郁闷死了瑞星打都打不开了 bbs.ikaka.com

lxx3386 - 2009-9-2 18:57:00

麻烦帮忙看一下
如何处理
谢谢！

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; QQDownload 538; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; Alexa Toolbar)

附件: rslog.txt

lxx3386 - 2009-9-2 19:07:00

麻烦帮忙看一下
如何处理
谢谢！

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; QQDownload 538; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; Alexa Toolbar)

附件: SREngLOG.log

zg1_2004 - 2009-9-2 19:07:00

该用户帖子内容已被屏蔽

两个铁球 - 2009-9-2 19:19:00

<{E3531A16-FFEA-416F-82DF-32FEDE02EABF}><C:\WINDOWS\system32\emHnPuBAaF7XjuXBbdxSg.dll> [File is missing]
<{737858A9-9AEA-4838-9B49-54DA731F7F37}><C:\WINDOWS\system32\BMsg6pdMD4ht.dll> []
<{A600E212-2A41-41BC-92F1-ED5C96B06185}><C:\WINDOWS\system32\sDV2mGwkejdKa74QJzsjw.inf> []
<{1055CA44-51F8-486B-8CBD-DC7AD4213F1E}><C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon> []
<{700229C5-4CB9-4CAB-8314-384A65644D7C}><C:\WINDOWS\Downloaded Program Files\TaXUyRvThy3HbfMH3BtDm.cur> []
<{8708994F-1758-4C2C-9A3F-FA22D6CCCB41}><C:\WINDOWS\fonts\A97CRaCB.fon> []
<{CF2C613A-A0D9-4E5C-B1BB-6B03B269B054}><C:\WINDOWS\system32\rKPbzUHze58GK2VWcYUCt.inf> []
<{2EF0D734-21FD-4225-A1A2-BCD296182AAF}><C:\WINDOWS\system32\2EF0D734.dll> []
<{23DA65D2-C696-4EE4-BEE8-B4841DEC3E30}><C:\WINDOWS\system32\ndxq9awMc.dll> []
<{5B0C7E2C-3257-4619-8282-A173017B16E2}><C:\WINDOWS\Downloaded Program Files\qvSPdARs5PQNKAzvezTuPcs.cur> []
<{38FEFE05-702C-440D-AD5C-B796209A1CC5}><C:\WINDOWS\system32\Y4npJWJNr.dll> []
<{36AC68E6-0C26-4D39-B98E-54B49DAB6BAA}><C:\WINDOWS\system32\dhDhwS7fFW.dll> []
<{BE12C98F-645D-4566-B524-DC32040B7C8A}><C:\WINDOWS\system32\eYNMAnskCCBQCc8Jp.dll> []
<{A5CA6C70-7185-4466-AB45-B1C34E7A37CA}><C:\WINDOWS\system32\ed78ab9.dll> []
<{87DE8A1A-96C5-4420-B222-EF998F697CE7}><C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll> []
<{ECC00636-8C3B-4D8D-B271-AAA6DF9505CD}><C:\WINDOWS\system32\Am274u6Rqq2cTzTpjCGKy.inf> []
<{51AA0D89-E9A9-4284-93E8-40C0FDD59304}><C:\WINDOWS\system32\eNyN5X48HrtXc.dll> []

