winlogon这个病毒如何查杀
用卡巴5.0升级为最新病毒库然后全盘查杀没有发现病毒,后用木马客星监视网络连接,发现 winlogon.exel连接网络 124.128.163.210
这个地址很奇怪,我开始直接输入124.128.163.210 进行访问,卡巴提示有病毒 就立即删除了,然后在访问,卡巴不在提示有毒,站点也提示无法访问。。。。。。。。。。。。。。
以下是 木马客星监视网络连接:
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
HTTP/1.1 200 OK
Server: Indy/8.0.22
Content-Type: text/html
Content-Length: 66767
gnway.net站长:632554460/count/count.asp?user_name=123"></script></div></td>
</tr>
</table>
</body>
</html>
<tr>
<td><div align="center"><script src='http://s38.cnzz.com/stat.php?id=71110&web_id=71110&online=1&sho?domain=5q.gnway.net站长:632554460&chkall=on&googlerank=1&google=1&baidu=1&msn=1&yahoo=1&yisou=1&links=1&sina=1&sohu=1&do163=1&qq=1&zhongsou=1&uptimebot=1&whois=1&alexa=1&ip=1&keys=1" target="_blank">站外信息</a> <script language="JavaScript" type="text/javascript" src="
http://ww.50bang.com/click.js> <a href=http://www.miibeian.gov.cn/ target=_blank>粤ICP备06045646号</a></div></td>
</tr>
<tr>
<td><div align="center"><script language="javascript" type="text/javascript" src="
http://js.users.51.la/246003.js"></script>
<noscript><a href="
http://www.51.la/?246003" target="_blank"><img alt="我&#
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
b/NULL/NULL/NULL/SignIn.gen;LoginName;passwd;hidden;DomainName;21cn.net">21cn.net</option>
<option
value="
http://freemail.263.net/cgi/login;user;pass">263.net</optio value="
http://mail.sina.com.cn/cgi-bin/login.cgi;u;psw">新浪sina.com</option>
<option
value="
http://vip.sina.com/cgi-bin/login.cgi;user;pass">vip.sina.com</option>
<option
value="
http://bjweb.163.net/cgi/163/login_pro.cgi;user;pass">163.net</option>
<option
value="
http://bjweb.163.net/cgi/163/login_pro.cgi;user;pass">Tom.com</option>
<option
value="
http://webmail.21cn.com/NULL/NULL/NULL/NULL/NULL/SignIn.gen;LoginName;passwd;post">21cn.com</option>
<option
value="
http://webmail.21cn.net/nature/g
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
center">
<script language="JavaScript" type="text/javascript">
uni;
</script>
<script language="JavaScript" src="
http://file.56.com/data/union/text3.js" type="text/javascript"></script>
</div></td>
</tr>
</table></td>
</tr>
</tbody>
</table>
<table class="mb5" cellspacing="1" cellpadding="0" width="760" align="center"
bgcolor="#75a3ed" bordect()" size="10" />
</span> <span class="f12">
<input name="submit2" type="submit" class="button" value="登录" />
</span></td>
</tr>
</tbody>
</form>
</table></td>
</tr>
</table></td>
</tr>
</table></td>
<td width="190"><div align="
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
</table>
</form></td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
</tbody>
</table></td>
</tr>
<tr>
<td><table width="172" border="0" align="left" cellpadding="0" cellspacing="1"
bgcolor="#9b72cf" class="mb4">
<tbody>
<tr>
<td height="20" align="middle" bgcolor="#9b72cf"><span class="style2"><strong>在线工具</strong></span></td>
</tr>
<tr>
<td height="122" align="middle" bgcolor="#f1f1fd" class="c00007f"> <input type="radio" name="s" />
互联网
<input type="radio"
checked="checked" name="s" />
5q.gnway.net站长:632554460 </div></td>
</tr>
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
n="top"> </td>
</tr>
<tr>
<td width="578" colspan="2"><table border="0" width="578" cellspacing="0" cellpadding="0">
<tr>
<td width="1" bgcolor="#d2e4fc"></td>
<td width="576"><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr height="20" width="576" align="center" bgcolor="#E6FAFF">
<td bgcolor="#FFFFFF">¦ <a href="0053/index.htm">音乐 mp3</a></td>
<td bgcolor="#FFFFFF">¦ <a href="0054/index.htm">聊天论坛</a></td>
<td bgcolor="#FFFFFF">¦ <a href="0077/index.htm">游戏网游</a></td>
<td bgcolor="#FFFFFF">¦ <a href="0058/index.htm">爱情交友</a></td>
<td bgcolor="#FFFFFF">¦ <a href="0118/index.htm">明星美女</a></td> bgcolor="#d2e4fc"></td>
</tr>
</table></td>
<td width="10" bgcolor="#d2e4fc" align="right" valig
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
?/a></td>
<td bgcolor="#FFFFFF">¦ <a href="0113/index.htm">交?/a></td>
<td bgcolor="#FFFFFF">¦ <a href="0123/index.htm">医学医药</a></td>
<td bgcolor="#FFFFFF">¦ <a href="0112/index.htm">男士女性</a></td>
<td bgcolor="#FFFFFF">¦ <a href="0189/index.htm">时尚美容</a></td>
<td bgcolor="#FFFFFF">¦ <a href="0188/index.htm">服装服饰</a></td>
<td bgcolor="#FFFFFF">¦ <a href="0162/index.htm">饮食营养</a></td>
<td bgcolor="#FFFFFF">¦ <a href="0160/index.htm">房产家居</a></td>
<td bgcolor="#FFFFFF">¦ <a href="0100/index.htm">生活服务</a> ¦</td>
</tr>
<tr height="20" width="576" align="center" bgcolor="#E6FAFF">
<td bgcolor="#FFFFFF">¦ <a href="0271/index.htm">旅游地?
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
Process Name: \??\C:\WINDOWS\system32\winlogon.exe
Remote Ip: 124.128.163.210
Remote Port: 80
In/Out: In
