xie xie - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛 xie xie

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十六次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

[求助] xie xie

caijueliuxin 初生襁褓狮帖子:1 注册: 2009-02-25 来自:	发表于： 2009-02-25 15:37 \| 只看楼主短消息资料字号：小中大 1楼 xie xie bang bang mang 用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) 附件: 文件名:SREngLOG.log 下载次数:133 文件类型:application/octet-stream 文件大小: 上传时间:2009-2-25 15:37:22 描述:log
caijueliuxin 初生襁褓狮帖子:1 注册: 2009-02-25 来自:	分享到：

帅哥阿福雄霸杖朝狮帖子:21071 注册: 2006-03-29 来自:米兰	发表于： 2009-02-25 15:42 \| 短消息资料字号：小中大 2楼回复：xie xie [C:\WINDOWS\system32\ghehdchh.dll] [N/A, ] [C:\WINDOWS\system32\omoefolg.dll] [N/A, ] [C:\WINDOWS\system32\kbihaoge.dll] [N/A, ] [C:\WINDOWS\system32\ankckeij.dll] [N/A, ] [C:\WINDOWS\system32\iegfeahl.dll] [N/A, ] [C:\WINDOWS\system32\bcbbpgfi.dll] [N/A, ] [C:\WINDOWS\system32\kopgiggc.dll] [N/A, ] [C:\WINDOWS\system32\ibllakcd.dll] [N/A, ] [C:\WINDOWS\system32\hkgndhkg.dll] [N/A, ] [C:\WINDOWS\system32\bgiakeda.dll] [N/A, ] [C:\WINDOWS\system32\pedpijbh.dll] [N/A, ] [C:\WINDOWS\system32\kplhboed.dll] [N/A, ] [C:\WINDOWS\system32\kneemjal.dll] [N/A, ] [C:\WINDOWS\system32\apkhfeme.dll] [N/A, ] [C:\WINDOWS\system32\pmemjbnl.dll] [N/A, ] [C:\WINDOWS\system32\geimlhid.dll] [N/A, ] [C:\WINDOWS\system32\mkcpelna.dll] [N/A, ] [C:\WINDOWS\system32\pimnjjmo.dll] [N/A, ] [C:\WINDOWS\system32\eeekondb.dll] [N/A, ] [C:\WINDOWS\system32\cgnldkke.dll] [N/A, ] [C:\WINDOWS\system32\anymie360.dll] [N/A, ] [C:\WINDOWS\system32\pmemjbnl.dll] [N/A, ] 提交到这里，或者提交给瑞星，地址如下：http://mailcenter.rising.com.cn/index.shtml ╭∩╮（︶︿︶）╭∩╮
帅哥阿福雄霸杖朝狮帖子:21071 注册: 2006-03-29 来自:米兰

caogensk 卡卡反病毒小组帖子:1023 注册: 2009-01-02 来自:	发表于： 2009-02-25 15:52 \| 短消息资料字号：小中大 3楼回复: xie xie 1建议使用XDelBox(下载地址：http://bbs.ikaka.com/attachment.aspx?attachmentid=446806）删除以下文件：（使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择剪贴板导入不检查路径，导入后记得勾选抑制其再生，在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储设备） C:\WINDOWS\system32\ghehdchh.dll C:\WINDOWS\system32\omoefolg.dll C:\WINDOWS\system32\kbihaoge.dll C:\WINDOWS\system32\ankckeij.dll C:\WINDOWS\system32\iegfeahl.dll C:\WINDOWS\system32\bcbbpgfi.dll C:\WINDOWS\system32\kopgiggc.dll C:\WINDOWS\system32\ibllakcd.dll C:\WINDOWS\system32\hkgndhkg.dll C:\WINDOWS\system32\bgiakeda.dll C:\WINDOWS\system32\pedpijbh.dll C:\WINDOWS\system32\kplhboed.dll C:\WINDOWS\system32\kneemjal.dll C:\WINDOWS\system32\apkhfeme.dll C:\WINDOWS\system32\pmemjbnl.dll C:\WINDOWS\system32\geimlhid.dll C:\WINDOWS\system32\mkcpelna.dll C:\WINDOWS\system32\pimnjjmo.dll C:\WINDOWS\system32\eeekondb.dll C:\WINDOWS\system32\cgnldkke.dll C:\WINDOWS\system32\anymie360.dll