我的病毒杀不掉啊！ bbs.ikaka.com

屁股蛋儿 - 2009-7-1 21:14:00

中了好久了,用瑞星杀了好几次都杀不掉,删除文件也删不掉。
在文件C:\WINDOWS\system32\drivers\57qm.sys里.

说的简单点我不太灵光。拜托啦~:kaka18:

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; QQDownload 1.7)

超级游戏迷 - 2009-7-1 21:16:00

点击下载 System Repair Engineer
1 、解压缩sreng2.zip
2、运行SREngldr.exe
3 、智能扫描=》扫描=》保存报告
4 、将刚保存的日志文件以附件方式上传。

Fabregas - 2009-7-1 21:22:00

可采用光盘引导查杀，http://zhidao.ikaka.com/Aspx/Html/StaticHtml/296/296551.html

屁股蛋儿 - 2009-7-1 21:27:00

嗯.....

附件: SREngLOG.log

超级游戏迷 - 2009-7-1 21:41:00

中过木马群了，晕……
以下是有问题的项目，红色的有问题但不可删除（需要手工编辑），蓝色的可疑，黑色的是病毒……
=================================
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><womsoy.dll,wcpome.dll,wolko.dll,pocolieov.dll,nhmxdjkl.dll,kmon.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{d9ee1f60-ff6a-4191-b164-ea3041b5a9a6}><MMMHXGGD1070.dll> [N/A]
<{3D698451-2015-6358-9871-2015987452D3}><C:\WINDOWS\system32\apzhctde.dll> [File is missing]
<{4be9f7b8-7953-4626-b4b5-3195fb1cc404}><MMBAIKOK1100.dll> [N/A]
<{d332093c-9d73-4868-b201-9464a1d97512}><MMHADPQG1101.dll> [N/A]
<{B629FF4F-ACDB-5C90-A098-FACB3456A26B}><C:\WINDOWS\system32\hdf453d.dll> [File is missing]
<{9f226412-083f-4be9-999f-063331561a00}><MMKAFNFW1110.dll> [N/A]
<{55694105-5108-9405-3695-954187462155}><C:\WINDOWS\system32\mpwdeapi.dll> [File is missing]
<{37A924AF-1A5F-CF21-AB1D-1D5CF82A8A73}><C:\WINDOWS\system32\zywlcime.dll> [File is missing]
<{00230023-0023-0023-0023-00230023BB15}><C:\WINDOWS\system32\rasdlgcq.dll> [File is missing]
<{4A698102-5904-AFD0-20DF-CD1A65829CA4}><C:\WINDOWS\system32\zycbdime.dll> [File is missing]
<{8942ff57-5cf4-4ef5-9ffa-1b6d48b4d3fc}><MMWLANGH1006.dll> [N/A]
<{4a81eac1-d0eb-44e5-9b5a-60315f084dfc}><MMQACNAR1068.dll> [N/A]
<{47AC9076-C898-B098-D098-A18319080974}><C:\WINDOWS\system32\nhmxdjkl.dll> [File is missing]
<{00010001-0001-0001-0001-00010001BB15}><C:\WINDOWS\system32\adsntzt.dll> [File is missing]
==================================
驱动程序
[57q / 57qm][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\57qm.sys><N/A>
[Hdv32 / Hdv32][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\Hdv32_c.sys><N/A>
[TKP / TKP][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\DRIVERS\39fc><N/A>
==================================
浏览器加载项
[Promote Class]
{0FA24E3E-422C-4D94-A125-104F32352C90} <C:\WINDOWS\system32\promote.dll, N/A>
[]
{37A924AF-1A5F-CF21-AB1D-1D5CF82A8A73} <C:\WINDOWS\system32\zywlcime.dll, N/A>
[]
{47AC9076-C898-B098-D098-A18319080974} <C:\WINDOWS\system32\nhmxdjkl.dll, N/A>
[]
{55694105-5108-9405-3695-954187462155} <C:\WINDOWS\system32\mpwdeapi.dll, N/A>
[Promote Class]
{0FA24E3E-422C-4D94-A125-104F32352C90} <C:\WINDOWS\system32\promote.dll, N/A>
[]
{37A924AF-1A5F-CF21-AB1D-1D5CF82A8A73} <C:\WINDOWS\system32\zywlcime.dll, N/A>
[]
{47AC9076-C898-B098-D098-A18319080974} <C:\WINDOWS\system32\nhmxdjkl.dll, N/A>
[]
{55694105-5108-9405-3695-954187462155} <C:\WINDOWS\system32\mpwdeapi.dll, N/A>
==================================
正在运行的进程
[C:\WINDOWS\system32\OggDS.dll] [, 0, 9, 9, 5]
[C:\WINDOWS\system32\vorbis.dll] [N/A, ]
[C:\WINDOWS\system32\ogg.dll] [N/A, ]
[C:\WINDOWS\system32\vorbisenc.dll] [N/A, ]
==================================

超级游戏迷 - 2009-7-1 21:42:00

下班了，等高手来回复吧，抱歉了……:default34:

屁股蛋儿 - 2009-7-1 21:52:00

好吧谢谢了。

屁股蛋儿 - 2009-7-1 21:59:00

那是要怎么做呢把黑色的全部删掉吗？

瑞星卡卡安全论坛