两个铁球 - 2009-9-2 19:24:00

[PID: 1684 / JUJUMAO][C:\DOCUME~1\JUJUMA~1.COM\LOCALS~1\Temp\1170234_xeex.exe] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\X5T4kV8DNmMbdRXAUx82K.inf] [N/A, ]
[PID: 1428 / JUJUMAO][C:\DOCUME~1\JUJUMA~1.COM\LOCALS~1\Temp\1309062_xeex.exe] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.inf] [N/A, ]
[PID: 3376 / JUJUMAO][C:\DOCUME~1\JUJUMA~1.COM\LOCALS~1\Temp\1375406_xeex.exe] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\fRWSJda7RbSuR3jFSmMBy.inf] [N/A, ]
[PID: 3428 / JUJUMAO][C:\DOCUME~1\JUJUMA~1.COM\LOCALS~1\Temp\1408515_xeex.exe] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\cRsAQd4hw.dll] [N/A, ]
[PID: 2328 / JUJUMAO][C:\DOCUME~1\JUJUMA~1.COM\LOCALS~1\Temp\1541968_xeex.exe] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\CDuAUVkGy9.dll] [N/A, ]
[PID: 1288 / JUJUMAO][C:\Program Files\Common Files\system\4.exe] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\fonts\fyrwJf5Qfhh.fon] [N/A, ]
[PID: 3996 / JUJUMAO][C:\Program Files\Common Files\system\5.exe] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll] [N/A, ]
[PID: 2508 / JUJUMAO][C:\Program Files\Common Files\system\6.exe] [N/A, ]
[C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\pj83ZgsqjcWUNwjrRp42tFw.dll] [N/A, ]
[PID: 2632 / JUJUMAO][C:\Program Files\Common Files\system\7.exe] [N/A, ]
[C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll] [N/A, ]
[PID: 2928 / JUJUMAO][C:\Program Files\Common Files\system\8.exe] [N/A, ]
[C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\skcfujQ5EDN.dll] [N/A, ]
[PID: 3196 / JUJUMAO][C:\Program Files\Common Files\system\9.exe] [N/A, ]
[C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll] [N/A, ]
[PID: 1172 / JUJUMAO][C:\Program Files\Common Files\system\13.exe] [N/A, ]
[C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\SrNRKs5F7Rkv9hp.inf] [N/A, ]
[PID: 3436 / JUJUMAO][C:\Program Files\Common Files\system\15.exe] [N/A, ]
[C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\rfpz9wwyy2np.dll] [N/A, ]
[PID: 732 / JUJUMAO][D:\cconter.exe] [dfdf, 4.05.0005]
[C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\vb6chs.dll] [Microsoft Corporation, 6.00.8988]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\飘云\QQ\QQDoctor\TSVulMon.DAT] [Tencent, 2009, 8, 7, 21]
[C:\WINDOWS\system32\Y4npJWJNr.dll] [N/A, ]
[C:\WINDOWS\Downloaded Program Files\TaXUyRvThy3HbfMH3BtDm.cur] [N/A, ]
[C:\WINDOWS\system32\sDV2mGwkejdKa74QJzsjw.inf] [N/A, ]
[C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll] [N/A, ]
[C:\WINDOWS\system32\skcfujQ5EDN.dll] [N/A, ]
[C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll] [N/A, ]
[C:\WINDOWS\system32\pj83ZgsqjcWUNwjrRp42tFw.dll] [N/A, ]
[C:\WINDOWS\fonts\fyrwJf5Qfhh.fon] [N/A, ]
[C:\WINDOWS\system32\BMsg6pdMD4ht.dll] [N/A, ]
[C:\WINDOWS\system32\CDuAUVkGy9.dll] [N/A, ]
[C:\WINDOWS\system32\cRsAQd4hw.dll] [N/A, ]
[C:\WINDOWS\system32\fRWSJda7RbSuR3jFSmMBy.inf] [N/A, ]
[C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.inf] [N/A, ]
[C:\WINDOWS\system32\X5T4kV8DNmMbdRXAUx82K.inf] [N/A, ]
[C:\WINDOWS\system32\2EF0D734.dll] [N/A, ]
[C:\WINDOWS\system32\SCEVFJRCmaB7.dll] [N/A, ]
[C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon] [N/A, ]
[C:\WINDOWS\fonts\A97CRaCB.fon] [N/A, ]
[C:\WINDOWS\system32\08223B03.dll] [N/A, ]
[PID: 3504 / JUJUMAO][C:\Program Files\FlashGet Network\egihj.exe] [N/A, ]
[C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\飘云\QQ\QQDoctor\TSVulMon.DAT] [Tencent, 2009, 8, 7, 21]
[C:\WINDOWS\system32\Y4npJWJNr.dll] [N/A, ]
[C:\WINDOWS\Downloaded Program Files\TaXUyRvThy3HbfMH3BtDm.cur] [N/A, ]
[C:\WINDOWS\system32\sDV2mGwkejdKa74QJzsjw.inf] [N/A, ]
[C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll] [N/A, ]
[C:\WINDOWS\system32\skcfujQ5EDN.dll] [N/A, ]
[C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll] [N/A, ]
[C:\WINDOWS\system32\pj83ZgsqjcWUNwjrRp42tFw.dll] [N/A, ]
[C:\WINDOWS\fonts\fyrwJf5Qfhh.fon] [N/A, ]
[C:\WINDOWS\system32\BMsg6pdMD4ht.dll] [N/A, ]
[C:\WINDOWS\system32\CDuAUVkGy9.dll] [N/A, ]
[C:\WINDOWS\system32\cRsAQd4hw.dll] [N/A, ]
[C:\WINDOWS\system32\fRWSJda7RbSuR3jFSmMBy.inf] [N/A, ]
[C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.inf] [N/A, ]
[C:\WINDOWS\system32\X5T4kV8DNmMbdRXAUx82K.inf] [N/A, ]
[C:\WINDOWS\system32\2EF0D734.dll] [N/A, ]
[C:\WINDOWS\system32\SCEVFJRCmaB7.dll] [N/A, ]
[C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon] [N/A, ]
[C:\WINDOWS\fonts\A97CRaCB.fon] [N/A, ]
[C:\WINDOWS\system32\08223B03.dll] [N/A, ]
[PID: 3632 / JUJUMAO][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 7.00.6000.16876 (vista_gdr.090625-2339)]
[C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll] [N/A, ]
[C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\飘云\QQ\QQDoctor\TSVulMon.DAT] [Tencent, 2009, 8, 7, 21]
[C:\WINDOWS\system32\Y4npJWJNr.dll] [N/A, ]
[C:\WINDOWS\Downloaded Program Files\TaXUyRvThy3HbfMH3BtDm.cur] [N/A, ]
[C:\WINDOWS\system32\sDV2mGwkejdKa74QJzsjw.inf] [N/A, ]
[C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll] [N/A, ]
[C:\WINDOWS\system32\skcfujQ5EDN.dll] [N/A, ]
[C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll] [N/A, ]
[C:\WINDOWS\system32\pj83ZgsqjcWUNwjrRp42tFw.dll] [N/A, ]
[C:\WINDOWS\fonts\fyrwJf5Qfhh.fon] [N/A, ]
[C:\WINDOWS\system32\BMsg6pdMD4ht.dll] [N/A, ]
[C:\WINDOWS\system32\CDuAUVkGy9.dll] [N/A, ]
[C:\WINDOWS\system32\cRsAQd4hw.dll] [N/A, ]
[C:\WINDOWS\system32\fRWSJda7RbSuR3jFSmMBy.inf] [N/A, ]
[C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.inf] [N/A, ]
[C:\WINDOWS\system32\X5T4kV8DNmMbdRXAUx82K.inf] [N/A, ]
[C:\WINDOWS\system32\2EF0D734.dll] [N/A, ]
[d:\Program Files\Tencent\QQDownload2\QQIEHelper01.dll] [Tencent Technology (Shenzhen) Company Limited, 2, 0, 528, 204]
[D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.2.6.179]
[C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\飘云\QQ\QQDoctor\TSWebMon.dat] [Tencent, 2009.7.30.2]
[D:\飘云\QQ\QQDoctor\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5.0.8.179]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 22]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 17]
[C:\WINDOWS\system32\urlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
[C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
[C:\Program Files\PPLiveVA\DownloaderManager.dll] [Synacast, 1.0.0.35]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1021]
[C:\Program Files\Java\jre6\bin\jp2ssv.dll] [Sun Microsystems, Inc., 6.0.150.3]
[C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll] [Sun Microsystems, Inc., 6.0.150.3]
[C:\Program Files\360\360Safe\safemon\urlproc.dll] [360.CN, 1, 0, 0, 1006]
[D:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.77]
[C:\WINDOWS\system32\SCEVFJRCmaB7.dll] [N/A, ]
[C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon] [N/A, ]
[C:\WINDOWS\fonts\A97CRaCB.fon] [N/A, ]
[C:\WINDOWS\system32\08223B03.dll] [N/A, ]
[PID: 5652 / JUJUMAO][C:\Documents and Settings\JUJUMAO.COMPUTER\桌面\sreng2.8.1.1279版\sr-engldr.exe] [Smallfrogs Studio, 2.8.1.1279]
[PID: 5660 / JUJUMAO][C:\Documents and Settings\JUJUMAO.COMPUTER\桌面\sreng2.8.1.1279版\SREc194fd4d.EXE] [Smallfrogs Studio, 2.8.1.1279]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\飘云\QQ\QQDoctor\TSVulMon.DAT] [Tencent, 2009, 8, 7, 21]
[C:\WINDOWS\Downloaded Program Files\TaXUyRvThy3HbfMH3BtDm.cur] [N/A, ]
[C:\WINDOWS\system32\sDV2mGwkejdKa74QJzsjw.inf] [N/A, ]
[C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll] [N/A, ]
[C:\WINDOWS\system32\skcfujQ5EDN.dll] [N/A, ]
[C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll] [N/A, ]
[C:\WINDOWS\system32\pj83ZgsqjcWUNwjrRp42tFw.dll] [N/A, ]
[C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll] [N/A, ]
[C:\WINDOWS\fonts\fyrwJf5Qfhh.fon] [N/A, ]
[C:\WINDOWS\system32\BMsg6pdMD4ht.dll] [N/A, ]
[C:\WINDOWS\system32\CDuAUVkGy9.dll] [N/A, ]
[C:\WINDOWS\system32\cRsAQd4hw.dll] [N/A, ]
[C:\WINDOWS\system32\fRWSJda7RbSuR3jFSmMBy.inf] [N/A, ]
[C:\WINDOWS\system32\Y4npJWJNr.dll] [N/A, ]
[C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.inf] [N/A, ]
[C:\WINDOWS\system32\X5T4kV8DNmMbdRXAUx82K.inf] [N/A, ]
[C:\WINDOWS\system32\2EF0D734.dll] [N/A, ]
[C:\WINDOWS\system32\SCEVFJRCmaB7.dll] [N/A, ]
[C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon] [N/A, ]
[C:\WINDOWS\fonts\A97CRaCB.fon] [N/A, ]
[C:\WINDOWS\system32\08223B03.dll] [N/A, ]
[C:\Documents and Settings\JUJUMAO.COMPUTER\桌面\sreng2.8.1.1279版\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[PID: 4408 / JUJUMAO][C:\Documents and Settings\JUJUMAO.COMPUTER\桌面\sreng2.8.1.1279版\sr-engldr.exe] [Smallfrogs Studio, 2.8.1.1279]
[PID: 4416 / JUJUMAO][C:\DOCUME~1\JUJUMA~1.COM\LOCALS~1\Temp\SRE9F.EXE] [Smallfrogs Studio, 2.8.1.1279]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\飘云\QQ\QQDoctor\TSVulMon.DAT] [Tencent, 2009, 8, 7, 21]
[C:\WINDOWS\Downloaded Program Files\TaXUyRvThy3HbfMH3BtDm.cur] [N/A, ]
[C:\WINDOWS\system32\sDV2mGwkejdKa74QJzsjw.inf] [N/A, ]
[C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll] [N/A, ]
[C:\WINDOWS\system32\skcfujQ5EDN.dll] [N/A, ]
[C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll] [N/A, ]
[C:\WINDOWS\system32\pj83ZgsqjcWUNwjrRp42tFw.dll] [N/A, ]
[C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll] [N/A, ]
[C:\WINDOWS\fonts\fyrwJf5Qfhh.fon] [N/A, ]
[C:\WINDOWS\system32\BMsg6pdMD4ht.dll] [N/A, ]
[C:\WINDOWS\system32\CDuAUVkGy9.dll] [N/A, ]
[C:\WINDOWS\system32\cRsAQd4hw.dll] [N/A, ]
[C:\WINDOWS\system32\fRWSJda7RbSuR3jFSmMBy.inf] [N/A, ]
[C:\WINDOWS\system32\Y4npJWJNr.dll] [N/A, ]
[C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.inf] [N/A, ]
[C:\WINDOWS\system32\X5T4kV8DNmMbdRXAUx82K.inf] [N/A, ]
[C:\WINDOWS\system32\2EF0D734.dll] [N/A, ]
[C:\WINDOWS\system32\SCEVFJRCmaB7.dll] [N/A, ]
[C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon] [N/A, ]
[C:\WINDOWS\fonts\A97CRaCB.fon] [N/A, ]
[C:\WINDOWS\system32\08223B03.dll] [N/A, ]

两个铁球 - 2009-9-2 19:26:00

好家伙！好强的病毒！
连SREng都被插了。
瑞星呢？

建议革盘重装系统，不然弄起来麻烦。

ty88 - 2009-9-2 19:31:00

建议使用XDelBox删除以下文件
复制所有要删除文件的路径，在待删除文件列表里点击右键选择从剪贴板导入,重启删除

c:\windows\downloaded program files\qvspdars5pqnkazveztupcs.cur
c:\windows\downloaded program files\taxuyrvthy3hbfmh3btdm.cur
c:\windows\fonts\a97cracb.fon
c:\windows\fonts\bqgc5yhmsd4yd.fon
c:\windows\fonts\fyrwjf5qfhh.fon
c:\windows\system32\08223b03.dll
c:\windows\system32\2ef0d734.dll
c:\windows\system32\a4rxqxcvnbmnnpqs.dll
c:\windows\system32\am274u6rqq2ctztpjcgky.inf
c:\windows\system32\bmsg6pdmd4ht.dll
c:\windows\system32\btmband89jc9pspq5eknj.inf
c:\windows\system32\cduauvkgy9.dll
c:\windows\system32\crsaqd4hw.dll
c:\windows\system32\dhdhws7ffw.dll
c:\windows\system32\ed78ab9.dll
c:\windows\system32\enyn5x48hrtxc.dll
c:\windows\system32\eynmanskccbqcc8jp.dll
c:\windows\system32\frwsjda7rbsur3jfsmmby.inf
c:\windows\system32\ndxq9awmc.dll
c:\windows\system32\perrgx5dkqsbqdwaucrqh.dll
c:\windows\system32\pj83zgsqjcwunwjrrp42tfw.dll
c:\windows\system32\q9q2mhj3utberm7wc.dll
c:\windows\system32\scevfjrcmab7.dll
c:\windows\system32\sdv2mgwkejdka74qjzsjw.inf
c:\windows\system32\skcfujq5edn.dll
c:\windows\system32\x5t4kv8dnmmbdrxaux82k.inf
c:\windows\system32\y4npjwjnr.dll
c:\docume~1\jujuma~1.com\locals~1\temp\tmp.tmp
c:\program files\common files\system\qqjiji.exe
c:\docume~1\jujuma~1.com\locals~1\temp\590953_xeex.exe
c:\docume~1\jujuma~1.com\locals~1\temp\777218_xeex.exe
c:\docume~1\jujuma~1.com\locals~1\temp\814390_xeex.exe
c:\docume~1\jujuma~1.com\locals~1\temp\1170234_xeex.exe
c:\docume~1\jujuma~1.com\locals~1\temp\1309062_xeex.exe
c:\docume~1\jujuma~1.com\locals~1\temp\1375406_xeex.exe
c:\docume~1\jujuma~1.com\locals~1\temp\1541968_xeex.exe
c:\docume~1\jujuma~1.com\locals~1\temp\1408515_xeex.exe
c:\program files\common files\system\4.exe
c:\program files\common files\system\5.exe
c:\program files\common files\system\6.exe
c:\program files\common files\system\7.exe
c:\program files\common files\system\8.exe
c:\program files\common files\system\9.exe
c:\program files\common files\system\13.exe
c:\program files\common files\system\15.exe
d:\cconter.exe
c:\program files\flashget network\egihj.exe
c:\windows\system32\rkpbzuhze58gk2vwcyuct.inf
c:\windows\system32\2exjw3dsatgwrf5uapadmhn.dll
c:\windows\system32\emhnpubaaf7xjuxbbdxsg.dll
c:\docume~1\jujuma~1.com\locals~1\temp\02.exe
c:\windows\system32\6to4.dll
c:\program files\internet explorer\002.tmp
c:\windows\system32\drivers\eurpl.sys
c:\windows\system32\drivers\iwjmf.sys

