瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 无法复制粘贴,声卡网卡被屏蔽,任务栏不显示窗口
loope - 2008-10-15 10:30:00
中毒了首先,出现了桌面任务栏被更改,任务栏不能显示打开的窗口,无法复制粘贴,网上邻居看不到本地连接和宽带连接,音乐文件打开没声音,许多系统的服务都无法启动,开机速度明显变慢,打开服务的时候无法显示扩展,并且无法显示服务的属性等问题,用360专杀和瑞星杀了91+71个病毒,现在查不出毒了,但是这些功能依然不能恢复~~

网上邻居看不到本地连接和宽带连接,音乐文件打开没声音,
一直关闭着的windows防火墙自已打开,在控制面板里打开windows防火墙时显示不能打开,说是什么无效.
桌面任务栏被更改,任务栏不能显示打开的窗口(桌面上可见)
设备管理器上看到网卡和声卡正常,更换网卡一样不能上网,

现在再用用瑞星最新版和360专杀查也没病毒,查木马也没发现,就是功能不能恢复

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2)
超级游戏迷 - 2008-10-15 10:38:00
请上传SRENG扫描日志以供分析。
hl7310 - 2008-10-15 11:13:00
我 前两天看到过 这个  不知道对你有没有用 先运行这个
修复rpc 再运行 rpc修复

附件: rpcss修复.rar
loope - 2008-10-15 11:34:00
rpc修复也没用

附件: SREngLOG.log
loope - 2008-10-15 11:46:00
搞好了~~~用这个SRENG修复了就好了,病毒把RPC服务给关了~~
超级游戏迷 - 2008-10-15 11:58:00
残留大量病毒创建的注册表项,倒:



引用:
注册表
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{4BF9CBA3-8DEE-41A1-8BDB-FC28D30E949F}><4BF9CBA3.dll>  [N/A]
    <{A2C3BA54-DF75-4881-8EB3-E54B26BBBBC9}><C:\WINDOWS\system32\wkvhhfgh.dll>  [File is missing]
    <{4D023DE9-F4B5-4BE0-99C6-7C7AD0CF5426}><4D023DE9.dll>  [N/A]
    <{DA56B183-A731-402b-9235-2CB8803E212D}><C:\WINDOWS\system32\xvvdqtfw.dll>  [File is missing]
    <{C56BCC10-503E-43AB-B208-3CD37FCFCE40}><C56BCC10.dll>  [N/A]
    <{EA4D8F95-8F2E-4658-A234-E8F4C9AC21C5}><C:\WINDOWS\system32\xsvuejlb.dll>  [File is missing]
    <{43ACDCC5-9009-4AF4-B80A-93BC656EF298}><43ACDCC5.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <axcggnbr.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <kuaecpex.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <usrcykad.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <aenmblkg.dll><C:\WINDOWS\system32\qqqzjlka.dll>  [File is missing]
    <ksuserfy.dll><C:\WINDOWS\system32\ksuserfy.dll>  [File is missing]
    <rpavipzi.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <xjwolikd.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <ybmgpsts.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <ewjqsueo.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <otzoooau.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <vgvhrpkx.dll><C:\WINDOWS\system32\qqqzjlka.dll>  [File is missing]
    <lqipylzz.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <vnhnunuf.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <ijawyxsq.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <megbdpfe.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <nxrjxhzh.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <qtxwkzen.dll><C:\WINDOWS\system32\qqqzjlka.dll>  [File is missing]
    <xzxpisju.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <bucuvkwa.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <igtypkyv.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <mczmcclj.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <pxfzpuqx.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <qqqzjlka.dll><C:\WINDOWS\system32\qqqzjlka.dll>  [File is missing]
    <djmkkfau.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <hesyxyni.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <rmuwnjls.dll><C:\WINDOWS\system32\xxiytqlx.dll>  [File is missing]
    <ktjhzvco.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <uqafvygc.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <kavoutme.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <uxlmqvpk.dll><C:\WINDOWS\system32\xxiytqlx.dll>  [File is missing]
    <kiyvxreu.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <xprydusl.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <hnkocidp.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <gzgzfkol.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <mudrrlyg.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <jrmsbiql.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <tokqwktr.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <ukwchpet.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <udicbhzw.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <yynpozmk.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <smglavfa.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <txjlvmzd.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <ypktsdig.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <yintfvdj.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <ztzbzmxm.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <pwxsahyr.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <qpbsvysu.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <nmctkjek.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <oxftfazo.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <sslgksmc.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <zowfkjbi.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <zzhneavl.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <vukpgpbi.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <vnnxbhvl.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <zjtkgziz.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <njaurrij.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <qmghwjvp.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <jezkivsq.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <jxdscumu.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <kiosxmhp.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <alfjqzhc.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <ehkwdruq.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <lxcuwkzy.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <pahhbcmm.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <plthwugq.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <qmiwljsb.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <qflefafe.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <gryuxreq.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <xxiytqlx.dll><C:\WINDOWS\system32\xxiytqlx.dll>  [File is missing]
    <xqlyoiyb.dll><C:\WINDOWS\system32\xqlyoiyb.dll>  [File is missing]
    <vruspyil.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <irzeysqn.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <wkvhhfgh.dll><C:\WINDOWS\system32\wkvhhfgh.dll>  [File is missing]
    <mntyaahm.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <xvvdqtfw.dll><C:\WINDOWS\system32\xvvdqtfw.dll>  [File is missing]
    <flivwfvq.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <gwldrxqt.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <qmnbhqgc.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <xsvuejlb.dll><C:\WINDOWS\system32\xsvuejlb.dll>  [File is missing]
    <iaxsvdjk.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <srzylwyu.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]
    <gdtnpzww.dll><C:\WINDOWS\system32\gdtnpzww.dll>  [File is missing]
    <afiwyiqs.dll><C:\WINDOWS\system32\afiwyiqs.dll>  [File is missing]
    <eaojladf.dll><C:\WINDOWS\system32\eaojladf.dll>  [File is missing]
    <vdnafves.dll><C:\WINDOWS\system32\vdnafves.dll>  [File is missing]
    <yzsnsnry.dll><C:\WINDOWS\system32\yzsnsnry.dll>  [File is missing]