C:\WINDOWS\system32\F65BDEC7.dll C:\WINDOWS\system32\4FBFD5A4.dll C:\WINDOWS\system32\DA63E650.dll C:\WINDOWS\system32\16AF66EB.dll C:\WINDOWS\system32\A1A6BC2E.dll C:\WINDOWS\system32\16BC0F81.dll C:\WINDOWS\system32\704C3595.dll C:\WINDOWS\system32\198FF3D8.dll C:\WINDOWS\system32\201476D0.dll C:\WINDOWS\system32\1957817A.dll 2删除注册表项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{198FF3D8-56F1-466B-A36F-F9C28B43E440}><198FF3D8.dll> [N/A] <{80168013-E05A-4A05-88E9-6687C2D17362}><C:\Program Files\Internet Explorer\PowerDo.Rel> [File is missing] <{201476D0-2B18-462E-AB9F-3E2B0CC8732B}><201476D0.dll> [N/A] <{1957817A-94B2-4CAC-B113-A331809B5730}><1957817A.dll> [N/A] <{5419706F-9AD1-49BB-A91F-EE6B62E2881E}><C:\Program Files\Internet Explorer\PowerJo.ase> [File is missing] <{EF7CD526-1E07-49E5-AC2D-686CE0E8C3D0}><C:\Program Files\Internet Explorer\SentMail.R52> [File is missing] <{BBC92FBA-9F43-4938-8716-62D17E1A1617}><C:\Program Files\Internet Explorer\DxPlroBt.Rxf> [File is missing] <{47EE63A5-A4C5-46CF-A5E7-8F1CA7E2A976}><C:\WINDOWS\system32\kneemjal.dll> [File is missing] <{9ED923B1-1C63-4338-9696-DC4339F5A767}><C:\WINDOWS\system32\pedpijbh.dll> [File is missing] <{BCBB90F2-1A06-4DD9-BE57-6DCFE4E44AF3}><C:\WINDOWS\system32\bcbbpgfi.dll> [File is missing] <{4951B8ED-C5AF-4FAA-8AEA-7D84A925DCBA}><C:\WINDOWS\system32\kplhboed.dll> [File is missing] <{49DD1053-126A-4E46-9C36-462323AC29B1}><C:\WINDOWS\system32\kpddhglj.dll> [File is missing] <{F65BDEC7-4BF3-4512-840F-68B166B6D7AC}><F65BDEC7.dll> [N/A] <{4FBFD5A4-5FE8-4444-8BD9-FD0FAFA64F96}><4FBFD5A4.dll> [N/A] <{DA63E650-537C-4042-87BB-9D19D844680B}><DA63E650.dll> [N/A] <{2567EAAB-4C26-401A-9099-DFD22CF094A5}><C:\Program Files\Internet Explorer\DxPlroBt.Rxf> [File is missing] <{B02A4EDA-9F22-4E39-8F04-68B00E944251}><C:\WINDOWS\system32\bgiakeda.dll> [File is missing] <{1407D140-E047-49A4-8E36-880C016E28B9}><C:\WINDOWS\system32\hkgndhkg.dll> [File is missing] <{2B55A4CD-D6E4-4B2C-A94B-01A28CE2BF92}><C:\WINDOWS\system32\ibllakcd.dll> [File is missing] <{4890200C-4CBC-40C2-B12B-67C619C0A93C}><C:\WINDOWS\system32\kopgiggc.dll> [File is missing] <{912F6837-CCB6-424B-BC9C-8BB5541AFB54}><C:\Program Files\Internet Explorer\PowerJv.ask> [File is missing] <{16AF66EB-93C8-49F9-BB09-B4F87CEDCE46}><16AF66EB.dll> [N/A] <{A1A6BC2E-C6A1-43C1-8884-A31D772F42B8}><A1A6BC2E.dll> [N/A] <{16BC0F81-410C-41DF-A902-1B04368BA8AE}><16BC0F81.dll> [N/A] <{704C3595-DB85-40F6-A601-8D6F346907BD}><704C3595.dll> [N/A] <{2E0FEA15-E734-4749-A434-FCB3DB4394C6}><C:\WINDOWS\system32\iegfeahl.dll> [File is missing] <{A74C4E23-89FC-4519-AA75-5F52781CD97F}><C:\WINDOWS\system32\ankckeij.dll> [File is