2.删除重启后使用SREng修复下面各项：

启动项目－－注册表之如下项删除：
[{700229C5-4CB9-4CAB-8314-384A65644D7C}] <C:\WINDOWS\Downloaded Program Files\TaXUyRvThy3HbfMH3BtDm.cur>
[{8708994F-1758-4C2C-9A3F-FA22D6CCCB41}] <C:\WINDOWS\fonts\A97CRaCB.fon>
[{CF2C613A-A0D9-4E5C-B1BB-6B03B269B054}] <C:\WINDOWS\system32\rKPbzUHze58GK2VWcYUCt.inf>
[{2EF0D734-21FD-4225-A1A2-BCD296182AAF}] <C:\WINDOWS\system32\2EF0D734.dll>
[{23DA65D2-C696-4EE4-BEE8-B4841DEC3E30}] <C:\WINDOWS\system32\ndxq9awMc.dll>
[{5B0C7E2C-3257-4619-8282-A173017B16E2}] <C:\WINDOWS\Downloaded Program Files\qvSPdARs5PQNKAzvezTuPcs.cur>
[{38FEFE05-702C-440D-AD5C-B796209A1CC5}] <C:\WINDOWS\system32\Y4npJWJNr.dll>
[{36AC68E6-0C26-4D39-B98E-54B49DAB6BAA}] <C:\WINDOWS\system32\dhDhwS7fFW.dll>
[{BE12C98F-645D-4566-B524-DC32040B7C8A}] <C:\WINDOWS\system32\eYNMAnskCCBQCc8Jp.dll>
[{A5CA6C70-7185-4466-AB45-B1C34E7A37CA}] <C:\WINDOWS\system32\ed78ab9.dll>
[{87DE8A1A-96C5-4420-B222-EF998F697CE7}] <C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll>
[{ECC00636-8C3B-4D8D-B271-AAA6DF9505CD}] <C:\WINDOWS\system32\Am274u6Rqq2cTzTpjCGKy.inf>
[{51AA0D89-E9A9-4284-93E8-40C0FDD59304}] <C:\WINDOWS\system32\eNyN5X48HrtXc.dll>
[{E3531A16-FFEA-416F-82DF-32FEDE02EABF}] <C:\WINDOWS\system32\emHnPuBAaF7XjuXBbdxSg.dll>
[{737858A9-9AEA-4838-9B49-54DA731F7F37}] <C:\WINDOWS\system32\BMsg6pdMD4ht.dll>
[{A600E212-2A41-41BC-92F1-ED5C96B06185}] <C:\WINDOWS\system32\sDV2mGwkejdKa74QJzsjw.inf>
[{1055CA44-51F8-486B-8CBD-DC7AD4213F1E}] <C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon>
[02.exe] <C:\DOCUME~1\JUJUMA~1.COM\LOCALS~1\Temp\02.exe>

启动项目－－服务－－ Win32服务应用程序之如下项禁用：
[6to4 / 6to4] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\6to4.dll>

启动项目－－服务－－驱动程序之如下项禁用：
[qq2 / qq2] <\??\C:\Program Files\Internet Explorer\002.tmp>
[iyglv / iyglv] <\SystemRoot\system32\drivers\eurpl.sys>
[iwjmf / iwjmf] <\??\C:\WINDOWS\system32\drivers\iwjmf.sys>

**************以上分析报告由SREngLog分析助手提供******************
分析：taoyuan237
时间：2009-9-2
SREngLog分析助手 1.4 BY 草莽书生 (20090209 更新 BY 小金)

自动清理方案操作步骤：

1。下载通用病毒杀灭机正式版(点击下
载)，请先参考软件帮助说明。

2。复制符号区域的修复指令或者下载附件中的修复指令文件*.dat 。

========指令正文，复制以下内容========

[复制到剪贴板]
CODE:
复制指令区

========指令结束，复制以上内容========

3。打开通用病毒杀灭机（打不开的建议改名，如abc.exe，abc.bat等），复制
修复指令者使用剪贴板导入；下载修复指令文件的使用文件导入
重启即可删除病毒，并帮助你删除自启动项和禁用服务。

（注：第一次重启有时候会弹出文件夹，那是由于自启动项目还没有删除，而
文件已经被XDELBOX删除并用文件夹替代的结果）

ty88 - 2009-9-2 19:32:00

没什么稀奇的
普通网马而已
不过是带了驱动的网马
完事以后建议使用ARk在看下

两个铁球 - 2009-9-2 19:42:00

楼主主力杀软都没一个，还敢在网上干这干那！

ty88 - 2009-9-2 19:44:00

引用:

原帖由 两个铁球 于 2009-9-2 19:42:00 发表
楼主主力杀软都没一个，还敢在网上干这干那！

辅助安全工具太多了
真正的杀软貌似没有:kaka6:
完事以后记得看看系统文件有没被替换

lxx3386 - 2009-9-2 22:00:00

不是没有是全都被关闭了
刚才在安全模式下杀了300多个病毒。。。。。。
现在似乎只剩下IE被篡改的问题了
可恨的7214.。。。。。

lxx3386 - 2009-9-2 22:01:00

还有个问题
现在杀完毒以后瑞星变成小红伞
所有的都不能开启。。。。

豪斯登堡新郎 - 2009-9-3 7:25:00

修复安装瑞星杀软若还是无法启动请重新安装瑞星

所中的病毒属于病毒终结者型

瑞星卡卡安全论坛