Encounter worm. win32.viking. lm/worm. Viking. tc, Trojan. psw. win32.onlinegames, etc. 2

Encounter worm. win32.viking. lm/worm. Viking. tc, Trojan. psw. win32.onlinegames, etc. 2

EndurerOriginal
1Version

Seeing C:/Windows/richdll. dll and O4-HKLM/../run: [load] C:/Windows/uninstall/rundl132.exe reminds me of Viking ......

Stop and disable windowsdown (windows_systemdown)

Uninstall Baidu super souba

Download and install the rising star Kaka Security Assistant, select [advanced functions], and unmount items O2 and o24 in [plug-in management and uninstallation,

In [system startup Item Management], right-click the items corresponding to O4, o20, and o23 and choose delete from the pop-up menu.

In [IE and system repair], fix the section in Red: The HKLM/showall value is not 1.

Restart your computer to secure mode with network connection

Download bat_do and fileinfo to the http://purpleendurer.ys168.com.

Use fileinfo to extract file information, use bat_do to pack and back up suspicious files, use delayed deletion, generate and delete commands, and execute the command, and then execute the command at the next startup.

Download Dr. Web cureit! And start, close other programs, and then scan. Sure enough, cured has a large number of EXE files.

I found that there are many *. tmp files in C:/windows. It is estimated that the files are still not cleared. Download and install AntiVir, scan the files after upgrade, and scan and kill one piece ......

File Description: C:/auto.exe
Attribute: ---
Language: English (USA)
File version: 0. 0. 0. 0
Note:
Copyright:
Note:
Product Version: 0.0.0.0
Product Name:
Company Name:
Legal trademark:
Internal Name:
Source File Name:
Creation Time: 22:29:17
Modification time:
Access time:
Size: 150902 bytes, 147.374 KB
MD5: 95f6b14e09d222109627e52119650a80

Kaspersky reportsTrojan. bat. Jaser.The rising report isTrojan. win32.agent. isj

File Description: D:/auto.exe
Properties: A-H-
Language: English (USA)
File version:
Note:
Copyright: (c) Microsoft Corporation. All rights reserved.
Note:
Product Version:
Product Name: Microsoft (r) Windows (r) Operating System
Company Name: Microsoft Corporation
Legal trademark:
Internal Name:
Source File Name:
Creation Time: 22:29:16
Modification time:
Access time:
Size: 18238 bytes, 17.830 KB
MD5: d2fe534bef101b33b43ea9a076dbe03b

Kaspersky reportsBackdoor. win32.agent. ahjThe rising report isTrojan. immsg. win32.tbmsg. ID

File Description: F:/auto.exe
Attribute: ---
Language: Chinese (China)
File version: 1.0.0.0
Note:
Copyright:
Note:
Product Version: 1.0.0.0
Product Name:
Company Name:
Legal trademark:
Internal Name:
Source File Name:
Creation Time: 22:29:18
Modification time:
Access time:
Size: 113470 bytes, 110.830 KB
MD5: 25cfbb81b7f757e29b9a1d352134366a

Kaspersky reportsWorm. win32.viking. lmThe rising report isWorm. Viking. TC

File Description: C:/Windows/system32/70c59d59. exe
Attribute: ---
Language: English (USA)
File version:
Note:
Copyright: (c) Microsoft Corporation. All rights reserved.
Note:
Product Version:
Product Name: Microsoft (r) Windows (r) Operating System
Company Name: Microsoft Corporation
Legal trademark:
Internal Name:
Source File Name:
Creation Time: 22:31:42
Modification time:
Access time:
Size: 33946 bytes, 33.154 KB
MD5: 4a7d78094ad21d6e2a722f0c898a602a

Kaspersky reportsBackdoor. win32.agent. ahjThe rising report isTrojan. immsg. win32.tbmsg. g

File Description: C:/Windows/system32/27e00001a. EXE is the same as D:/auto.exe.

File Description: C:/Windows/system32/netsrvcs. dll
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time: 22:30:50
Modification time: 10:10:52
Access time:
Size: 19968 bytes, 19.512 KB
MD5: f36a89b1ec44c259158fe1e0f59351bf

File Description: C:/Windows/system32/servet.exe
Property:-sh-
An error occurred while obtaining the file version information!
Creation Time: 15:20:26
Modification time: 15:20:28
Access time:
Size: 16613 bytes, 16.229 KB
MD5: e42e9b5ccb602214271c1fb924a00ecc

Kaspersky reportsVirus. win32.autorun. auThe rising report isTrojan. DL. mnless. AKB

File Description: C:/program files/Internet Explorer/msvcrt. dll
Property: ash-
Language: Chinese (China)
File version: 1. 0. 0. 1
Note: Microsoft Corporation windows DLL
Copyright: Copyright (c) 2001.01
Note:
Product Version: 6.00.2900.3028
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
Legal trademark:
Internal name: Windows. dll
Source File Name: Windows. dll
Creation Time: 11:44:33
Modification time: 10:45:40
Access time:
Size: 14895 bytes, 14.559 KB
MD5: 92e84feb5d8e1896d9517cb350241d4d

Kaspersky reportsVirus. win32.autorun. BKThe rising report isTrojan. psw. win32.onlinegames. DPO

File Description: C:/Windows/system32/jzdpri. dll
Attribute :----
An error occurred while obtaining the file version information!
Creation Time: 22:29:27
Modification time: 22:29:28
Access time:
Size: 14897 bytes, 14.561 KB
MD5: 6d70e19c8b17f4580b0eb9a57258bd63

Kaspersky reportsTrojan-Spy.Win32.Delf.uvThe rising report isTrojan. psw. win32.zeroonline. d

