关于rudll.exe这个程序
来源:百度知道 编辑:UC知道 时间:2024/06/09 09:29:34
是个木马,Troj/Hupigon-CF,建议使用木马专杀工具来对付。
见:http://www.sophos.com/security/analyses/viruses-and-spyware/trojhupigoncf.html
Troj/Hupigon-CF is a backdoor Trojan for the Windows platform.
Troj/Hupigon-CF provides unauthorized remote access to the infected computer through the randomly chosen TCP port.
When first run Troj/Hupigon-CF copies itself to <Windows>\rudll.exe and creates the file &;t;Temp>\niytp2re.dll that is detected as Troj/Vanti-K.
The file rudll.exe is registered as a new system driver service named "rudll", with a display name of "rudll" and a startup type of automatic, so that it is started automatically during system startup. Registry entries are created under:
HKLM\SYSTEM\CurrentControlSet\Services\rudll\
木马,结束它