瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 上网很慢,犹如死机,请大侠帮助!

12   1  /  2  页   跳转

[求助] 上网很慢,犹如死机,请大侠帮助!

收藏
guoyc
头像
快乐黄口狮
  • 帖子:119
  • 注册: 2006-03-30
  • 来自:
发表于: 2009-06-21 14:11 | 显示全部 短消息 资料
字号: 1楼

上网很慢,犹如死机,请大侠帮助!

上网很慢,犹如死机,请大侠帮助!

多谢!!!

用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Maxthon)

附件附件:

文件名:SREngLOG.log
下载次数:135
文件类型:application/octet-stream
文件大小:
上传时间:2009-6-21 14:11:28
描述:log
分享到:
gototop
 
guoyc
头像
快乐黄口狮
  • 帖子:119
  • 注册: 2006-03-30
  • 来自:
发表于: 2009-06-21 14:38 | 显示全部 短消息 资料
字号: 2楼

回复 2F 浪漫纸箱 的帖子

多谢!!!
gototop
 
guoyc
头像
快乐黄口狮
  • 帖子:119
  • 注册: 2006-03-30
  • 来自:
发表于: 2009-06-21 14:39 | 显示全部 短消息 资料
字号: 3楼

回复 4F 浪漫纸箱 的帖子

已经安装Dr.com
gototop
 
guoyc
头像
快乐黄口狮
  • 帖子:119
  • 注册: 2006-03-30
  • 来自:
发表于: 2009-06-21 14:44 | 显示全部 短消息 资料
字号: 4楼

回复 2F 浪漫纸箱 的帖子

分析结果已出来,请您指正,多谢!

文件 SREngLOG.log 接收于 2009.06.21 06:41:41 (UTC)
反病毒引擎版本最后更新扫描结果
a-squared4.5.0.182009.06.21-
AhnLab-V35.0.0.22009.06.20-
AntiVir7.9.0.1932009.06.20-
Antiy-AVL2.0.3.12009.06.19-
Authentium5.1.2.42009.06.20-
Avast4.8.1335.02009.06.20-
AVG8.5.0.3392009.06.20-
BitDefender7.22009.06.21-
CAT-QuickHeal10.002009.06.19-
ClamAV0.94.12009.06.20-
Comodo13822009.06.21-
DrWeb5.0.0.121822009.06.21-
eSafe7.0.17.02009.06.18-
eTrust-Vet31.6.65702009.06.19-
F-Prot4.4.4.562009.06.20-
F-Secure8.0.14470.02009.06.19-
Fortinet3.117.0.02009.06.21-
GData192009.06.21-
IkarusT3.1.1.59.02009.06.21-
Jiangmin11.0.7062009.06.21-
K7AntiVirus7.10.7682009.06.19-
Kaspersky7.0.0.1252009.06.21-
McAfee56522009.06.20-
McAfee+Artemis56522009.06.20-
McAfee-GW-Edition6.7.62009.06.20-
Microsoft1.48032009.06.21-
NOD3241742009.06.20-
Norman6.01.092009.06.19-
nProtect2009.1.8.02009.06.21-
Panda10.0.0.162009.06.20-
PCTools4.4.2.02009.06.20-
Prevx3.02009.06.21-
Rising21.34.60.002009.06.21-
Sophos4.42.02009.06.21-
Sunbelt3.2.1858.22009.06.20-
Symantec1.4.4.122009.06.21-
TheHacker6.3.4.3.3502009.06.20-
TrendMicro8.950.0.10942009.06.20-
VBA323.12.10.72009.06.21-
ViRobot2009.6.19.17962009.06.19-
VirusBuster4.6.5.02009.06.20-

