微点交流论坛

标题: 金山wps升级包被报木马 [打印本页]

作者: knight0092 时间: 2009-6-6 01:04 标题: 金山wps升级包被报木马

金山wps升级包被报木马

时间处理结果病毒名称病毒进程名病毒文件创建者
2009-06-06 01:00:39 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\UTILITY\WPSUNWIZ.EXE C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:39 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\UTILITY\UNINST.EXE C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:38 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\UTILITY\REPAIRINST.EXE C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:38 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\ADDINS\PLGPF\{DAC5DB99-8AE8-4835-A5F9-8EE3AC6AE1EC}\KSOMINI.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:38 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\ADDINS\PLGPF\{DAC5DB99-8AE8-4835-A5F9-8EE3AC6AE1EC}\OPENPLUGIN.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:38 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\ADDINS\PLGPF\{C5CDBC30-EC7B-4478-B63A-DE350BF39317}\ETTABLESTYLE.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:38 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\ADDINS\PLGPF\{70D748C8-974D-44C0-8115-9072C478A609}\WPSTABLESTYLE.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:37 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\ADDINS\PLGPF\{6B7C6BD1-FF5E-4598-9ACC-D01E5DAC46FF}\KSOCARDS.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:37 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\ADDINS\PLGPF\{66F0C5C2-C818-40D8-834B-3D7233BB5F5D}\RECENTFILEEX.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:37 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\ADDINS\PLGPF\{3474C252-1D9B-4403-B8F0-8029C40B4673}\TPLSPLUGIN.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:37 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\WEBCT.EXE C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:37 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\UOFSWR.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:36 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\UOFSSRW.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:36 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\UOFOPENSDK.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:36 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\TIDY.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:36 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\RMTINFO.EXE C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:36 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\RMTFRM.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:35 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\OFFICE6\PLGPF.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:35 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\ROLLBACKDIR\OFFICE6\ALG.DLL C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\APPLYPATCH.EXE
2009-06-06 01:00:35 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\ROLLBACKDIR\OFFICE6\AEOPLAYER.EXE C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\APPLYPATCH.EXE
2009-06-06 01:00:35 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\ROLLBACKDIR\OFFICE6\AEOP.DLL C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\APPLYPATCH.EXE
2009-06-06 01:00:35 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\ROLLBACKDIR\OFFICE6\AEOC.DLL C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\APPLYPATCH.EXE
2009-06-06 01:00:34 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\ROLLBACKDIR\UTILITY\UNINST.EXE C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\APPLYPATCH.EXE
2009-06-06 01:00:34 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\ROLLBACKDIR\UTILITY\REPAIRINST.EXE C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\APPLYPATCH.EXE
2009-06-06 01:00:16 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\22C01E\PACKTEMP\APPLYPATCH.EXE C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:15 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NSJ15C.TMP\KILLPROCDLL.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:15 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NSJ15C.TMP\FINDPROCDLL.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:15 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NSJ15C.TMP\SYSTEM.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE
2009-06-06 01:00:15 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NSJ15C.TMP\V6SVC.DLL C:\PROGRAM FILES\KINGSOFT\WPS OFFICE PERSONAL\DOWNLOADS\DIFF_2052_6.3.0.1705TO6.4.0.1931_1_0.EXE

作者: Legend 时间: 2009-6-6 01:10
请楼主提供一下以下信息：
1. 金山wps升级包或者下载链接
2. 被报警的文件(可以将微点安装目录下的MP7和MP14复制压缩)
3. 微点的技术支持信息文件(辅助功能-->生成技术支持信息)
压缩后请发送到 support@micropoint.com.cn 邮箱，并简要说明情况，我们具体进行测试分析，谢谢您对微点的支持。
发送时请在邮件中注明本帖链接，并在发送后请将您的邮箱地址通过论坛短消息发给我，便于我们及时跟踪处理。

作者: knight0092 时间: 2009-6-6 01:22
正在发送中，网速比较慢。。。

作者: knight0092 时间: 2009-6-7 14:14
邮件之前因为网络问题没能上传成功，现在终于发送了！

作者: Legend 时间: 2009-6-11 15:16
楼主问题已解决，请楼主升级到最新测试。
此主题暂做关闭主题处理，如有其他的问题，请另开新帖讨论。

欢迎光临微点交流论坛 (http://bbs.micropoint.com.cn/)

bbs.micropoint.com.cn