驱动程序
[00306a49 / 00306a49][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\00306a49.sys><N/A>
[aliimz / aliimz][Stopped/Manual Start]
  <System32\Drivers\aliimz.sys><N/A>
[c551839 / c551839][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\c551839.sys><N/A>
[Flash1 / Flash1][Stopped/Manual Start]
  <\??\C:\Program Files\SP36869\winphlash\Flash1.sys><>
[HBKernel32 Driver / HBKernel32][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\HBKernel32.sys><N/A>
[~F u c k21 / ~F u c k21][Stopped/Manual Start]
  <\??\C:\DOCUME~1\lyt\LOCALS~1\Temp\~F u c k21.tmp><N/A>
[216718 / 216718][Running/]
  <2 - 系统找不到指定的文件。><N/A>
peder - 2008-10-18 12:06:00
仍然不行啊,菜鸟求大虾帮助
aaccbbdd - 2008-10-18 12:08:00
盘扫描,只清理高危险项目,其他项目请自己判断
同时观察清理助手是否报系统文件被替换。

如清理无效
2.扫日志前关闭无用进程,如QQ,迅雷及播放器程序

3.到官方下载SReng
下载地址
http://www.kztechs.com/sreng/download.html
SREng/智能扫描
等扫描完成,保存日志(LOG格式)

PS:如主程序SREng**.exe无法运行,导致无法扫描日志
将主程序改名为小狮子.bat

4.为了对病毒准确定位和判断,找出替换文件的病毒,必须同时上传金山清理专家日志
下载金山清理专家
http://www.duba.net/qing/
金山清理专家-在线系统诊断(隐藏安全项)-导出诊断报告-(全选)-导出报告


5.2份日志/报告以附件上传(点击我回的贴的右下角的“引用”,然后就应该知道怎么以附件发了),贴到反病毒/反流氓软件论坛.已发帖请跟贴,勿另开新帖。

如以上工具不能打开或正常运行,短消息call我
1
查看完整版本: 无法复制粘贴,声卡网卡被屏蔽,任务栏不显示窗口
© 2000 - 2026 Rising Corp. Ltd.