瑞星卡卡安全论坛

Backdoor.Gpigeon.cn怎么也杀不了！重起了还有！而且瑞星防火墙能查出还有木马！都是中了这个病毒闹得！我是一个瑞星正版用户！希望版主能与解决！谢谢！杀了一遍重起后又卷土重来了！望快点解决！

灰鸽子http://forum.ikaka.com/topic.asp?board=28&artid=6202404

推荐什么啊？！
先用Hijackthis扫描日志贴上来，
顺便说一下报病毒的路径。

我也中鸽子了!谁能帮帮我啊!

你还是把HijackThis的日志贴上来吧

我把日志备份了！不知道怎么转贴出来！怎么再找到日志啊！

复制出来

我要是能复制还用问么？

wscntfy.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc

我只能上传这个！不会复制！
详细内容2005-08-12 20:21:45, wscntfy.exe>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:45, IEXPLORE.EXE>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:45, IEXPLORE.EXE>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:45, wscntfy.exe>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:45, wscntfy.exe>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:45, wscntfy.exe>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:45, wscntfy.exe>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:45, wscntfy.exe>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:45, wscntfy.exe>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:45, wscntfy.exe>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:36, IEXPLORE.EXE>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:36, IEXPLORE.EXE>>C:\WINDOWS\svchost.DLL ->Backdoor.GPigeon.5.a(灰鸽子后门)
详细内容2005-08-12 20:21:35, ctfmon.exe>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:35, ctfmon.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:33, realsched.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:32, cdnup.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:30, RAVMON.EXE>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:30, RAVMON.EXE>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:28, RAVTIMER.EXE>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:25, RfwMain.exe>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:25, RfwMain.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:24, Explorer.EXE>>C:\WINDOWS\svchostKey.DLL ->Backdoor.Gpigeon.5.am
详细内容2005-08-12 20:21:24, Explorer.EXE>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:21, spoolsv.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:18, rfwsrv.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:17, RavStub.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:15, Ravmond.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:12, svchost.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:10, svchost.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:08, svchost.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:02, svchost.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:21:00, svchost.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:20:57, lsass.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:20:54, services.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:20:52, winlogon.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
详细内容2005-08-12 20:20:49, csrss.exe>>C:\WINDOWS\svchost_Hook.DLL ->Backdoor.Gpigeon.bc
复制了半天！请好好解答！谢谢！别太复杂！一定要有专杀！

不是这个
运行HijackThis，先点[扫描系统并保存日志]或[Do a system scan and save a logfile]按钮，扫描完成后，LOG将会在自动弹出的记事本中
显示，再从记事本里复制/粘贴到贴子里。如果LOG比较长，一贴发不完，你可以分成几个部分发在回贴里。

【回复“羽翼蔷薇”的帖子】
http://forum.ikaka.com/topic.asp?board=28&artid=6987804
试试这个办法，看看行不？