Rootkit. win32.agent, Trojan. psw. win32.gameonline, Trojan. win32.mnless, etc. 2

Rootkit. win32.agent, Trojan. psw. win32.gameonline, Trojan. win32.mnless, etc. 2

EndurerOriginal
1Version

There were a lot of things during this time and there was no time for remote assistance. Let the netizens handle them as follows:

Restart your computer to the safe mode with network connection,
Use WinRAR to delete E:/autorun. inf and E:/autorun.exe. It is strange that this autorun.exe is only on the E disk.
Download drweb cureit! Scan, the netizen said that once the browser is opened, an error prompt will appear, and IE is stuck:

You can't use the proud game either.
Let him unmount the connected games.
Put drweb cureit! Scan back to find three viruses and delete them.

Download Rising Antivirus assistant aide4rav to http://endurer.ys168.com, use rising online free scan, found a bunch:
/---
12:40:19 Rising anti-virus Assistant
Windows XP Service Pack 2 (5.1.2600)
File Name virus name
C:/Windows/system32/Drivers/wxptdi. sysTrojan. win32.mnless. zyq
C:/Windows/system32/3721.exeTrojan. win32.vb. Baz
C:/Windows/system32/sidjfzy. dllTrojan. psw. win32.gameonline. zzl
C:/Windows/system32/COM/comrecmd.exeTrojan. win32.mnless. zgl
C:/Windows/system32/kvdxjma. dllTrojan. psw. win32.xyonline. vi
C:/Windows/system32/rsztmpm. dllTrojan. psw. win32.gameonline. zyp
C:/Windows/system32/kawdfzy. dllTrojan. psw. win32.asktao. ey
C:/Windows/system32/okmhazy. dllTrojan. psw. win32.xyonline. Uh
C:/Windows/system32/avwghmn. dllTrojan. psw. win32.sunonline. In
C:/Windows/system32/swrcezc. dllTrojan. psw. win32.lmir. YZD
C:/Windows/system32/avzxkmn. dllTrojan. psw. win32.gameonline. zye
C:/Windows/system32/avwlgmn. dllTrojan. psw. win32.sunonline. ie
C:/Windows/system32/genprotect. dllTrojan. psw. win32.gameonline. ASX
C:/Windows/system32/shqmangr. dllTrojan. psw. win32.gameonline. Zyl
C:/Windows/system32/msdeg32.dll> upack0.34Trojan. psw. win32.gameonline. ARO
C:/Windows/system32/lymangr. dll> upack0.34Trojan. psw. win32.gameonline. ARO
C:/Windows/system32/avwlst.exe> upack0.34Trojan. psw. win32.gameonline.
C:/Windows/system32/gdrxjhi32.dll> upack0.34Trojan. psw. win32.ybonline. Ck
C:/Windows/system32/swrceac.exe> upack0.34Trojan. psw. win32.lmir. YZD
C:/Windows/system32/avzxkst.exe> upack0.34Trojan. psw. win32.gameonline. zye
C:/Windows/system32/kvdxskis.exe> upack0.34Trojan. psw. win32.gameonline. Zzz
C:/Windows/system32/avwghst.exe> upack0.34Trojan. psw. win32.sunonline. In
C:/Windows/system32/okmhaaz.exe> upack0.34Trojan. psw. win32.xyonline. Uh
C:/Windows/system32/kawdfaz.exe> upack0.34Trojan. psw. win32.xyonline. Ty
C:/Windows/system32/rsztmsp.exe> upack0.34Trojan. psw. win32.gameonline. awz
C:/Windows/system32/sidjfaz.exe> upack0.34Trojan. psw. win32.gameol.
C:/Windows/system32/kvdxjis.exe> upack0.34Trojan. psw. win32.xyonline. VK
C:/Windows/system32/lyloader.exe> upack0.39Trojan. psw. win32.gameonline. ARO
C:/Windows/system32/explorer.exe> mian007Packer. mian007
C:/Windows/genprotect.exe> upack0.32Trojan. psw. win32.gameonline. ASX
C:/Windows/ressdt. sysRootkit. win32.agent. nmj
---/
Use the Rising Antivirus assistant to delete ......

Download hijackthis fix item F2, O4, o21 to the http://endurer.ys168.com.

Download and install the Security Assistant of rising star Kaka. First, go to [basic functions]-> [scan and kill malicious and rogue software] to scan and clear rogue software.
Switch to [advanced functions]:
Uninstall o24 items in [plug-in management and uninstallation.
In [system enable item management], click [logon item] on the left, find the project corresponding to the O4 item on the right, right-click, and choose delete from the pop-up menu; click [service items] and [Driver] on the left, find the project corresponding to o23 on the right, right-click, and choose delete from the pop-up menu.

Another item:
/---
O23-service: sfrem02 (frontline drivers auto removal (V2)-C:/Windows/system32/sfrem02.exe SVC (automatic)
---/
It seems to be a computer game that has not been processed by netizens.

Find and delete the files marked in red in the log.
Because no antivirus software is installed on the computer of a netizen, he needs to download and install the free version of Rising Star 2008. After the installation, restart as prompted ......
After a while, some netizens encountered strange things and sent bad news: