOWS\system32\ozfyfbyt.dll>  [File is missing]
    <{25FD6584-698F-BCD2-602C-698745210352}><C:\WINDOWS\system32\rijxbkin.dll>  [File is missing]
    <{00310031-0031-0031-0031-00310031BB15}><C:\WINDOWS\system32\cryptuiwlqx.dll>  []
    <{49109876-7619-9101-7012-901938475194}><C:\WINDOWS\system32\ietzdpaq.dll>  [File is missing]
    <{48093456-9012-4568-9076-908765467184}><C:\WINDOWS\system32\tisqdtyu.dll>  [File is missing]
    <{00210021-0021-0021-0021-00210021BB15}><C:\WINDOWS\system32\olecli32pt.dll>  []
    <{52023698-6984-8541-9654-698745012525}><C:\WINDOWS\system32\skqnebib.dll>  [File is missing]
    <{00300030-0030-0030-0030-00300030BB15}><C:\WINDOWS\system32\imgutilhx2.dll>  []
    <{000F087F-4378-545F-74FA-37D345AD7A8C}><C:\WINDOWS\system32\mttwfh.dll>  [File is missing]
    <{000030AE-0380-4351-8244-EE98A3240370}><C:\WINDOWS\system32\mghefy.dll>  [File is missing]
    <{E8A3B193-77E3-4FB3-986D-F4FA4828BAFC}><C:\WINDOWS\system32\wklsdd.dll>  [File is missing]
    <{8C41B7F7-3168-400D-A702-0E7EFE0BA304}><C:\WINDOWS\system32\sgdewg.dll>  [File is missing]
    <{81AF1CF6-D1C9-4C6A-AC01-EDE54E71945B}><C:\WINDOWS\system32\jfdses.dll>  [File is missing]
    <{259BF3CF-194D-4FE6-9ADB-DE6544B098B6}><C:\WINDOWS\system32\dndsaf.dll>  [File is missing]
    <{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><>  [N/A]
    <{A9895933-6636-4281-BC58-EE6DE2AF96E3}><C:\WINDOWS\system32\ddserh.dll>  [File is missing]
    <{84143967-B645-4BFF-B873-DA1DC886E9A7}><C:\WINDOWS\system32\cedafb.dll>  [File is missing]
    <{841529CB-7F77-4B99-A895-B5441E0D302F}><C:\WINDOWS\system32\jfrwdh.dll>  [File is missing]
    <{B29583D8-033A-4B9F-8553-7C5458F3FB8E}><C:\WINDOWS\system32\jdsaex.dll>  [File is missing]
    <{0B846B26-BFE6-4E8E-A948-1DB17B77B483}><C:\WINDOWS\system32\tdfhex.dll>  [File is missing]
    <{EA5D4B0E-B8CE-4761-8C7E-5D26369F0EC6}><C:\WINDOWS\system32\fsrgeb.dll>  [File is missing]
    <{73AE86E6-7F03-4C3B-8980-FB1DA157D3C7}><C:\WINDOWS\system32\fmcvxy.dll>  [File is missing]
    <{5E907A48-400E-4EA8-9792-FFAE052D59E9}><C:\WINDOWS\system32\pedadt.dll>  [File is missing]
    <{4D165A2A-4BC1-4CA8-8299-08E05AAAB5A4}><C:\WINDOWS\system32\tdggrz.dll>  [File is missing]
删除启动项
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]下注册表项目及<>内的DLL文件
    <msobjstl.dll><C:\WINDOWS\system32\msobjstl.dll>  []
    <cliconfgzx.dll><C:\WINDOWS\system32\cliconfgzx.dll>  []
    <rasdlgcq.dll><C:\WINDOWS\system32\rasdlgcq.dll>  []
    <tscfgwmijxsj.dll><C:\WINDOWS\system32\tscfgwmijxsj.dll>  []
    <adsntzt.dll><C:\WINDOWS\system32\adsntzt.dll>  []
    <catsrvwl.dll><C:\WINDOWS\system32\catsrvwl.dll>  []
    <bootvidgj.dll><C:\WINDOWS\system32\bootvidgj.dll>  []
    <kbdswjr.dll><C:\WINDOWS\system32\kbdswjr.dll>  []
    <dispexcb.dll><C:\WINDOWS\system32\dispexcb.dll>  []
    <wmpuiqhx.dll><C:\WINDOWS\system32\wmpuiqhx.dll>  []
    <xolehlpjh.dll><C:\WINDOWS\system32\xolehlpjh.dll>  []
    <slbiopfs2.dll><C:\WINDOWS\system32\slbiopfs2.dll>  []
    <cryptuiwlqx.dll><C:\WINDOWS\system32\cryptuiwlqx.dll>  []
    <olecli32pt.dll><C:\WINDOWS\system32\olecli32pt.dll>  []
    <imgutilhx2.dll><C:\WINDOWS\system32\imgutilhx2.dll>  []
删除驱动及驱动对应文件
[HBKernel Driver / HBKernel][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\HBKernel.sys><N/A>
[HiddFldy / HiddFldy][Running/Auto Start]
  <\??\C:\WINDOWS\system32\d32dx9.sys><N/A>
[obj2 / obj2][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\DRIVERS\obj2.sys><N/A>
删除文件C:\WINDOWS\system32\HBmhly.exe
C:\WINDOWS\system32\exyp15.exe
C:\WINDOWS\system32\wcomipek.exe
C:\WINDOWS\system32\exyp15.exe
C:\Program Files\Internet Explorer\PLUGINS\UnixSys08.Sys
C:\WINDOWS\system32\hicp15.exe
最后编辑aaccbbdd 最后编辑于 2008-07-19 23:35:59
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT