Trojan:Win32/Iyeclore.A木马

今天扫描机器，发现一个木马：

file:C:\Program Files\nuneos\mumnos\socesv.dll
file:C:\Program Files\nuneos\mumnos\sosvus.dll
file:C:\Program Files\nuneos\micesv.exe

 

微软的MSE扫描报告：

Category: Trojan

Description: This program is dangerous and executes commands from an attacker.

Recommendation: Remove this software immediately.

Microsoft Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the 'Allow' action and click "Apply actions". If this option is not available, log on as administrator or ask the local administrator for help.

Items:
file:C:\Program Files\nuneos\micesv.exe

Get more information about this item online.

 

扫描完成之后，手工删除文件。

运行 sc delete scpd 删除后台服务。