missing] <{4B21A80E-BCE2-4CAE-A69A-80E59F5A21BD}><C:\WINDOWS\system32\kbihaoge.dll> [File is missing] <{868EF850-52F9-4637-8496-E3DDAC474B1A}><C:\WINDOWS\system32\omoefolg.dll> [File is missing] <{01E1DC11-2ECE-4175-A818-8D9F19F50BC2}><C:\WINDOWS\system32\ghehdchh.dll> [File is missing] <{A941FE6E-7D4D-4600-9A40-72A6F75B89A7}><C:\WINDOWS\system32\apkhfeme.dll> [File is missing] <{96E63B75-E1E7-4311-A8FD-86A0A0FB1C3A}><C:\WINDOWS\system32\pmemjbnl.dll> [] <{0E26512D-4090-46B9-B7A1-8C45BF48C6AC}><C:\WINDOWS\system32\geimlhid.dll> [File is missing] <{64C9E57A-AC98-4300-8FDD-5079C51123A3}><C:\WINDOWS\system32\mkcpelna.dll> [File is missing] <{92673368-C2AA-466E-8530-BCBB3A6AB340}><C:\WINDOWS\system32\pimnjjmo.dll> [File is missing] <{EEE487DB-060A-449F-9974-60FC06FDCB7C}><C:\WINDOWS\system32\eeekondb.dll> [File is missing] <{C075D44E-4ED0-477C-A2F1-12EBB17C6F2C}><C:\WINDOWS\system32\cgnldkke.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <47EE63A5><C:\WINDOWS\system32\kneemjal.dll> [File is missing] <9ED923B1><C:\WINDOWS\system32\pedpijbh.dll> [File is missing] <BCBB90F2><C:\WINDOWS\system32\bcbbpgfi.dll> [File is missing] <4951B8ED><C:\WINDOWS\system32\kplhboed.dll> [File is missing] <49DD1053><C:\WINDOWS\system32\kpddhglj.dll> [File is missing] <B02A4EDA><C:\WINDOWS\system32\bgiakeda.dll> [File is missing] <1407D140><C:\WINDOWS\system32\hkgndhkg.dll> [File is missing] <2B55A4CD><C:\WINDOWS\system32\ibllakcd.dll> [File is missing] <4890200C><C:\WINDOWS\system32\kopgiggc.dll> [File is missing] <2E0FEA15><C:\WINDOWS\system32\iegfeahl.dll> [File is missing] <A74C4E23><C:\WINDOWS\system32\ankckeij.dll> [File is missing] <4B21A80E><C:\WINDOWS\system32\kbihaoge.dll> [File is missing] <868EF850><C:\WINDOWS\system32\omoefolg.dll> [File is missing] <01E1DC11><C:\WINDOWS\system32\ghehdchh.dll> [File is missing] <A941FE6E><C:\WINDOWS\system32\apkhfeme.dll> [File is missing] <96E63B75><C:\WINDOWS\system32\pmemjbnl.dll> [] <0E26512D><C:\WINDOWS\system32\geimlhid.dll> [File is missing] <64C9E57A><C:\WINDOWS\system32\mkcpelna.dll> [File is missing] <92673368><C:\WINDOWS\system32\pimnjjmo.dll> [File is missing] <EEE487DB><C:\WINDOWS\system32\eeekondb.dll> [File is missing] <C075D44E><C:\WINDOWS\system32\cgnldkke.dll> [File is missing] 4下载工具，修复劫持项。 http://bbs.ikaka.com/attachment.aspx?attachmentid=435625下载镜像劫持修复工具 caogensk 最后编辑于 2009-02-25 16:00:36 只要快乐，不要哀伤。 lose yourself。。。
caogensk 卡卡反病毒小组帖子:1023 注册: 2009-01-02 来自:

魅力算法强壮不惑狮帖子:1275 注册: 2008-08-29 来自:	发表于： 2009-02-25 15:57 \| 短消息资料字号：小中大 4楼回复: xie xie 1.建议使用XDelBox删除以下文件：(XDelBox1.6下载) 使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择从剪贴板导入，导入后在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质（包括U盘，MP3，手机存储卡等）。 c:\windows\system32\pmemjbnl.dll c:\windows\system32\pimnjjmo.dll c:\windows\system32\pedpijbh.dll c:\windows\system32\omoefolg.dll c:\windows\system32\mkcpelna.dll c:\windows\system32\kplhboed.dll c:\windows\system32\kopgiggc.dll c:\windows\system32\kneemjal.dll c:\windows\system32\kbihaoge.dll c:\windows\system32\iegfeahl.dll c:\windows\system32\ibllakcd.dll c:\windows\system32\hkgndhkg.dll c:\windows\system32\ghehdchh.dll c:\windows\system32\geimlhid.dll c:\windows\system32\eeekondb.dll c:\windows\system32\cgnldkke.dll c:\windows\system32\bgiakeda.dll c:\windows\system32\bcbbpgfi.dll c:\windows\system32\apkhfeme.dll c:\windows\system32\ankckeij.dll c:\windows\system32\anymie360.dll c:\windows\system32\kpddhglj.dll c:\program files\internet explorer\powerjo.ase c:\program files\internet explorer\dxplrobt.rxf c:\progra~1\intern~1\plugins\b54321.bho c:\program files\internet explorer\powerdo.rel c:\program files\internet explorer\powerjv.ask c:\program files\internet explorer\sentmail.r52 2.删除重启后使用SREng修复下面各项：启动项目－－注册表之如下项删除： [{96E63B75-E1E7-4311-A8FD-86A0A0FB1C3A}] <C:\WINDOWS\system32\pmemjbnl.dll> [{704C3595-DB85-40F6-A601-8D6F346907BD}] <704C3595.dll> [{16BC0F81-410C-41DF-A902-1B04368BA8AE}] <16BC0F81.dll> [{A1A6BC2E-C6A1-43C1-8884-A31D772F42B8}] <A1A6BC2E.dll> [{16AF66EB-93C8-49F9-BB09-B4F87CEDCE46}] <16AF66EB.dll> [{DA63E650-537C-4042-87BB-9D19D844680B}] <DA63E650.dll> [{4FBFD5A4-5FE8-4444-8BD9-FD0FAFA64F96}] <4FBFD5A4.dll> [{F65BDEC7-4BF3-4512-840F-68B166B6D7AC}] <F65BDEC7.dll> [{1957817A-94B2-4CAC-B113-A331809B5730}] <1957817A.dll> [{201476D0-2B18-462E-AB9F-3E2B0CC8732B}] <201476D0.dll> [{198FF3D8-56F1-466B-A36F-F9C28B43E440}] <198FF3D8.dll> 注意该项[AppInit_DLLs]修改：把<pmemjbnl.dll,pedpijbh.dll,bgiakeda.dll,hkgndhkg.dll,ibllakcd.dll,kopgiggc.dll,bcbbpgfi.dll,iegfeahl.dll,ankckeij.dll,kbihaoge.dll,omoefolg.dll,ghehdchh.dll,kmon.dll>修改为<kmon.dll> [{47EE63A5-A4C5-46CF-A5E7-8F1CA7E2A976}] <C:\WINDOWS\system32\kneemjal.dll> [{9ED923B1-1C63-4338-9696-DC4339F5A767}] <C:\WINDOWS\system32\pedpijbh.dll> [{BCBB90F2-1A06-4DD9-BE57-6DCFE4E44AF3}] <C:\WINDOWS\system32\bcbbpgfi.dll> [{4951B8ED-C5AF-4FAA-8AEA-7D84A925DCBA}] <C:\WINDOWS\system32\kplhboed.dll> [{49DD1053-126A-4E46-9C36-462323AC29B1}] <C:\WINDOWS\system32\kpddhglj.dll> [{B02A4EDA-9F22-4E39-8F04-68B00E944251}] <C:\WINDOWS\system32\bgiakeda.dll> [{1407D140-E047-49A4-8E36-880C016E28B9}] <C:\WINDOWS\system32\hkgndhkg.dll> [{2B55A4CD-D6E4-4B2C-A94B-01A28CE2BF92}] <C:\WINDOWS\system32\ibllakcd.dll> [{4890200C-4CBC-40C2-B12B-67C619C0A93C}] <C:\WINDOWS\system32\kopgiggc.dll> [{2E0FEA15-E734-4749-A434-FCB3DB4394C6}] <C:\WINDOWS\system32\iegfeahl.dll> [{A74C4E23-89FC-4519-AA75-5F52781CD97F}] <C:\WINDOWS\system32\ankckeij.dll> [{4B21A80E-BCE2-4CAE-A69A-80E59F5A21BD}] <C:\WINDOWS\system32\kbihaoge.dll> [{868EF850-52F9-4637-8496-E3DDAC474B1A}] <C:\WINDOWS\system32\omoefolg.dll> [{01E1DC11-2ECE-4175-A818-8D9F19F50BC2}] <C:\WINDOWS\system32\ghehdchh.dll> [{A941FE6E-7D4D-4600-9A40-72A6F75B89A7}] <C:\WINDOWS\system32\apkhfeme.dll> [{0E26512D-4090-46B9-B7A1-8C45BF48C6AC}] <C:\WINDOWS\system32\geimlhid.dll> [{64C9E57A-AC98-4300-8FDD-5079C51123A3}] <C:\WINDOWS\system32\mkcpelna.dll> [{92673368-C2AA-466E-8530-BCBB3A6AB340}] <C:\WINDOWS\system32\pimnjjmo.dll> [{EEE487DB-060A-449F-9974-60FC06FDCB7C}] <C:\WINDOWS\system32\eeekondb.dll> [{C075D44E-4ED0-477C-A2F1-12EBB17C6F2C}] <C:\WINDOWS\system32\cgnldkke.dll> [47EE63A5] <C:\WINDOWS\system32\kneemjal.dll> [9ED923B1] <C:\WINDOWS\system32\pedpijbh.dll> [BCBB90F2] <C:\WINDOWS\system32\bcbbpgfi.dll> [4951B8ED] <C:\WINDOWS\system32\kplhboed.dll> [49DD1053] <C:\WINDOWS\system32\kpddhglj.dll> [B02A4EDA] <C:\WINDOWS\system32\bgiakeda.dll> [1407D140] <C:\WINDOWS\system32\hkgndhkg.dll> [2B55A4CD] <C:\WINDOWS\system32\ibllakcd.dll> [4890200C] <C:\WINDOWS\system32\kopgiggc.dll> [2E0FEA15] <C:\WINDOWS\system32\iegfeahl.dll> [A74C4E23] <C:\WINDOWS\system32\ankckeij.dll> [868EF850] <C:\WINDOWS\system32\omoefolg.dll> [4B21A80E] <C:\WINDOWS\system32\kbihaoge.dll> [01E1DC11] <C:\WINDOWS\system32\ghehdchh.dll> [A941FE6E] <C:\WINDOWS\system32\apkhfeme.dll> [{5419706F-9AD1-49BB-A91F-EE6B62E2881E}] <C:\Program Files\Internet Explorer\PowerJo.ase> [0E26512D] <C:\WINDOWS\system32\geimlhid.dll> [64C9E57A] <C:\WINDOWS\system32\mkcpelna.dll> [92673368] <C:\WINDOWS\system32\pimnjjmo.dll> [EEE487DB] <C:\WINDOWS\system32\eeekondb.dll> [C075D44E] <C:\WINDOWS\system32\cgnldkke.dll> [PHIME2002ASync] <; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [PHIME2002A] <; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> 系统修复－－　浏览器加载项之如下项删除： [] <C:\Program Files\Internet Explorer\DxPlroBt.Rxf> [] <C:\PROGRA~1\INTERN~1\PLUGINS\b54321.bho> [] <C:\Program Files\Internet Explorer\PowerJo.ase> [] <C:\Program Files\Internet Explorer\PowerDo.Rel> [] <C:\Program Files\Internet Explorer\PowerJv.ask> [] <C:\Program Files\Internet Explorer\DxPlroBt.Rxf> [] <C:\Program Files\Internet Explorer\SentMail.R52> [] <C:\Program Files\Internet Explorer\PowerJo.ase> [] <C:\Program Files\Internet Explorer\PowerDo.Rel> [] <C:\Program Files\Internet Explorer\PowerJv.ask> [] <C:\Program Files\Internet Explorer\DxPlroBt.Rxf> 下载IFEO修复程序 http://www.dodudou.com/down/IFEO.rar 下载windows清理助手清理恶意软件 http://www.arswp.com/download/arswp/arswp2.rar 下载SREng\|\|下载WinPE\|\| 暑假再来
魅力算法强壮不惑狮帖子:1275 注册: 2008-08-29 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT