瑞星卡卡安全论坛

救命啊~~~~~~我中Backdoor.Gpigeon.pr拉~!~昨天一查43个杀了.今天又查超出43个.高手救我

扫个HJ日志上来瞧瞧。

病毒名字都是一样的。帮我下。

名字一样但服务组不一样

日志复制不上来喔。 。。不好意思。

我发现了3次。杀了3次。都是43个 好象杀不丢掉的感觉

日志怎么会复制不上来呢？

一点就连上网站了。复制不到。

晕，http://forum.ikaka.com/topic.asp?board=28&artid=6979213这个贴一楼里的工具。扫描完后会有TXT文档出来，把TXY文档里的内容复制上来。

我刚又重起了次,有发现了病毒.估计是每重起次要是用瑞星杀的话一定又是43个....  郁闷到拉

http://forum.ikaka.com/topic.asp?board=28&artid=6979213  你给我的.叫我看什么哟?

晕死，把这个地址复制到地址栏里，然扫按回车键。

...........
我打开过的.叫我看那个地址的哪个内容呢

好.以后我发帖子注意拉.不叫救命了....

http://forum.ikaka.com/topic.asp?board=28&artid=7161546

我看到第6步.请问是不是上传我的日志.我找到瑞星安装的地方了.但是找不到日志是哪个包
告诉我下吧

顶下

扫描完后会有TXT文档出来，把TXY文档里的内容复制上来。

复制不了.我不会

病毒名称处理结果发现日期扫描方式路径文件病毒来源
I-Worm.Wukill.f删除成功05-07-23 15:57实时监控C:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008936.exe本机
I-Worm.Wukill.f删除成功05-07-23 16:57实时监控C:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008937.exe本机
I-Worm.Wukill.f删除成功05-07-23 17:57实时监控C:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008941.exe本机
I-Worm.Wukill.f删除成功05-07-27 14:53实时监控G:WINFILE.EXE本机
I-Worm.Wukill.f删除成功05-07-28 11:58实时监控C:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008978.EXE本机
I-Worm.Wukill.f删除成功05-07-28 14:03实时监控C:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008979.EXE本机
I-Worm.Wukill.f删除成功05-07-29 13:23实时监控C:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008980.EXE本机
I-Worm.Wukill.f删除成功05-08-01 11:06实时监控C:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008981.EXE本机
I-Worm.Wukill.f删除成功05-08-01 16:26实时监控C:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008982.EXE本机
I-Worm.Wukill.f删除成功05-08-02 09:07实时监控C:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008983.EXE本机
Script.Exploit.JS.Spage.H删除成功05-08-02 15:35实时监控C:\DOCUME~1\DUWENM~1\LOCALS~1\Temp\Rar$EX00.344\data\窗口类特效强制性改变浏览器的主页[最好不要用]本机
Script.Exploit.JS.Spage.H删除成功05-08-02 15:36实时监控C:\Documents and Settings\duwenming\桌面\seav-Pagemaker\data\窗口类特效强制性改变浏览器的主页[最好不要用]本机
Script.Redlof.htm.Head清除成功05-08-03 16:10实时监控E:\wymb\dj10\k666.com\chengyuanindex.html本机
Script.Redlof.htm.Body清除成功05-08-03 16:10实时监控E:\wymb\dj10\k666.com\chengyuanindex.html本机
Script.RedLof.Head清除成功05-08-03 16:11实时监控E:\wymb\dj10\k666.com\chengyuanindex.html本机
Script.Exploit.HTML.Spage.K清除成功05-08-03 16:11实时监控E:\wymb\dj11\k666.comGONGGAO.HTM.KBK本机
Exploit.VBS.Phel.e删除成功05-08-04 09:12实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\OL81E7S5jiaozhu[1].htm本机
Exploit.HHCtrl.Jiaozhu删除成功05-08-04 09:12实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\ZNHFJXOWbbs003302[1].gif本机
TrojanDownloader.Gpigeon.b删除成功05-08-04 09:12实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\QN2BQ9AJbbs003302[1].css>>VEUnpackFile本机
I-Worm.Wukill.f删除成功05-08-06 15:49实时监控D:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008987.EXE本机
Exploit.HTML.Mht删除成功05-08-08 09:34实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\CD2R4T67top[1].js本机
Trojan.PSW.Stealer.ac删除成功05-08-08 10:35实时监控C:\Documents and Settings\duwenming\桌面\20050807chongQ\最快最直观的冲Q币方法dialupass.exe本机
Hack.SqlScan.a删除成功05-08-08 10:46实时监控C:\Documents and Settings\duwenming\桌面\20050806QB\扫广东代理——刷QBs.exe本机
I-Worm.Wukill.f删除成功05-08-08 11:47实时监控D:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008988.exe本机
Trojan.PSW.Stealer.ac删除成功05-08-08 11:51定时扫描C:\RECYCLER\S-1-5-21-1454471165-583907252-682003330-1008Dc4.rar>>最快最直观的冲Q币方法\dialupass.exe本机
Hack.SqlScan.a删除成功05-08-08 11:51定时扫描C:\RECYCLER\S-1-5-21-1454471165-583907252-682003330-1008Dc5.rar>>扫广东代理——刷QB\s.exe本机
I-Worm.Wukill.f删除成功05-08-08 17:07实时监控D:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008989.exe本机
I-Worm.Wukill.f删除成功05-08-08 18:00实时监控D:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP47A0008990.exe本机
Exploit.HTML.Mht删除失败05-08-16 15:15实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\C1ANKL2Bindex[3].htm本机
Exploit.HTML.Mht.p删除成功05-08-16 15:16实时监控C:\DOCUME~1\DUWENM~1\LOCALS~1\Temp3868341906056.tmp本机
Exploit.HTML.Mht删除成功05-08-17 10:40屏幕保护C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\C1ANKL2Bindex[3].htm本机
Hack.Domain.b删除成功05-08-17 10:52屏幕保护C:\RECYCLER\S-1-5-21-1454471165-583907252-682003330-1008Dc3.rar>>DomainBomb .exe本机
Hack.Domain.b删除成功05-08-17 11:04屏幕保护D:\新建文件夹 (2)\hk\20050807DomainBombDomainBomb .exe本机
Hack.Domain.b删除成功05-08-24 15:29实时监控D:\System Volume Information\_restore{9997B1B0-907F-4836-95C8-491CFDBF0B51}\RP65A0034480.exe本机
Exploit.VBS.Phel.e删除成功05-09-01 08:02实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\09YB4DIJjiaozhu[1].htm本机
Exploit.HHCtrl.Jiaozhu删除失败05-09-01 08:03实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\09YB4DIJbbs003302[1].gif本机
Exploit.HHCtrl.Jiaozhu删除失败05-09-01 08:03实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\09YB4DIJbbs003302[1].gif本机
Backdoor.BlackHole.2004.b删除成功05-09-01 08:03实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\B3ZZZSTTbbs003302[1].css本机
Exploit.HHCtrl.Jiaozhu删除成功05-09-01 08:03实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\09YB4DIJbbs003302[1].gif本机
Exploit.VBS.Phel.e删除成功05-09-01 08:08实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\3O44953Yjiaozhu[1].htm本机
Exploit.HHCtrl.Jiaozhu删除成功05-09-01 08:08实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\3O44953Ybbs003302[1].gif本机
Backdoor.BlackHole.2004.b删除成功05-09-01 08:08实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\09YB4DIJbbs003302[1].css本机
Backdoor.Gpigeon.kc删除成功05-09-02 10:45实时监控C:\DOCUME~1\DUWENM~1\LOCALS~1\TempAAYNGL.TMP本机
Backdoor.Gpigeon.il删除成功05-09-02 10:45实时监控C:\DOCUME~1\DUWENM~1\LOCALS~1\TempLNMWRF.TMP本机
Backdoor.Gpigeon.kc删除成功05-09-02 10:46实时监控C:\DOCUME~1\DUWENM~1\LOCALS~1\TempHPYYEF.TMP本机
Backdoor.Gpigeon.il删除成功05-09-02 10:46实时监控C:\DOCUME~1\DUWENM~1\LOCALS~1\TempKWJGKH.TMP本机
Backdoor.Gpigeon.kc删除成功05-09-02 11:58实时监控C:\DOCUME~1\DUWENM~1\LOCALS~1\TempGGOPNW.TMP本机
Backdoor.Gpigeon.il删除成功05-09-02 11:58实时监控C:\DOCUME~1\DUWENM~1\LOCALS~1\TempUTVTCQ.TMP本机
Exploit.VBS.Phel.e删除成功05-09-05 09:45实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\GXEJGPYRhello[1].htm本机
Exploit.HHCtrl.Jiaozhu删除成功05-09-05 09:45实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\8J3ZUCDTbbs003302[1].gif本机
TrojanDownloader.Gpigeon.b删除成功05-09-05 09:45实时监控C:\Documents and Settings\duwenming\Local Settings\Temporary Internet Files\Content.IE5\YEBDS17Dbbs003302[1].css>>VEUnpackFile本机
Backdoor.Gpigeon.skw清除成功05-09-05 15:39屏幕保护IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-07 17:09屏幕保护IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-08 09:10屏幕保护IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-12 16:06手动扫描IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-13 09:31屏幕保护IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-16 14:53屏幕保护IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-19 08:17屏幕保护IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-19 14:37手动扫描IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-20 07:59手动扫描IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-20 08:07手动扫描IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-20 08:26手动扫描IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-20 08:31手动扫描IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-20 14:31手动扫描IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-20 14:41手动扫描IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-20 15:29手动扫描IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-20 16:04手动扫描IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机
Backdoor.Gpigeon.skw清除成功05-09-21 08:02手动扫描IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE本机

你用的是放火墙吧.瑞星我不知道在哪复制.但是真的杀不了........晕  今天更多.54个 哎

Backdoor.Gpigeon.pr
　  17.44.21    就可以杀.  我的是 17.45.12还是杀不了 

路径是 scchost.exe>>c:\WINDOWS\Server_HOOk.DLL
还有的是csrss.exe>>c:\WINDOWS\Server_HOOk.DLL
Server.DLL

顶 帮忙下

病毒分类  WINDOWS下的PE病毒  病毒名称  Backdoor.Gpigeon.pr 　
别    名    　 病毒长度     
危害程度    传播途径    　
行为类型  WINDOWS下的木马程序  感    染    　
病毒发作  瑞 星 版 本 号
　  17.44.21 

木马“灰鸽子”的变种。






更本杀不了

用3721助手高级修复系统，然后全面杀毒，杀完后再用3721助手修复一次，再重启看看。

好.我去试试

杀完后记得到3721网站下个反间谍专家查杀木马。

没办法.还是杀不了