File Description: C:/Windows/system32/jhapri. dll
Property:-sh-
An error occurred while obtaining the file version information!
Creation Time: 22:30:24
Modification time: 22:30:26
Access time:
Size: 15430 bytes, 15.70 KB
MD5: 06cfa2c2962b87b8a8293a142879e365

Kaspersky reportsTrojan-Downloader.Win32.Small.ewcThe rising report isTrojan. psw. win32.onlinegames. DJI

File Description: C:/Windows/system32/dhbpri. dll
Attribute :----
An error occurred while obtaining the file version information!
Creation Time: 22:31:58
Modification time:
Access time:
Size: 16428 bytes, 16.44 KB
MD5: 36e019ede78fd535c2a90829ecb9c67b

Kaspersky reportsTrojan-Spy.Win32.Delf.uvThe rising report isTrojan. psw. win32.xyonline. bx

File Description: C:/Windows/system32/my1_1.dll
Attribute :----
An error occurred while obtaining the file version information!
Creation Time: 22:29:45
Modification time: 22:29:46
Access time:
Size: 16941 bytes, 16.557 KB
MD5: 54756a31770cf613e871a60532fd5c78

Kaspersky reportsTrojan-Downloader.Win32.Small.exhThe rising report isTrojan. psw. win32.roconline. ar

File Description: C:/Windows/system32/tllpri. dll
Property:-sh-
An error occurred while obtaining the file version information!
Creation Time: 14:17:34
Modification time: 14:17:36
Access time:
Size: 15409 bytes, 15.49 KB
MD5: b8a0479ad261003c16f547b5f50717d4

Kaspersky reportsTrojan-PSW.Win32.OnLineGames.upThe rising report isTrojan. psw. win32.tlonline. o

File Description: C:/Windows/system32/mybpri. dll
Attribute :----
An error occurred while obtaining the file version information!
Creation Time: 21:24:37
Modification time: 21:24:38
Access time:
Size: 16941 bytes, 16.557 KB
MD5: 33a9f4cfcb804a88c9b8d2421a6e77e4

Kaspersky reportsTrojan-Downloader.Win32.Small.exhThe rising report isTrojan. psw. win32.roconline. AQ

File Description: C:/program files/Internet Explorer/msvcrt. dll
Property: ash-
Language: Chinese (China)
File version: 1. 0. 0. 1
Note: Microsoft Corporation windows DLL
Copyright: Copyright (c) 2001.01
Note:
Product Version: 6.00.2900.3028
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
Legal trademark:
Internal name: Windows. dll
Source File Name: Windows. dll
Creation Time: 11:44:33
Modification time: 10:45:40
Access time:
Size: 14895 bytes, 14.559 KB
MD5: 92e84feb5d8e1896d9517cb350241d4d

File Description: C:/Windows/upxdnd.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time: 22:31:48
Modification time:
Access time:
Size: 30720 bytes, 30.0 KB
MD5: 4645c40ad811c93e25110ddac97e6c70

Kaspersky reportsTrojan-PSW.Win32.OnLineGames.zbThe rising report isTrojan. psw. win32.onlinegames. Dho

File Description: C:/Windows/cmdbcs.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time: 22:31:40
Modification time: 10:31:22
Access time:
Size: 15872 bytes, 15.512 KB
MD5: ae4dfcb62414d37c22849b847537f854

Kaspersky reportsTrojan-PSW.Win32.OnLineGames.acxThe rising report isTrojan. psw. win32.onlinegames. DMG

File Description: C:/Windows/timhost.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time: 22:30:38
Modification time: 10:30:20
Access time:
Size: 32256 bytes, 31.512 KB
MD5: 58606d8eeda24ae296097286e228a8d1

Kaspersky reportsTrojan-PSW.Win32.OnLineGames.ynThe rising report isTrojan. psw. win32.roconline. t

File Description: C:/Windows/winform.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time: 22:30:32
Modification time: 10:29:14
Access time:
Size: 12800 bytes, 12.512 KB
MD5: 6bf025004eec41f38b70246ad324cb56

RisingTrojan. psw. win32.wsgame. p

File Description: C:/Windows/mppds.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time: 10:29:10
Access time:
Size: 28160 bytes, 27.512 KB
MD5: 661d9fbd9536741bbf13683e0daef672

RisingTrojan. psw. win32.rbland. t

File Description: C:/Windows/kvsc3.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time: 21:24:17
Modification time: 10:29:12
Access time:
Size: 14848 bytes, 14.512 KB
MD5: df33bf99fdfba5c584bb0d897f4fa45d

Kaspersky reportsTrojan-PSW.Win32.OnLineGames.acyThe rising report isTrojan. psw. win32.sunonline. u

File Description: C:/Windows/uninstall/rundl132.exe
Attribute: ---
Language: Chinese (China)
File version: 1.0.0.0
Note:
Copyright:
Note:
Product Version: 1.0.0.0
Product Name:
Company Name:
Legal trademark:
Internal Name:
Source File Name:
Creation Time: 22:29:16
Modification time: 10:10:20
Access time:
Size: 95232 bytes, 93.0 KB
MD5: 51395b92e92b1096ec22b9596d7f2b97

The icon is the same as WinRAR.

Kaspersky reportsWorm. win32.viking. lmThe rising report isWorm. Viking. TC

File Description: C:/Windows/system32/dsakfsak14.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time: 10:34:59
Modification time:
Access time:
Size: 8016 bytes, 7.848 KB
MD5: 6bcf9260f3fec1071a1012e99ffbfafa

Kaspersky reportsTrojan-PSW.Win32.OnLineGames.aczThe rising report isTrojan. psw. win32.onlinegames. DND