微点交流论坛

标题: 后门程序，杀删不了，怎么办？？ [打印本页]

作者: zhxzh88 时间: 2007-5-30 10:05 标题: 后门程序，杀删不了，怎么办？？

微点日志：
时间处理结果木马名称木马进程名木马文件创建者
2007-05-30 09:44:31 处理成功未知木马 D:\RUNAUTO..\AUTORUN.PIF C:\RUNAUTO..\AUTORUN.PIF
2007-05-30 09:44:31 处理成功未知木马 C:\RUNAUTO..\AUTORUN.PIF
2007-05-30 09:44:14 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\6305.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-30 09:40:19 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\8884.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-29 16:00:10 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE C:\RUNAUTO..\AUTORUN.PIF
2007-05-29 16:00:05 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\6727.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-29 15:41:40 处理成功未知木马 D:\RUNAUTO..\AUTORUN.PIF C:\RUNAUTO..\AUTORUN.PIF
2007-05-29 15:41:40 处理成功未知木马 C:\RUNAUTO..\AUTORUN.PIF
2007-05-29 15:41:30 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\7452.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-29 15:40:46 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE C:\RUNAUTO..\AUTORUN.PIF
2007-05-29 15:40:45 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\1708.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-29 15:23:41 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE C:\RUNAUTO..\AUTORUN.PIF
2007-05-29 15:23:41 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\3178.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-27 16:38:48 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\0764.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-27 16:37:11 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE D:\RUNAUTO..\AUTORUN.PIF
2007-05-27 16:37:07 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\3706.TXT D:\RUNAUTO..\AUTORUN.PIF
2007-05-27 13:40:53 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE C:\RUNAUTO..\AUTORUN.PIF
2007-05-27 13:40:44 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\7752.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-27 13:23:35 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE
2007-05-27 13:23:08 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE C:\RUNAUTO..\AUTORUN.PIF
2007-05-27 13:23:07 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\7643.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-27 12:44:46 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE
2007-05-27 12:11:03 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE
2007-05-27 12:10:56 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE C:\RUNAUTO..\AUTORUN.PIF
2007-05-27 12:10:09 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\5511.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-26 22:06:40 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE
2007-05-26 22:05:49 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE D:\RUNAUTO..\AUTORUN.PIF
2007-05-26 22:05:47 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\3187.TXT D:\RUNAUTO..\AUTORUN.PIF
2007-05-19 23:05:04 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE
2007-05-19 23:05:00 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE C:\RUNAUTO..\AUTORUN.PIF
2007-05-19 23:04:59 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\3173.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-18 23:22:43 处理成功 Backdoor.Win32.Huigezi.rme H:\AUTORUN.PIF
2007-05-18 21:58:56 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\3063.TXT D:\RUNAUTO..\AUTORUN.PIF
2007-05-18 21:48:59 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE D:\RUNAUTO..\AUTORUN.PIF
2007-05-18 21:48:58 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\6675.TXT D:\RUNAUTO..\AUTORUN.PIF
2007-05-13 20:35:15 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX03.031\WINDOWS MEDIA PLAYER 10 简体中文版.EXE
2007-05-13 20:35:12 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX03.031\WINDOWS MEDIA PLAYER 10 简体中文版.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-05-13 20:35:04 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX00.937\WINDOWS MEDIA PLAYER 10 简体中文版.EXE
2007-05-13 20:35:01 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX00.937\WINDOWS MEDIA PLAYER 10 简体中文版.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-05-12 13:56:05 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE
2007-05-12 13:56:01 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE C:\RUNAUTO..\AUTORUN.PIF
2007-05-12 13:56:00 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\7367.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-11 23:42:22 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE D:\RUNAUTO..\AUTORUN.PIF
2007-05-11 23:42:17 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\1704.TXT D:\RUNAUTO..\AUTORUN.PIF
2007-05-11 23:01:17 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\6630.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-11 23:00:49 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\8122.TXT D:\RUNAUTO..\AUTORUN.PIF
2007-05-11 23:00:04 处理成功未知木马 C:\RUNAUTO..\AUTORUN.PIF
2007-05-11 23:00:02 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\DLLHOST.EXE C:\RUNAUTO..\AUTORUN.PIF
2007-05-11 23:00:02 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\7424.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-11 22:59:56 处理成功 Backdoor.Win32.Huigezi.nry C:\WINDOWS\8813.TXT C:\RUNAUTO..\AUTORUN.PIF
2007-05-11 19:56:26 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\WMP10_.EXE C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RARSFX2\MP10SETUP.EXE
2007-05-11 19:56:26 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\TEMPORARY INTERNET FILES\CONTENT.IE5\0LM3SDM7\WMPEXE[1].EXE C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RARSFX2\MP10SETUP.EXE
2007-05-11 19:56:24 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\IXP000.TMP\WPD_CI.DLL C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\WMP10.EXE
2007-05-11 19:56:23 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\IXP000.TMP\WPDUSB.SYS C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\WMP10.EXE
2007-05-11 19:56:22 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\IXP000.TMP\WPDTRACE.DLL C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\WMP10.EXE

作者: Legend 时间: 2007-5-30 10:14
请楼主将微点目录下的mp6目录压缩、从微点主界面的【系统自启动信息】右键导出发到support@micropoint.com.cn，我们帮您分析一下。

欢迎光临微点交流论坛 (http://bbs.micropoint.com.cn/)

bbs.micropoint.com.cn