江水非水 - 2008-12-7 9:29:00
2008-12-07 09:16:45, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-06 14:37:14, IEXPLORE.EXE>>C:\program files\internet explorer\IEXPLORE.EXE ->Backdoor.Win32.ShangXing.ni
2008-12-06 14:37:12, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-05 11:53:16, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-05 11:53:15, IEXPLORE.EXE>>C:\program files\internet explorer\IEXPLORE.EXE ->Backdoor.Win32.ShangXing.ni
2008-12-05 11:53:13, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-05 11:47:20, re47.exe>>C:\Program Files\Common Files\Microsoft Shared\MSINFO\re47.exe ->Backdoor.Win32.ShangXing.ni
2008-12-05 11:47:20, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-05 10:42:12, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-05 10:42:11, IEXPLORE.EXE>>C:\program files\internet explorer\IEXPLORE.EXE ->Backdoor.Win32.ShangXing.ni
2008-12-05 10:42:09, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-05 10:27:35, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-05 09:33:23, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-04 11:26:50, IEXPLORE.EXE>>C:\program files\internet explorer\IEXPLORE.EXE ->Backdoor.Win32.ShangXing.ni
2008-12-04 11:26:49, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-04 11:19:25, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-04 10:56:02, IEXPLORE.EXE>>C:\program files\internet explorer\IEXPLORE.EXE ->Backdoor.Win32.ShangXing.ni
2008-12-04 10:56:01, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-04 10:45:15, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-04 10:45:14, IEXPLORE.EXE>>C:\program files\internet explorer\IEXPLORE.EXE ->Backdoor.Win32.ShangXing.ni
2008-12-04 10:45:11, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-04 10:40:34, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-04 07:46:00, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.ni
2008-12-03 14:51:29, IEXPLORE.EXE>>C:\program files\internet explorer\IEXPLORE.EXE ->Backdoor.Win32.ShangXing.kx
2008-12-03 14:51:28, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.kx
2008-12-03 14:48:17, calc.exe>>C:\WINDOWS\system32\calc.exe ->Backdoor.Win32.ShangXing.kx
上面是这几天我的瑞星形成的查杀木马的日志。
每次开机,用瑞星查都表明杀掉了上述的至少一个,有时出现两个,有时出现一个。重启后,还是会再出现。如何能清理干净呢,有高手指点一下。
用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
backway - 2008-12-7 9:49:00
下载最新版本的SRENG工具:
http://www.kztechs.com/sreng/download.html操作方法可以看这贴2楼:
http://bbs.ikaka.com/showtopic-8442813.aspx1 下载的是压缩包,必须解压缩后再运行。
2 运行SREng***.EXE
3 选择主界面左边的:智能扫描=》扫描=》保存报告
4 把报告保存后,
将日志以附件形式上传。
天月来了 - 2008-12-7 9:53:00
C:\WINDOWS\system32\calc.exe这个文件可能需要找相同系统里的那个文件去将它替换掉才行
backway - 2008-12-7 9:58:00
其实直接删除了也没事哦:default6: ,计算器用的不多~
© 2000 - 2026 Rising Corp. Ltd.