遭遇Trojan.DL.Win32.Autorun.yuz,Trojan.Win32.Inject.gh,Trojan.Win32.Agent.zsq等
遭遇Trojan.DL.Win32.Autorun.yuz,Trojan.Win32.Inject.gh,Trojan.Win32.Agent.zsq等
endurer 原创
2007-10-23 第1版
pe_xscan 07-08-30 by Purple Endurer
2007-10-22 13:13:44
Windows XP Service Pack 2(5.1.2600)
管理员用户组
C:/WINDOWS/system32/winlogon.exe * 604 | 2004-8-8 4:0:0 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Windows NT Logon Application | (C) Microsoft Corporation. All rights reserved. | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | winlogon | WINLOGON.EXE
C:/WINDOWS/system32/winlib .dll
C:/WINDOWS/system32/msplrct.dll
C:/WINDOWS/Explorer.EXE * 224 | 2007-6-13 21:21:56 | Microsoft(R) Windows(R) Operating System | 6.00.2900.3156 | Windows Explorer | (C) Microsoft Corporation. All rights reserved. | 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) | Microsoft Corporation| ? | explorer | EXPLORER.EXE
C:/WINDOWS/Downlo~1/zux.dll | 2007-10-18 9:26:58 | Microsoft(R) Windows(R) Operating System | 5, 3, 2600, 2180 | Microsoft DirectMusic Interactive Engine | 版权所有 (C) 2007 | 5, 3, 2600, 2180 | Microsoft Corporation | | Microsoft DirectMusic Interactive Engine | miniDll.DLL
C:/WINDOWS/Downlo~1/fap.dll | 2007-10-22 11:19:40 | Microsoft(R) Windows(R) Operating System | 5, 3, 2600, 2180 | Microsoft DirectMusic Interactive Engine | 版权所有 (C) 2007 | 5, 3, 2600, 2180 | Microsoft Corporation | | Microsoft DirectMusic Interactive Engine | miniDll.DLL
C:/WINDOWS/Downlo~1/khy.dll | 2007-10-22 11:19:40 | Microsoft(R) Windows(R) Operating System | 5, 3, 2600, 2180 | Microsoft DirectMusic Interactive Engine | 版权所有 (C) 2007 | 5, 3, 2600, 2180 | Microsoft Corporation | | Microsoft DirectMusic Interactive Engine | miniDll.DLL
C:/WINDOWS/system32/2b41.dll | 2007-10-22 11:21:46 | IEHpr Module | 1, 0, 0, 2 | IEHpr Module | Copyright 2007 | 1, 0, 0, 2 | | | IEHpr | IEHpr.DLL
C:/WINDOWS/system32/rundll32.exe * 1096 | 2004-8-8 4:0:0 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Run a DLL as an App | (C) Microsoft Corporation. All rights reserved. | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | rundll | RUNDLL.EXE
C:/WINDOWS/system32/wincheck071013.dll | 1987-10-13 9:31:38
C:/scktsrvr.exe * 1440 | 2006-2-11 9:40:34 | Borland Socket Server | 7.0 | Borland Socket Server | Copyright ? 1997-2001 Borland Software Corporation | 7.0.4.453 | Borland Software Corporation | | SCKTSRVR | SCKTSRVR.EXE
C:/DOCUME~1/new/LOCALS~1/Temp/rundll.exe * 3280 | 2007-9-1 10:46:2
C:/Documents and Settings/All Users/Application Data/Microsoft/Office/SYSTEM/loader.dll | 2007-10-22 9:35:58 | loader | 3.0.4 | system event loader | Microsoft. All rights reserved. | 3.0.4 | Microsoft| ? | loader.dll | loader.dll
C:/Program Files/OCINS/idnsvr.exe * 4072 | 2007-10-22 9:37:22 | | 2, 6, 0, 0 | 国际化域名支持模块 | Copyright CNNIC 2006 - 2007 | 2, 6, 0, 0 | 中国互联网信息中心(CNNIC) | | idnsvr | idnsvr.exe
C:/Program Files/OCINS/idnsvr.exe | 2007-10-22 9:37:22 | | 2, 6, 0, 0 | 国际化域名支持模块 | Copyright CNNIC 2006 - 2007 | 2, 6, 0, 0 | 中国互联网信息中心(CNNIC) | | idnsvr | idnsvr.exe
C:/WINDOWS/system32/rundll32.exe * 2300 | 2004-8-8 4:0:0 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Run a DLL as an App | (C) Microsoft Corporation. All rights reserved. | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | rundll | RUNDLL.EXE
C:/WINDOWS/system32/winsys16_071017.dll | 1987-10-22 9:39:30
C:/program files/internet explorer/iexplore.exe * 3852 | 2004-8-8 12:0:0 | Microsoft(R) Windows(R) Operating System | 6.00.2900.2180 | Internet Explorer | (C) Microsoft Corporation. All rights reserved. | 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | iexplore | IEXPLORE.EXE
C:/WINDOWS/system32/winsys32_071017.dll | 1987-10-22 9:41:22
C:/ah.exe * 14452 | 2007-10-6 19:54:54
C:/WINDOWS/system32/b4591.exe * 15012 | 2007-10-22 10:11:28 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Windows Progman Group Converter | Copyright Zhongsou(C) 2005 | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | GrpConv| ?
C:/WINDOWS/system32/rundll32.exe * 15192 | 2004-8-8 4:0:0 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Run a DLL as an App | (C) Microsoft Corporation. All rights reserved. | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | rundll | RUNDLL.EXE
C:/WINDOWS/system32/921.dll | 2007-10-22 11:21:46 | Player 动态链接库 | 1, 0, 0, 3 | Player 动态链接库 | 版权所有 (C) 2006 | 1, 0, 0, 3 | | ? | Player | Player.dll
O2 - BHO CAdLogic Object - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:/Program Files/Common Files/CPUSH/cpush0.dll
O2 - BHO Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:/Documents and Settings/All Users/Application Data/Microsoft/PCTools/pctools.dll
O2 - BHO Invoke Class - {42A3A616-FF3C-4713-A5C2-4F1B566CEF51} - C:/WINDOWS/system32/2b41.dll
O2 - BHO IEAux Class - {7605CC7C-00FD-4A5F-BAFD-828342DE6279} - C:/PROGRA~1/OCINS/ieaux.dll
O2 - BHO ff Class - {B9751A53-4494-4d7c-9732-AE3058D8145F} - C:/WINDOWS/system32/2b41.dll
O2 - BHO Windows Browser - {C86488AF-13D5-4FEF-9DDF-9FB88698CFC1} - C:/Documents and Settings/All Users/Application Data/Microsoft/OFFICE/USERDATA/a5eUwXqfYU.dll
O4 - HKCU/../Policies/Explorer/Run: [mscheck] rundll32.exe C:/WINDOWS/system32/wincheck071013.dll mymain
O4 - HKLM/../Run: [igfxpers] C:/WINDOWS/system32/igfxpers.exe
O4 - HKLM/../Run: [IdnSvr] C:/Program Files/OCINS/idnsvr.exe
O4 - HKLM/../Policies/Explorer/Run: [Userinit] rundll32.exe C:/WINDOWS/system32/winsys16_071017.dll start
O4 - HKLM/../Policies/Explorer/Run: [melove] C:/WINDOWS/system32/dream.exe
O4 - HKLM/../Policies/Explorer/Run: [dream] C:/WINDOWS/system32/dream.exe
O4 - HKLM/../Policies/Explorer/Run: [khy] rundll32 "C:/WINDOWS/Downlo~1/khy.dll",Run
O4 - Global Startup: scktsrvr.lnk -> c:/scktsrvr.exe
CmdProcAuto = d:/myplay.exe
C:/autorun.inf
/-----
[autorun]
OPEN=ah.exe
shellexecute=ah.exe
shell/Auto/command=ah.exe
shell=open
-----/
D:/autorun.inf
/-----
[autorun]
OPEN=ah.exe
shellexecute=ah.exe
shell/Auto/command=ah.exe
shell=open
-----/
E:/autorun.inf
/-----
[autorun]
OPEN=ah.exe
shellexecute=ah.exe
shell/Auto/command=ah.exe
shell=open
-----/
F:/autorun.inf
/-----
[autorun]
OPEN=ah.exe
shellexecute=ah.exe
shell/Auto/command=ah.exe
shell=open
-----/
O8 - IE右键菜单附加项 : &访问通用网址 - C:/Program Files/OCINS/cnrbtn.html
O8 - IE右键菜单附加项 : 易趣购物 - C:/Program Files/AD4All/link1/eachlink.htm
O23 - 服务: 1ot8pminre (1ot8pminre) - C:/WINDOWS/system32/drivers/1ot8pminre.sys | 2004-8-8 4:0:0(自动)
O23 - 服务: acpidisk (acpidisk) - C:/WINDOWS/system32/drivers/acpidisk.sys | 2007-9-25 14:31:2(自动)
O23 - 服务: cnprov (cnprov) - system32/drivers/cnprov.sys | 中文上网官方版 | 2, 6, 0, 0 | 国际化域名辅助模块 | Copyright (c) . All rights reserved. | 2.6.0.0 | 中国互联网络信息中心(CNNIC)| ? | cnprov.sys | cnprov.sys(引导)
O23 - 服务: idnaux (idnaux) - system32/drivers/idnaux.sys | CNNIC idnaux | 2, 6, 0, 0 | 国际化域名支持模块 | Copyright ? 2005 | 2, 6, 0, 0 | 中国互联网络信息中心(CNNIC) | | idnaux | idnaux.sys(自动)
O23 - 服务: lcyi7wceil (lcyi7wceil) - System32/DRIVERS/lcyi7wceil.sys(引导)
O23 - 服务: ms_2fax (ms_2fax) - C:/WINDOWS/system32/b4591.exe | 2007-10-22 10:11:28 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Windows Progman Group Converter | Copyright Zhongsou(C) 2005 | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | GrpConv| ?(自动)
O23 - 服务: mxdispdr (mxdispdr) - C:/WINDOWS/system32/drivers/mxdispdr.sys | 2007-9-30 20:18:14(自动)
O23 - 服务: sysloader (System Event loader) - "C:/Documents and Settings/All Users/Application Data/Microsoft/Office/SYSTEM/sysloader.exe" | 2007-10-17 10:18:48 | sysloader | 3.0.4 | system event loader | Microsoft. All rights reserved. | 3.0.4 | Microsoft| ? | sysloader.exe | sysloader.exe(自动)
O23 - 服务: Yiqilai (一起来音乐助手) - "C:/Program Files/Yiqilai/wmp/YiqilaiLyrics.exe" | 2007-10-18 10:15:40 | YiqilaiLyrics | 1.0.1 | YiqilaiLyrics | Yiqilai. All rights reserved. | 1.0.1 | Yiqilai| ? | YiqilaiLyrics.exe | YiqilaiLyrics.exe(自动)
文件说明符 : c:/a.exe
属性 : A---
获取文件版本信息大小失败!
创建时间 : 2007-10-22 16:56:33
修改时间 : 2007-10-22 16:57:6
访问时间 : 2007-10-22 0:0:0
大小 : 102356 字节 99.980 KB
MD5 : 7ed8ee6a124e1b69581b0e38435c123c
SHA1: A873CBFFC796E8D211684DE509BB951BBEAD3C64
CRC32: dbf1a17a
瑞星报为:Trojan.Clicker.Win32.PopHot.cg
Kaspersky已检测到: 木马程序 Trojan-Spy.Win32.Agent.afl 文件: D:/test/a.exe.rar/a.exe/PE_Patch/UPack
d:/myplay.exe 与 c:/a.exe 相同
文件说明符 : c:/ah.exe
属性 : -SH-
获取文件版本信息大小失败!
创建时间 : 2007-10-18 16:10:4
修改时间 : 2007-10-6 19:54:54
访问时间 : 2007-10-22 0:0:0
大小 : 18432 字节 18.0 KB
MD5 : b329e5d20a1636f2a7eb7051a8ed55a1
SHA1: 4AAE08CB65BFBCC0F5F086AEDB3042ED16332F2F
CRC32: 8300cea6
瑞星报为:Trojan.DL.Win32.Autorun.yuz
Kaspersky 报为:Virus.Win32.AutoRun.og
文件说明符 : C:/WINDOWS/system32/dream.exe 与 c:/ah.exe 相同。
文件说明符 : c:/scktsrvr.exe
属性 : ----
语言 : 英语(美国)
文件版本 : 7.0.4.453
说明 : Borland Socket Server
版权 : Copyright ? 1997-2001 Borland Software Corporation
备注 :
产品版本 : 7.0
产品名称 : Borland Socket Server
公司名称 : Borland Software Corporation
合法商标 :
内部名称 : SCKTSRVR
源文件名 : SCKTSRVR.EXE
创建时间 : 2007-10-11 17:9:32
修改时间 : 2006-2-11 9:40:34
访问时间 : 2007-10-22 0:0:0
大小 : 725504 字节 708.512 KB
MD5 : c3ef0622b13655bc68cef169e52afb6a
SHA1: 9457F32E964F4040580D8B82B1AC512E96640673
CRC32: 30ec29d7
文件说明符 : C:/Documents and Settings/All Users/Application Data/Microsoft/OFFICE/USERDATA/a5eUwXqfYU.dll
属性 : A---
语言 : 英语(美国)
文件版本 : 3, 0, 6, 0
说明 : MSN Browser
版权 : Copyright 2006
备注 :
产品版本 : 3, 0, 6, 0
产品名称 : MSN Browser
公司名称 : Microsoft Corporation
合法商标 :
内部名称 : webbrowser