附加信息
File size: 78798 bytes
MD5...: f0fc7b965acb53073a8cc456da680d4f
SHA1..: 1bb9c8e877d9ee7ad508b6101f372142628b5731
SHA256: 2cb647deb400c656c458e85893da557af144857ed3b07a45fd0be2ca86b3030e
ssdeep: 768:PztJEAvqxkorEOdm90aIvoaALxAG3rF0am:Pztb+kUEKm90aGoaALbo<BR>
PEiD..: -
TrID..: File type identification<BR>Generic INI configuration (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-
最后编辑guoyc 最后编辑于 2009-06-21 14:45:49
gototop
 
guoyc
头像
快乐黄口狮
  • 帖子:119
  • 注册: 2006-03-30
  • 来自:
发表于: 2009-06-21 14:55 | 显示全部 短消息 资料
字号: 5楼

回复 2F 浪漫纸箱 的帖子

已经删除C:\WINDOWS\system32\TcpIpDog0.dll
gototop
 
guoyc
头像
快乐黄口狮
  • 帖子:119
  • 注册: 2006-03-30
  • 来自:
发表于: 2009-06-21 15:12 | 显示全部 短消息 资料
字号: 6楼

回复 9F 浪漫纸箱 的帖子

请问您如何检测C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll?在下很初级,多谢!!!
gototop
 
guoyc
头像
快乐黄口狮
  • 帖子:119
  • 注册: 2006-03-30
  • 来自:
发表于: 2009-06-21 15:27 | 显示全部 短消息 资料
字号: 7楼

回复: 上网很慢,犹如死机,请大侠帮助!

请您指正,多谢!!!

用windows清理助手扫描后的结果为:

用sreng扫描后的结果为:

附件附件:

文件名:Result.txt
下载次数:165
文件类型:text/plain
文件大小:
上传时间:2009-6-21 15:27:16
描述:txt

附件附件:

文件名:SREngLOG.log
下载次数:125
文件类型:application/octet-stream
文件大小:
上传时间:2009-6-21 15:27:16
描述:log
gototop
 
guoyc
头像
快乐黄口狮
  • 帖子:119
  • 注册: 2006-03-30
  • 来自:
发表于: 2009-06-21 15:41 | 显示全部 短消息 资料
字号: 8楼

回复 14F 浪漫纸箱 的帖子

扫描出可清理对象3个,可卸载软件5个。
gototop
 
guoyc
头像
快乐黄口狮
  • 帖子:119
  • 注册: 2006-03-30
  • 来自:
发表于: 2009-06-21 15:43 | 显示全部 短消息 资料
字号: 9楼

回复: 上网很慢,犹如死机,请大侠帮助!

检测C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll的结果为:
文件 SPlus.dll 接收于 2009.06.21 07:39:07 (UTC)
反病毒引擎版本最后更新扫描结果
a-squared4.5.0.182009.06.21-
AhnLab-V35.0.0.22009.06.20-
AntiVir7.9.0.1932009.06.20-
Antiy-AVL2.0.3.12009.06.19-
Authentium5.1.2.42009.06.20-
Avast4.8.1335.02009.06.20-
AVG8.5.0.3392009.06.20-
BitDefender7.22009.06.21-
CAT-QuickHeal10.002009.06.19-
ClamAV0.94.12009.06.20-
Comodo13822009.06.21-
DrWeb5.0.0.121822009.06.21-
eSafe7.0.17.02009.06.18-
eTrust-Vet31.6.65702009.06.19-
F-Prot4.4.4.562009.06.20-
Fortinet3.117.0.02009.06.21-
GData192009.06.21-
IkarusT3.1.1.59.02009.06.21-
Jiangmin11.0.7062009.06.21-
K7AntiVirus7.10.7682009.06.19-
Kaspersky7.0.0.1252009.06.21-
McAfee56522009.06.20-
McAfee+Artemis56522009.06.20-
McAfee-GW-Edition6.7.62009.06.20-
Microsoft1.48032009.06.21-
NOD3241742009.06.20-
Norman6.01.092009.06.19-
nProtect2009.1.8.02009.06.21-
Panda10.0.0.162009.06.20-
PCTools4.4.2.02009.06.20-
Prevx3.02009.06.21-
Rising21.34.61.002009.06.21-
Sophos4.42.02009.06.21-
Sunbelt3.2.1858.22009.06.20-
Symantec1.4.4.122009.06.21-
TheHacker6.3.4.3.3502009.06.20-
TrendMicro8.950.0.10942009.06.20-
VBA323.12.10.72009.06.21-
ViRobot2009.6.19.17962009.06.19-
VirusBuster4.6.5.02009.06.20-

附加信息
File size: 177480 bytes
MD5...: d9657d1a8a6d6f3ed4114868cd153a2b
SHA1..: feb63566eb90b51a7400a135ce5c9d510213d831
SHA256: 42fe5bed48c3e4ff64c18cadeae09bb13d0eeae22ea539169fd1a85588e2f93c
ssdeep: 3072:M0Yzs9RiHeFH6cnTRJC0lBaG2unsdQxpDcHQv7We+Yj/xvxr5JiraZXwJqG<BR>BaevZ:M5s7iHeDTbl0G2unsdQxpAwvaNYj/vru<BR>
PEiD..: Armadillo v1.xx - v2.xx
TrID..: File type identification<BR>Win32 Executable Generic (42.3%)<BR>Win32 Dynamic Link Library (generic) (37.6%)<BR>Generic Win/DOS Executable (9.9%)<BR>DOS Executable Generic (9.9%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x1524a<BR>timedatestamp.....: 0x492a18f5 (Mon Nov 24 03:01:09 2008)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 7 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x1943a 0x1a000 6.16 d54a962d1f185499196c4ecfcff4141f<BR>.rdata 0x1b000 0x6248 0x7000 6.68 6be80c351336d8c8b8694dbeb2239318<BR>.data 0x22000 0x4234 0x2000 3.66 38aa3fef9e7b465c28db5f4cc89edd15<BR>Shared_T 0x27000 0x10 0x1000 0.00 620f0b67a91f7f74151bc5be745b7110<BR>Shared_H 0x28000 0x20 0x1000 0.00 329be86fbc505430e3adcad57e1ccd2e<BR>.rsrc 0x29000 0x3d8 0x1000 1.06 b8892a998b5bd75b204a009dd936a608<BR>.reloc 0x2a000 0x2b38 0x3000 5.39 fd37af5fd690d9f7529d6d3b212e0b53<BR><BR>( 11 imports ) <BR>> KERNEL32.dll: UnmapViewOfFile, LeaveCriticalSection, EnterCriticalSection, GetShortPathNameA, GetSystemDirectoryA, GetWindowsDirectoryA, OpenMutexA, lstrcmpA, MapViewOfFile, GetTempPathA, LoadLibraryA, OpenFileMappingA, GetModuleFileNameW, CreateMutexA, GetLastError, TlsSetValue, VirtualProtect, GetLongPathNameA, TlsFree, TlsAlloc, VirtualQuery, IsBadWritePtr, lstrlenA, lstrcpynW, lstrcpynA, GetSystemTime, SystemTimeToFileTime, TlsGetValue, GetModuleFileNameA, GetCommandLineA, GetVersionExA, CreateFileMappingA, SetLastError, WideCharToMultiByte, MultiByteToWideChar, lstrlenW, GetExitCodeThread, DeleteCriticalSection, InitializeCriticalSection, WaitForMultipleObjects, SetEvent, CreateEventA, CreateThread, WaitForSingleObject, TerminateThread, lstrcmpiA, GetVersion, GetCurrentProcessId, Module32First, Module32Next, CloseHandle, GetModuleHandleA, GetCurrentProcess, FlushInstructionCache, GetSystemInfo, GetProcAddress, Sleep, GetPrivateProfileStructA, WritePrivateProfileStructA, GetFileSize, WriteFile, InterlockedDecrement, CreateFileA, DeleteFileA, lstrcatA, CopyFileA, CreateProcessA, LocalFree, GetACP, LoadLibraryW, LoadLibraryExA, ReadProcessMemory, FreeLibrary, MoveFileExA, CreateDirectoryA, FindClose, FindNextFileA, FindFirstFileA, CreateFileW, ReadFile, GetTickCount<BR>> USER32.dll: IsWindow, PostMessageA, RegisterWindowMessageA, FindWindowExA, FindWindowA, GetClassNameA, SetTimer, EnumWindows, GetParent, GetWindowTextA, CallNextHookEx, UnhookWindowsHookEx, KillTimer, DestroyWindow, PostQuitMessage, GetClassInfoExA, RegisterClassExA, CreateWindowExA, SetWindowLongA, GetWindowLongA, DefWindowProcA, GetMessageA, TranslateMessage, DispatchMessageA, SendMessageA, GetWindowThreadProcessId<BR>> GDI32.dll: GetStockObject<BR>> ADVAPI32.dll: OpenProcessToken, GetLengthSid, RegSetValueExA, RegCreateKeyExA, RegDeleteValueA, RegOpenKeyA, RegEnumKeyExA, RegQueryValueExA, RegEnumKeyA, RegEnumValueA, RegCloseKey, RegNotifyChangeKeyValue, RegOpenKeyExA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, DeleteService, OpenServiceA, QueryServiceStatus, StartServiceA, ControlService, RegSetValueExW, RegQueryValueExW, RegOpenKeyExW, CreateProcessAsUserW, SetTokenInformation, DuplicateTokenEx<BR>> ole32.dll: StringFromCLSID, CoCreateGuid, CoTaskMemFree<BR>> OLEAUT32.dll: -, -<BR>> SHLWAPI.dll: PathRemoveBackslashA, PathStripToRootA, PathIsDirectoryA, PathRemoveFileSpecA, PathFindExtensionA, PathRemoveExtensionA, PathRemoveBlanksA, PathAddExtensionA, PathAppendA, SHDeleteKeyA, SHDeleteValueA, SHSetValueA, SHGetValueA, PathFindFileNameA, StrStrIA, PathFileExistsA<BR>> MSVCRT.dll: fputs, fgets, rewind, fopen, wcslen, fwrite, strrchr, fread, ftell, malloc, __dllonexit, _onexit, __1type_info@@UAE@XZ, _initterm, _adjust_fdiv, fclose, strchr, _mbstok, atoi, _tempnam, rename, _ltoa, _snwprintf, sscanf, _mbsnbcpy, strstr, _mbscmp, time, srand, _mbschr, _mbsnbicmp, strncpy, _snprintf, rand, _mbsicmp, _CxxThrowException, memmove, realloc, free, _purecall, __CxxFrameHandler, __2@YAPAXI@Z, __3@YAXPAX@Z, _stricmp, _wcsicmp, _strnicmp, _strlwr, _wcsnicmp, strncat, fseek, _except_handler3<BR>> WS2_32.dll: -, -, -, -<BR>> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA<BR>> SHELL32.dll: SHGetSpecialFolderPathA<BR><BR>( 6 exports ) <BR>DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer, Rundll32, Rundll32_<BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=d9657d1a8a6d6f3ed4114868cd153a2b' target='_blank'>http://www.threatexpert.com/repo ... 4114868cd153a2b&;lt;/a>
gototop
 
guoyc
头像
快乐黄口狮
  • 帖子:119
  • 注册: 2006-03-30
  • 来自:
发表于: 2009-06-21 15:48 | 显示全部 短消息 资料
字号: 10楼

回复 17F 浪漫纸箱 的帖子

清理其中一个对象时,瑞星提示有病毒,为RootKit.Win32.Agent.ehu,已经删除;还提示若要完全清理对象,须重启。
多谢您!!!
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT