- 浏览: 952647 次
文章分类
最新评论
遭遇Trojan.DL.Win32.Autorun.yuz,Trojan.Win32.Inject.gh,Trojan.Win32.Agent.zsq等
遭遇Trojan.DL.Win32.Autorun.yuz,Trojan.Win32.Inject.gh,Trojan.Win32.Agent.zsq等
endurer 原创
2007-10-23 第1版
pe_xscan 07-08-30 by Purple Endurer
2007-10-22 13:13:44
Windows XP Service Pack 2(5.1.2600)
管理员用户组
C:/WINDOWS/system32/winlogon.exe * 604 | 2004-8-8 4:0:0 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Windows NT Logon Application | (C) Microsoft Corporation. All rights reserved. | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | winlogon | WINLOGON.EXE
C:/WINDOWS/system32/winlib .dll
C:/WINDOWS/system32/msplrct.dll
C:/WINDOWS/Explorer.EXE * 224 | 2007-6-13 21:21:56 | Microsoft(R) Windows(R) Operating System | 6.00.2900.3156 | Windows Explorer | (C) Microsoft Corporation. All rights reserved. | 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) | Microsoft Corporation| ? | explorer | EXPLORER.EXE
C:/WINDOWS/Downlo~1/zux.dll | 2007-10-18 9:26:58 | Microsoft(R) Windows(R) Operating System | 5, 3, 2600, 2180 | Microsoft DirectMusic Interactive Engine | 版权所有 (C) 2007 | 5, 3, 2600, 2180 | Microsoft Corporation | | Microsoft DirectMusic Interactive Engine | miniDll.DLL
C:/WINDOWS/Downlo~1/fap.dll | 2007-10-22 11:19:40 | Microsoft(R) Windows(R) Operating System | 5, 3, 2600, 2180 | Microsoft DirectMusic Interactive Engine | 版权所有 (C) 2007 | 5, 3, 2600, 2180 | Microsoft Corporation | | Microsoft DirectMusic Interactive Engine | miniDll.DLL
C:/WINDOWS/Downlo~1/khy.dll | 2007-10-22 11:19:40 | Microsoft(R) Windows(R) Operating System | 5, 3, 2600, 2180 | Microsoft DirectMusic Interactive Engine | 版权所有 (C) 2007 | 5, 3, 2600, 2180 | Microsoft Corporation | | Microsoft DirectMusic Interactive Engine | miniDll.DLL
C:/WINDOWS/system32/2b41.dll | 2007-10-22 11:21:46 | IEHpr Module | 1, 0, 0, 2 | IEHpr Module | Copyright 2007 | 1, 0, 0, 2 | | | IEHpr | IEHpr.DLL
C:/WINDOWS/system32/rundll32.exe * 1096 | 2004-8-8 4:0:0 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Run a DLL as an App | (C) Microsoft Corporation. All rights reserved. | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | rundll | RUNDLL.EXE
C:/WINDOWS/system32/wincheck071013.dll | 1987-10-13 9:31:38
C:/scktsrvr.exe * 1440 | 2006-2-11 9:40:34 | Borland Socket Server | 7.0 | Borland Socket Server | Copyright ? 1997-2001 Borland Software Corporation | 7.0.4.453 | Borland Software Corporation | | SCKTSRVR | SCKTSRVR.EXE
C:/DOCUME~1/new/LOCALS~1/Temp/rundll.exe * 3280 | 2007-9-1 10:46:2
C:/Documents and Settings/All Users/Application Data/Microsoft/Office/SYSTEM/loader.dll | 2007-10-22 9:35:58 | loader | 3.0.4 | system event loader | Microsoft. All rights reserved. | 3.0.4 | Microsoft| ? | loader.dll | loader.dll
C:/Program Files/OCINS/idnsvr.exe * 4072 | 2007-10-22 9:37:22 | | 2, 6, 0, 0 | 国际化域名支持模块 | Copyright CNNIC 2006 - 2007 | 2, 6, 0, 0 | 中国互联网信息中心(CNNIC) | | idnsvr | idnsvr.exe
C:/Program Files/OCINS/idnsvr.exe | 2007-10-22 9:37:22 | | 2, 6, 0, 0 | 国际化域名支持模块 | Copyright CNNIC 2006 - 2007 | 2, 6, 0, 0 | 中国互联网信息中心(CNNIC) | | idnsvr | idnsvr.exe
C:/WINDOWS/system32/rundll32.exe * 2300 | 2004-8-8 4:0:0 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Run a DLL as an App | (C) Microsoft Corporation. All rights reserved. | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | rundll | RUNDLL.EXE
C:/WINDOWS/system32/winsys16_071017.dll | 1987-10-22 9:39:30
C:/program files/internet explorer/iexplore.exe * 3852 | 2004-8-8 12:0:0 | Microsoft(R) Windows(R) Operating System | 6.00.2900.2180 | Internet Explorer | (C) Microsoft Corporation. All rights reserved. | 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | iexplore | IEXPLORE.EXE
C:/WINDOWS/system32/winsys32_071017.dll | 1987-10-22 9:41:22
C:/ah.exe * 14452 | 2007-10-6 19:54:54
C:/WINDOWS/system32/b4591.exe * 15012 | 2007-10-22 10:11:28 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Windows Progman Group Converter | Copyright Zhongsou(C) 2005 | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | GrpConv| ?
C:/WINDOWS/system32/rundll32.exe * 15192 | 2004-8-8 4:0:0 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Run a DLL as an App | (C) Microsoft Corporation. All rights reserved. | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | rundll | RUNDLL.EXE
C:/WINDOWS/system32/921.dll | 2007-10-22 11:21:46 | Player 动态链接库 | 1, 0, 0, 3 | Player 动态链接库 | 版权所有 (C) 2006 | 1, 0, 0, 3 | | ? | Player | Player.dll
O2 - BHO CAdLogic Object - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:/Program Files/Common Files/CPUSH/cpush0.dll
O2 - BHO Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:/Documents and Settings/All Users/Application Data/Microsoft/PCTools/pctools.dll
O2 - BHO Invoke Class - {42A3A616-FF3C-4713-A5C2-4F1B566CEF51} - C:/WINDOWS/system32/2b41.dll
O2 - BHO IEAux Class - {7605CC7C-00FD-4A5F-BAFD-828342DE6279} - C:/PROGRA~1/OCINS/ieaux.dll
O2 - BHO ff Class - {B9751A53-4494-4d7c-9732-AE3058D8145F} - C:/WINDOWS/system32/2b41.dll
O2 - BHO Windows Browser - {C86488AF-13D5-4FEF-9DDF-9FB88698CFC1} - C:/Documents and Settings/All Users/Application Data/Microsoft/OFFICE/USERDATA/a5eUwXqfYU.dll
O4 - HKCU/../Policies/Explorer/Run: [mscheck] rundll32.exe C:/WINDOWS/system32/wincheck071013.dll mymain
O4 - HKLM/../Run: [igfxpers] C:/WINDOWS/system32/igfxpers.exe
O4 - HKLM/../Run: [IdnSvr] C:/Program Files/OCINS/idnsvr.exe
O4 - HKLM/../Policies/Explorer/Run: [Userinit] rundll32.exe C:/WINDOWS/system32/winsys16_071017.dll start
O4 - HKLM/../Policies/Explorer/Run: [melove] C:/WINDOWS/system32/dream.exe
O4 - HKLM/../Policies/Explorer/Run: [dream] C:/WINDOWS/system32/dream.exe
O4 - HKLM/../Policies/Explorer/Run: [khy] rundll32 "C:/WINDOWS/Downlo~1/khy.dll",Run
O4 - Global Startup: scktsrvr.lnk -> c:/scktsrvr.exe
CmdProcAuto = d:/myplay.exe
C:/autorun.inf
/-----
[autorun]
OPEN=ah.exe
shellexecute=ah.exe
shell/Auto/command=ah.exe
shell=open
-----/
D:/autorun.inf
/-----
[autorun]
OPEN=ah.exe
shellexecute=ah.exe
shell/Auto/command=ah.exe
shell=open
-----/
E:/autorun.inf
/-----
[autorun]
OPEN=ah.exe
shellexecute=ah.exe
shell/Auto/command=ah.exe
shell=open
-----/
F:/autorun.inf
/-----
[autorun]
OPEN=ah.exe
shellexecute=ah.exe
shell/Auto/command=ah.exe
shell=open
-----/
O8 - IE右键菜单附加项 : &访问通用网址 - C:/Program Files/OCINS/cnrbtn.html
O8 - IE右键菜单附加项 : 易趣购物 - C:/Program Files/AD4All/link1/eachlink.htm
O23 - 服务: 1ot8pminre (1ot8pminre) - C:/WINDOWS/system32/drivers/1ot8pminre.sys | 2004-8-8 4:0:0(自动)
O23 - 服务: acpidisk (acpidisk) - C:/WINDOWS/system32/drivers/acpidisk.sys | 2007-9-25 14:31:2(自动)
O23 - 服务: cnprov (cnprov) - system32/drivers/cnprov.sys | 中文上网官方版 | 2, 6, 0, 0 | 国际化域名辅助模块 | Copyright (c) . All rights reserved. | 2.6.0.0 | 中国互联网络信息中心(CNNIC)| ? | cnprov.sys | cnprov.sys(引导)
O23 - 服务: idnaux (idnaux) - system32/drivers/idnaux.sys | CNNIC idnaux | 2, 6, 0, 0 | 国际化域名支持模块 | Copyright ? 2005 | 2, 6, 0, 0 | 中国互联网络信息中心(CNNIC) | | idnaux | idnaux.sys(自动)
O23 - 服务: lcyi7wceil (lcyi7wceil) - System32/DRIVERS/lcyi7wceil.sys(引导)
O23 - 服务: ms_2fax (ms_2fax) - C:/WINDOWS/system32/b4591.exe | 2007-10-22 10:11:28 | Microsoft(R) Windows(R) Operating System | 5.1.2600.2180 | Windows Progman Group Converter | Copyright Zhongsou(C) 2005 | 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation| ? | GrpConv| ?(自动)
O23 - 服务: mxdispdr (mxdispdr) - C:/WINDOWS/system32/drivers/mxdispdr.sys | 2007-9-30 20:18:14(自动)
O23 - 服务: sysloader (System Event loader) - "C:/Documents and Settings/All Users/Application Data/Microsoft/Office/SYSTEM/sysloader.exe" | 2007-10-17 10:18:48 | sysloader | 3.0.4 | system event loader | Microsoft. All rights reserved. | 3.0.4 | Microsoft| ? | sysloader.exe | sysloader.exe(自动)
O23 - 服务: Yiqilai (一起来音乐助手) - "C:/Program Files/Yiqilai/wmp/YiqilaiLyrics.exe" | 2007-10-18 10:15:40 | YiqilaiLyrics | 1.0.1 | YiqilaiLyrics | Yiqilai. All rights reserved. | 1.0.1 | Yiqilai| ? | YiqilaiLyrics.exe | YiqilaiLyrics.exe(自动)
文件说明符 : c:/a.exe
属性 : A---
获取文件版本信息大小失败!
创建时间 : 2007-10-22 16:56:33
修改时间 : 2007-10-22 16:57:6
访问时间 : 2007-10-22 0:0:0
大小 : 102356 字节 99.980 KB
MD5 : 7ed8ee6a124e1b69581b0e38435c123c
SHA1: A873CBFFC796E8D211684DE509BB951BBEAD3C64
CRC32: dbf1a17a
瑞星报为:Trojan.Clicker.Win32.PopHot.cg
Kaspersky已检测到: 木马程序 Trojan-Spy.Win32.Agent.afl 文件: D:/test/a.exe.rar/a.exe/PE_Patch/UPack
d:/myplay.exe 与 c:/a.exe 相同
文件说明符 : c:/ah.exe
属性 : -SH-
获取文件版本信息大小失败!
创建时间 : 2007-10-18 16:10:4
修改时间 : 2007-10-6 19:54:54
访问时间 : 2007-10-22 0:0:0
大小 : 18432 字节 18.0 KB
MD5 : b329e5d20a1636f2a7eb7051a8ed55a1
SHA1: 4AAE08CB65BFBCC0F5F086AEDB3042ED16332F2F
CRC32: 8300cea6
瑞星报为:Trojan.DL.Win32.Autorun.yuz
Kaspersky 报为:Virus.Win32.AutoRun.og
文件说明符 : C:/WINDOWS/system32/dream.exe 与 c:/ah.exe 相同。
文件说明符 : c:/scktsrvr.exe
属性 : ----
语言 : 英语(美国)
文件版本 : 7.0.4.453
说明 : Borland Socket Server
版权 : Copyright ? 1997-2001 Borland Software Corporation
备注 :
产品版本 : 7.0
产品名称 : Borland Socket Server
公司名称 : Borland Software Corporation
合法商标 :
内部名称 : SCKTSRVR
源文件名 : SCKTSRVR.EXE
创建时间 : 2007-10-11 17:9:32
修改时间 : 2006-2-11 9:40:34
访问时间 : 2007-10-22 0:0:0
大小 : 725504 字节 708.512 KB
MD5 : c3ef0622b13655bc68cef169e52afb6a
SHA1: 9457F32E964F4040580D8B82B1AC512E96640673
CRC32: 30ec29d7
文件说明符 : C:/Documents and Settings/All Users/Application Data/Microsoft/OFFICE/USERDATA/a5eUwXqfYU.dll
属性 : A---
语言 : 英语(美国)
文件版本 : 3, 0, 6, 0
说明 : MSN Browser
版权 : Copyright 2006
备注 :
产品版本 : 3, 0, 6, 0
产品名称 : MSN Browser
公司名称 : Microsoft Corporation
合法商标 :
内部名称 : webbrowser
源文件名 : webbrowser.DLL
创建时间 : 2007-10-22 9:41:59
修改时间 : 2007-10-22 9:42:0
访问时间 : 2007-10-22 0:0:0
大小 : 170496 字节 166.512 KB
MD5 : df8ff7499023477733bb020473625618
SHA1: F9117D64F0F47450FD49539EAC0CC826D1CC76F9
CRC32: 0e45cf62
主 题: | RE:[??ProbableSpam]a5eUwXqfYU.dll[KLAB-3146835] | |
发件人: | "" <newvirus@kaspersky.com> <script language="JavaScript" type="text/javascript"> <!-- var aAddAdress = document.getElementById("aAddAdress"); aAddAdress.href = document.guideform.guidelinks.options[5].value; var aDeleteAdress = document.getElementById("aDeleteAdress"); aDeleteAdress.href = document.guideform.guidelinks.options[4].value; document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[5]); document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[4]); //--> </script> | 发送时间:2007-10-23 12:35:37 |
Hello,
a5eUwXqfYU.dll - not-a-virus:AdWare.Win32.IEHlpr.ai
This file is an Advertizing Tool, It's detection will be included in the next
update of extended databases set. See more info about
extended databases here: http://www.kaspersky.com/extraavupdates
Please quote all when answering.
--
Best regards, Denis Maslennikov
Virus analyst, Kaspersky Lab.
文件说明符 : C:/WINDOWS/system32/2b41.dll
属性 : A--R
语言 : 英语(美国)
文件版本 : 1, 0, 0, 2
说明 : IEHpr Module
版权 : Copyright 2007
备注 :
产品版本 : 1, 0, 0, 2
产品名称 : IEHpr Module
公司名称 :
合法商标 :
内部名称 : IEHpr
源文件名 : IEHpr.DLL
创建时间 : 2001-2-3 11:22:36
修改时间 : 2007-10-22 11:21:46
访问时间 : 2007-10-22 0:0:0
大小 : 53248 字节 52.0 KB
MD5 : 7dd94ef20e40e0de728112675904811a
SHA1: B41E790374214A54C147CBA26736F0BA8E265022
CRC32: 2445c774
主 题: | RE:[??ProbableSpam]2b41.dll[KLAB-3146836] | |
发件人: | "" <newvirus@kaspersky.com> <script language="JavaScript" type="text/javascript"> <!-- var aAddAdress = document.getElementById("aAddAdress"); aAddAdress.href = document.guideform.guidelinks.options[5].value; var aDeleteAdress = document.getElementById("aDeleteAdress"); aDeleteAdress.href = document.guideform.guidelinks.options[4].value; document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[5]); document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[4]); //--> </script> | 发送时间:2007-10-23 12:44:09 |
Hello,
2b41.dll - not-a-virus:AdWare.Win32.BHO.ih
This file is an Advertizing Tool, It's detection will be included in the next
update of extended databases set. See more info about
extended databases here: http://www.kaspersky.com/extraavupdates
Please quote all when answering.
--
Best regards, Denis Maslennikov
Virus analyst, Kaspersky Lab.
文件说明符 : C:/Documents and Settings/All Users/Application Data/Microsoft/Office/SYSTEM/sysloader.exe
属性 : A---
语言 : 英语(美国)
文件版本 : 3.0.4
说明 : system event loader
版权 : Microsoft. All rights reserved.
备注 :
产品版本 : 3.0.4
产品名称 : sysloader
公司名称 : Microsoft
合法商标 :
内部名称 : sysloader.exe
源文件名 : sysloader.exe
创建时间 : 2007-10-17 10:18:48
修改时间 : 2007-10-17 10:18:48
访问时间 : 2007-10-22 0:0:0
大小 : 357376 字节 349.0 KB
MD5 : c18ceab29fac37d570190a12436d9c8b
SHA1: CB4744B9841B5F9C21CBA1039A46FCE1EAF6E3CD
CRC32: 348f2431
瑞星报为:Trojan.Win32.Inject.gh
主 题: | RE:sysloader.exe[KLAB-3146870] | |
发件人: | "" <newvirus@kaspersky.com> <script language="JavaScript" type="text/javascript"> <!-- var aAddAdress = document.getElementById("aAddAdress"); aAddAdress.href = document.guideform.guidelinks.options[5].value; var aDeleteAdress = document.getElementById("aDeleteAdress"); aDeleteAdress.href = document.guideform.guidelinks.options[4].value; document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[5]); document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[4]); //--> </script> | 发送时间:2007-10-23 12:48:10 |
Hello.
New malicious software was found in the attached file. Trojan-Downloader.Win32.Agent.eky
It's detection will be included in the next update. Thank you for your help.
Please quote all when answering. Do not forget to include you registration data.
-----------------
Regards, Maslennikov Denis
Virus Analyst, Kaspersky Lab.
文件说明符 : C:/WINDOWS/Downlo~1/khy.dll
属性 : A--R
语言 : 中文(中国)
文件版本 : 5, 3, 2600, 2180
说明 : Microsoft DirectMusic Interactive Engine
版权 : 版权所有 (C) 2007
备注 : DirectMusic
产品版本 : 5, 3, 2600, 2180
产品名称 : Microsoft(R) Windows(R) Operating System
公司名称 : Microsoft Corporation
合法商标 :
内部名称 : Microsoft DirectMusic Interactive Engine
源文件名 : miniDll.DLL
创建时间 : 1987-10-22 14:46:33
修改时间 : 2007-10-22 11:19:40
访问时间 : 2007-10-22 0:0:0
大小 : 49152 字节 48.0 KB
MD5 : 3d6d8766c8436ea20457123a7363095d
SHA1: C93850C662823C02F596F80E129995EC93CF5CF1
CRC32: f5a4e191
主 题: | RE:khy.dll[KLAB-3146872] | |
发件人: | "" <newvirus@kaspersky.com> | 发送时间:2007-10-23 12:49:41 |
Hello,
khy.dll - Trojan-Downloader.Win32.Agent.ekz
New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.
Please quote all when answering.
--
Best regards, Denis Maslennikov
Virus analyst, Kaspersky Lab.
文件说明符 : C:/WINDOWS/system32/winsys16_071017.dll
属性 : -SHR
获取文件版本信息大小失败!
创建时间 : 1987-10-18 9:34:39
修改时间 : 1987-10-22 9:39:30
访问时间 : 2007-10-22 0:0:0
大小 : 24576 字节 24.0 KB
MD5 : bd5ad170a8b0fec28e972b314c8668e0
SHA1: 408CB216C2A27187C841A0F9ACAF319BBBEC2D0D
CRC32: a9647ec5
瑞星报为:Trojan.Win32.Agent.zsq
Kaspersky已检测到: 木马程序 Trojan-Spy.Win32.Agent.aga 文件: D:/test/winsys16_071017.dll.rar/winsys16_071017.dll
文件说明符 : C:/WINDOWS/system32/wincheck071013.dll
属性 : -SHR
获取文件版本信息大小失败!
创建时间 : 1987-10-13 9:31:37
修改时间 : 1987-10-13 9:31:38
访问时间 : 2007-10-22 0:0:0
大小 : 27648 字节 27.0 KB
MD5 : eb5929a3a390a519729d1e4dea37d34f
SHA1: 31A75B68CC4A03A7BE1A0265AB0DF271AF3F1887
CRC32: 697c1572
瑞星报为:Trojan.DL.Win32.MyDown.h
主 题: | RE:wincheck071013.dll[KLAB-3146878] | |
发件人: | "" <newvirus@kaspersky.com> <script language="JavaScript" type="text/javascript"> <!-- var aAddAdress = document.getElementById("aAddAdress"); aAddAdress.href = document.guideform.guidelinks.options[5].value; var aDeleteAdress = document.getElementById("aDeleteAdress"); aDeleteAdress.href = document.guideform.guidelinks.options[4].value; document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[5]); document.guideform.guidelinks.removeChild(document.guideform.guidelinks.options[4]); //--> </script> | 发送时间:2007.10.23 13:12 |
Hello.
New malicious software was found in the attached file. Trojan.Win32.Delf.ajt
It's detection will be included in the next update. Thank you for your help.
Please quote all when answering. Do not forget to include you registration data.
-----------------
Regards, Maslennikov Denis
Virus Analyst, Kaspersky Lab.
相关推荐
Trojan专杀工具,用着真不错;我在网上找了好长时间才长到的,愿意与大家一块来分享.另外,本人是教育行业的,分享一个好的英语资料下载站:http://www.51tjw.com
【病毒名称】:Trojan-Downloader.Win32.Generic.a 【病毒类型】:下载者 【危害程度】:中 【传播方式】:网络 【受影响系统】:windows 98以上 病毒行为: 该病毒为下载者木马类,病毒运行后调用API获取系统文件夹...
2020年trojan最新windows64客户端
俄罗斯安全软件Dr.Web,Trojan. Plastix木马感染文件解除工具plstfix
针对Trojan-Dropper.Win32.Dropkit.a病毒,清除所需要的工具包,包括金山反间谍2007、PowerRmv、sreng2.5
RECYCLER.exe变种,GHOST.PIF变种,KPE.exe(EKS.exe) Trojan.DL.VB.nua,services.exe变种,sysauto.exe变种,myserver变种,pegefile.pif(Trojan.PSW.Win32.Agent.mk), autorun.exe (Worm.Win32.Agent.h)等
3、Trojan-Ransom.Win32.Agent.iih 4、Trojan-Ransom.Win32.Autoit 5、Trojan-Ransom.AndroidOS.Pletor (安卓下的勒索软件) 6、Trojan-Ransom.Win32.Rotor 7、Trojan-Ransom.Win32.Lamer 8、Trojan-Ransom.Win32....
安铁诺Trojan.VBS.StartPage.dy专杀 V2010.exe。针对1KB病毒
敲诈者木马程序以敲诈勒索钱财为目的,使得感染该木马的计算机用户系统中的指定数据文件被恶意隐藏,造成用户数据丢失。截至目前为止,在国内已经出现了因感染该木马程序而导致计算机系统数据文件丢失的情况。...
俄罗斯安全软件大蜘蛛Dr.Web,木马解锁工具.
trojan
增加5个变种的查杀,分别是Trojan.Win32.Undef.iqd,Trojan.Win32.Undef.pun,Trojan.Win32.Undef.kcq等 文件信息: Size: 148992 bytes File Version: 2.03 Modified: 2008年9月3日, 15:21:22 MD5: 0B85E5AFC3E...
RannohDecryptor是卡巴斯基推出的一个Rannoh勒索病毒解密工具,可以解密Rannoh在内的7款勒索软件加密的文件,包括Polyglot、Rannoh、AutoIt、Fury...7、Trojan-Ransom.Win32.CryptXXX (目前能解版本1、版本2,版本3)
js.scob.trojan
Gridinsoft Trojan Killer木马克星是专门来禁用/删除没有用户不必手动编辑系统文件或注册表的恶意软件。该方案还删除一些恶意软件进行了一些标准的防病毒扫描器忽略额外的系统修改。 Trojan Killer扫描所有的...
我的电脑让学生插了一下U盘,结果电脑出现中毒现象(变慢、经常蓝屏、出错、自动重启),一查是染上了 假冒腾迅TXPLATFORM.EXE 的U盘病毒,属于 Trojan.Generic.Is.536802,此文介绍查杀方法
Trojan is a stable and efficient mobile lightweight log SDK that not only records general logs, such as Http, power changes, component life cycles, but also records the definition of the log, which it...
它是:“木马列表下载器变种B(Trojan.DL.Win32.List.b)”病毒。该病毒会在用户的计算机上悄悄运行,并从黑客指定的网站下载“灰鸽子”、“网络游戏木马”、“密西”等多个病毒、木马及其变种。用户计算机一旦感染了...
trojan-qt5 for linux