【求助】lol.exe是病毒吗？

举目有亲 · Jul 1st, 2008, 16:13

每次开机都在运行程序里面，而且有时候挡住不让别的程序运行，电脑像假死状态。中断其运行后电脑如常。是病毒吗？如何杀掉？

多谢！

ChinaSmileJoe · Jul 1st, 2008, 16:44

Lol.exe is Trojan/Backdoor W32.HLLW.Reckus.
Kill the process lol.exe and remove lol.exe from Windows startup.

Description: File lol.exe is located in the folder C:\Windows. The file size on Windows XP is 77824 bytes.
There is no file information. The program is not visible. lol.exe is located in the Windows folder, but it is not a Windows core file. The file is not a Windows core file. The process listens for or sends data on open ports to LAN or Internet. lol.exe is able to record inputs, hide itself, monitor applications. Therefore the technical security rating is 86% dangerous.

If lol.exe is located in the folder C:\Windows\System32 then the security rating is 100% dangerous. File size is 88788 bytes. The process has no file description. The program is not visible. File lol.exe is located in the Windows folder, but it is not a Windows core file. The application starts upon Windows startup (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Runonce, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run). It is not a Windows system file. The program listens for or sends data on open ports to LAN or Internet. lol.exe is able to hide itself, monitor applications.

中文：

描述：
lol.exe是Backdoor.Win32.SdBot.aad木马相关程序，建议立即删除。

举目有亲 · Jul 1st, 2008, 16:50

引用:

作者: ChinaSmileJoe

Lol.exe is Trojan/Backdoor W32.HLLW.Reckus.
Kill the process lol.exe and remove lol.exe from Windows startup.

Description: File lol.exe is located in...

老大，是不是说这个病毒依附于startup里的程序？只要把startup里的程序删除，没有了依附，自然就没事了？

我用杀毒程序查不出来。

ChinaSmileJoe · Jul 1st, 2008, 17:24

我提供的资料是从google来的，具体我不清楚是否可以通过清除startup里面的程序来达到目的。你可以google一下看看有没有其它方案。

美好的今天 · Jul 1st, 2008, 18:48

引用:

作者: 举目有亲

每次开机都在运行程序里面，而且有时候挡住不让别的程序运行，电脑像假死状态。中断其运行后电脑如常。是病毒吗？如何杀掉？

多谢！

试一试system restore，恢复到比较干净的时间。

举目有亲 · Jul 1st, 2008, 19:24

引用:

作者: 美好的今天

试一试system restore，恢复到比较干净的时间。...

遇到问题不要躲着走，万一再中招再restore?

Jul 1st, 2008, 16:13	#1
举目有亲 Senior Member 注册日期: Jul 2004 帖子: 1,436	【求助】lol.exe是病毒吗？每次开机都在运行程序里面，而且有时候挡住不让别的程序运行，电脑像假死状态。中断其运行后电脑如常。是病毒吗？如何杀掉？多谢！
举目有亲 Senior Member 注册日期: Jul 2004 帖子: 1,436

Jul 1st, 2008, 16:44	只看该作者 #2
ChinaSmileJoe Senior Member 注册日期: Jul 2004 帖子: 79,350 积分:163 精华:102 声望: 25766633	Lol.exe is Trojan/Backdoor W32.HLLW.Reckus. Kill the process lol.exe and remove lol.exe from Windows startup. Description: File lol.exe is located in the folder C:\Windows. The file size on Windows XP is 77824 bytes. There is no file information. The program is not visible. lol.exe is located in the Windows folder, but it is not a Windows core file. The file is not a Windows core file. The process listens for or sends data on open ports to LAN or Internet. lol.exe is able to record inputs, hide itself, monitor applications. Therefore the technical security rating is 86% dangerous. If lol.exe is located in the folder C:\Windows\System32 then the security rating is 100% dangerous. File size is 88788 bytes. The process has no file description. The program is not visible. File lol.exe is located in the Windows folder, but it is not a Windows core file. The application starts upon Windows startup (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Runonce, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run). It is not a Windows system file. The program listens for or sends data on open ports to LAN or Internet. lol.exe is able to hide itself, monitor applications. 中文：描述： lol.exe是Backdoor.Win32.SdBot.aad木马相关程序，建议立即删除。

Jul 1st, 2008, 17:24	只看该作者 #4
ChinaSmileJoe Senior Member 注册日期: Jul 2004 帖子: 79,350 积分:163 精华:102 声望: 25766633	我提供的资料是从google来的，具体我不清楚是否可以通过清除startup里面的程序来达到目的。你可以google一下看看有没有其它方案。