源文件名 : webbrowser.DLL
创建时间 : 2007-10-22 9:41:59
修改时间 : 2007-10-22 9:42:0
访问时间 : 2007-10-22 0:0:0
大小 : 170496 字节 166.512 KB
MD5 : df8ff7499023477733bb020473625618
SHA1: F9117D64F0F47450FD49539EAC0CC826D1CC76F9
CRC32: 0e45cf62
| 主 题: | RE:[??ProbableSpam]a5eUwXqfYU.dll[KLAB-3146835] | ||
| 发件人: | "" <newvirus@kaspersky.com> <script language="JavaScript" type="text/javascript"> <!-- var aAddAdress = document.getElementById("aAddAdress"); aAddAdress.href = document.guideform.guidelinks.options[5].value; var aDeleteAdress = document.getElementById("aDeleteAdress"); aDeleteAdress.href = document.guideform.guidelinks.options[4].value; document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[5]); document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[4]); //--> </script> | 发送时间:2007-10-23 12:35:37 | |
Hello,
a5eUwXqfYU.dll - not-a-virus:AdWare.Win32.IEHlpr.ai
This file is an Advertizing Tool, It's detection will be included in the next
update of extended databases set. See more info about
extended databases here: http://www.kaspersky.com/extraavupdates
Please quote all when answering.
--
Best regards, Denis Maslennikov
Virus analyst, Kaspersky Lab.
文件说明符 : C:/WINDOWS/system32/2b41.dll
属性 : A--R
语言 : 英语(美国)
文件版本 : 1, 0, 0, 2
说明 : IEHpr Module
版权 : Copyright 2007
备注 :
产品版本 : 1, 0, 0, 2
产品名称 : IEHpr Module
公司名称 :
合法商标 :
内部名称 : IEHpr
源文件名 : IEHpr.DLL
创建时间 : 2001-2-3 11:22:36
修改时间 : 2007-10-22 11:21:46
访问时间 : 2007-10-22 0:0:0
大小 : 53248 字节 52.0 KB
MD5 : 7dd94ef20e40e0de728112675904811a
SHA1: B41E790374214A54C147CBA26736F0BA8E265022
CRC32: 2445c774
| 主 题: | RE:[??ProbableSpam]2b41.dll[KLAB-3146836] | ||
| 发件人: | "" <newvirus@kaspersky.com> <script language="JavaScript" type="text/javascript"> <!-- var aAddAdress = document.getElementById("aAddAdress"); aAddAdress.href = document.guideform.guidelinks.options[5].value; var aDeleteAdress = document.getElementById("aDeleteAdress"); aDeleteAdress.href = document.guideform.guidelinks.options[4].value; document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[5]); document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[4]); //--> </script> | 发送时间:2007-10-23 12:44:09 | |
Hello,
2b41.dll - not-a-virus:AdWare.Win32.BHO.ih
This file is an Advertizing Tool, It's detection will be included in the next
update of extended databases set. See more info about
extended databases here: http://www.kaspersky.com/extraavupdates
Please quote all when answering.
--
Best regards, Denis Maslennikov
Virus analyst, Kaspersky Lab.
文件说明符 : C:/Documents and Settings/All Users/Application Data/Microsoft/Office/SYSTEM/sysloader.exe
属性 : A---
语言 : 英语(美国)
文件版本 : 3.0.4
说明 : system event loader
版权 : Microsoft. All rights reserved.
备注 :
产品版本 : 3.0.4
产品名称 : sysloader
公司名称 : Microsoft
合法商标 :
内部名称 : sysloader.exe
源文件名 : sysloader.exe
创建时间 : 2007-10-17 10:18:48
修改时间 : 2007-10-17 10:18:48
访问时间 : 2007-10-22 0:0:0
大小 : 357376 字节 349.0 KB
MD5 : c18ceab29fac37d570190a12436d9c8b
SHA1: CB4744B9841B5F9C21CBA1039A46FCE1EAF6E3CD
CRC32: 348f2431
瑞星报为:Trojan.Win32.Inject.gh
| 主 题: | RE:sysloader.exe[KLAB-3146870] | ||
| 发件人: | "" <newvirus@kaspersky.com> <script language="JavaScript" type="text/javascript"> <!-- var aAddAdress = document.getElementById("aAddAdress"); aAddAdress.href = document.guideform.guidelinks.options[5].value; var aDeleteAdress = document.getElementById("aDeleteAdress"); aDeleteAdress.href = document.guideform.guidelinks.options[4].value; document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[5]); document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[4]); //--> </script> | 发送时间:2007-10-23 12:48:10 | |
Hello.
New malicious software was found in the attached file. Trojan-Downloader.Win32.Agent.eky
It's detection will be included in the next update. Thank you for your help.
Please quote all when answering. Do not forget to include you registration data.
-----------------
Regards, Maslennikov Denis
Virus Analyst, Kaspersky Lab.
文件说明符 : C:/WINDOWS/Downlo~1/khy.dll
属性 : A--R
语言 : 中文(中国)
文件版本 : 5, 3, 2600, 2180
说明 : Microsoft DirectMusic Interactive Engine
版权 : 版权所有 (C) 2007
备注 : DirectMusic
产品版本 : 5, 3, 2600, 2180
产品名称 : Microsoft(R) Windows(R) Operating System
公司名称 : Microsoft Corporation
合法商标 :
内部名称 : Microsoft DirectMusic Interactive Engine
源文件名 : miniDll.DLL
创建时间 : 1987-10-22 14:46:33
修改时间 : 2007-10-22 11:19:40
访问时间 : 2007-10-22 0:0:0
大小 : 49152 字节 48.0 KB
MD5 : 3d6d8766c8436ea20457123a7363095d
SHA1: C93850C662823C02F596F80E129995EC93CF5CF1
CRC32: f5a4e191
| 主 题: | RE:khy.dll[KLAB-3146872] | ||
| 发件人: | "" <newvirus@kaspersky.com> | 发送时间:2007-10-23 12:49:41 | |
Hello,
khy.dll - Trojan-Downloader.Win32.Agent.ekz
New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.
Please quote all when answering.
--
Best regards, Denis Maslennikov
Virus analyst, Kaspersky Lab.
文件说明符 : C:/WINDOWS/system32/winsys16_071017.dll
属性 : -SHR
获取文件版本信息大小失败!
创建时间 : 1987-10-18 9:34:39
修改时间 : 1987-10-22 9:39:30
访问时间 : 2007-10-22 0:0:0
大小 : 24576 字节 24.0 KB
MD5 : bd5ad170a8b0fec28e972b314c8668e0
SHA1: 408CB216C2A27187C841A0F9ACAF319BBBEC2D0D
CRC32: a9647ec5
瑞星报为:Trojan.Win32.Agent.zsq
Kaspersky已检测到: 木马程序 Trojan-Spy.Win32.Agent.aga 文件: D:/test/winsys16_071017.dll.rar/winsys16_071017.dll
文件说明符 : C:/WINDOWS/system32/wincheck071013.dll
属性 : -SHR
获取文件版本信息大小失败!
创建时间 : 1987-10-13 9:31:37
修改时间 : 1987-10-13 9:31:38
访问时间 : 2007-10-22 0:0:0
大小 : 27648 字节 27.0 KB
MD5 : eb5929a3a390a519729d1e4dea37d34f
SHA1: 31A75B68CC4A03A7BE1A0265AB0DF271AF3F1887
CRC32: 697c1572
瑞星报为:Trojan.DL.Win32.MyDown.h
| 主 题: | RE:wincheck071013.dll[KLAB-3146878] | ||
| 发件人: | "" <newvirus@kaspersky.com> <script language="JavaScript" type="text/javascript"> <!-- var aAddAdress = document.getElementById("aAddAdress"); aAddAdress.href = document.guideform.guidelinks.options[5].value; var aDeleteAdress = document.getElementById("aDeleteAdress"); aDeleteAdress.href = document.guideform.guidelinks.options[4].value; document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[5]); document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[4]); //--> </script> | 发送时间:2007.10.23 13:12 | |
Hello.
New malicious software was found in the attached file. Trojan.Win32.Delf.ajt
It's detection will be included in the next update. Thank you for your help.
Please quote all when answering. Do not forget to include you registration data.
-----------------
Regards, Maslennikov Denis
Virus Analyst, Kaspersky Lab.
遭遇Trojan.DL.Win32.Autorun.yuz,Trojan.Win32.Inject.gh,Trojan.Win32.Agent.zsq等相关推荐
- 遭遇Trojan DL Multi wfg sss exe SCVHOST EXE autorun inf 等
分享一下我老师大神的人工智能教程.零基础!通俗易懂!风趣幽默!还带黄段子!希望你也加入到我们人工智能的队伍中来!https://blog.csdn.net/jiangjunshow endurer 原 ...
- 遭遇Trojan.DL.Multi.wfg(sss.exe、SCVHOST.EXE、autorun.inf)等
endurer 原创 2006-12-23 第2版 补充修订 2006-12-22 第1版 昨天下午,一位朋友的电脑接入U盘后弹出错误信息框,提示找不到A盘什么的,关了又调出来.让我帮忙看看. 用Wi ...
- 遭遇Trojan.PSW.Lmir.kyo、Trojan.DL.QQHelper等N多木马
endurer 原创 2006-09-23 第1版 有位网友的电脑经常发现病毒,手动扫描也清除不干净. 让我帮忙检查一下. 到 http://endurer.ys168.com 下载HijackThi ...
- 解决病毒Trojan.DL.Small.azt、Trojan.DL.QQHelper.dsb、Dropper.Agent.bba等
endurer 原创 2006-05-20 第1版 昨天有位同事电脑上不了网,让偶帮忙. 那台电脑的网络连接显示已接上,但网关PING不通,无法浏览网页. 重启电脑到带网络连接的安全模式下,可以正常浏 ...
- 传播Virus.Win32.AutoRun.f/Worm.Win32.Delf.b的网页
endurer 原创 2007-06-15 第1版 一位网友说他的电脑不管打开什么网站的网页,显示的都是hxxp://218.*1*.1*4.170的VIP1.HTM.VIP2.HTM等. hxxp: ...
- Trojan.DL.Win32.Hmir.hl的清除方法 采用驱动提供服务的木马病毒
1.通过瑞星查毒发现c:\windows\system32\30pzg8d.dll文件感染Trojan.DL.Win32.Hmir.hl但是删除不了,只好通过冰刃icesword强制删除. 3.删除后 ...
- 某农业产品贸易网挂马Trojan.DL.Win32.Mnless.bes/Trojan-Dropper.Win32.Agent.xdu
某农业产品贸易网挂马Trojan.DL.Win32.Mnless.bes/Trojan-Dropper.Win32.Agent.xdu endurer 原创 2008-09-29 第1版 发现了挺久了 ...
- 遭遇 Trojan.DL.Agent.cjy、ltnward.exe、34E0AE22.dll 等
endurer 原创 2007-01-26 第1版 一位网友说他的电脑最近工作速度很慢,让偶通过QQ远程协助帮忙检修看看. 到 http://endurer.ys168.com 下载 HijackTh ...
- 瑞星杀软的信息中心带Trojan.DL.VBS.Agent.cns?
endurer 原创 2007-06-03 第1版 电脑开机进入桌面后,瑞星自动开始扫描,随即报告 C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/124161561552.tm ...
最新文章
- 值得收藏:一份非常完整的 MySQL 规范
- 人的一生,有三件事情不能等
- Lua语言教程2 ——【表(Table) 类型】
- 关于java嵌入式数据库的选择,强烈建议H2 嵌入式数据库
- c# uri.host_C#| 具有示例的Uri.Host属性
- 音频社交Clubhouse将支持空间音频,让聊天更具真实感
- pynq 环境搭建_蚂蚁S9矿板ZYNQ7010开发板移植PYNQ_2.5
- kernel笔记——库文件与系统调用
- 算法学习之路|反转链表
- EXCEL对比重复数据
- 动态RAM(DRAM)和静态RAM(SRAM)的比较
- 电子商务复习笔记三:网络营销
- java 等额本金与等额本息
- ncbi blast MATLAB,NCBI在线版Blast使用(超详细奥)
- oracle awr 里的socket,AWR 报告中CPUs Cores 和 Sockets 说明
- JavaScript系列之FileReader
- bios 刷 灵耀14_华硕灵耀X2 Pro(i9-9980HK)如何bios设置u盘启动
- Guitar Pro 中圆滑音和连结音的区别在哪里?
- 产品经理的4个基本能力要求
- 新学生管理系统(一)登陆界面