黑魅爵士 - 2005-9-25 12:36:00
查日志,023项如下:
O23 - Service: DuDu Accelerator (DuDuProsvc) - Unknown owner - D:\Program Files\DuDu\DddClient\DuDuProsvc.exe (file missing)
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - D:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - D:\PROGRA~1\EFFICI~1\ENTERN~1.5\app\pppoeservice.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - D:\Program Files\Rising\Rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - Service: Remote_Procedure_Call (svchost) - Unknown owner - %windir%\system32\svchost.cmd (file missing)
O23 - Service: SVCHOST.EXE - Unknown owner - D:\WINDOWS\SVCHOST.EXE
O23 - Service: Performance Accounts (WksPatch) - Unknown owner - D:\WINDOWS\System32\drivers\svchost.exe (file missing)
我猜下列几项是“灰鸽子病毒”,对吗?可以删吗?
O23 - Service: DuDu Accelerator (DuDuProsvc) - Unknown owner - D:\Program Files\DuDu\DddClient\DuDuProsvc.exe (file missing)
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - D:\PROGRA~1\EFFICI~1\ENTERN~1.5\app\pppoeservice.exe
O23 - Service: Remote_Procedure_Call (svchost) - Unknown owner - %windir%\system32\svchost.cmd (file missing)
O23 - Service: SVCHOST.EXE - Unknown owner - D:\WINDOWS\SVCHOST.EXE
O23 - Service: Performance Accounts (WksPatch) - Unknown owner - D:\WINDOWS\System32\drivers\svchost.exe (file missing)
独孤豪侠 - 2005-9-25 12:41:00
O23 - Service: DuDu Accelerator (DuDuProsvc) - Unknown owner - D:\Program Files\DuDu\DddClient\DuDuProsvc.exe (file missing)
O23 - Service: Remote_Procedure_Call (svchost) - Unknown owner - %windir%\system32\svchost.cmd (file missing)
O23 - Service: Performance Accounts (WksPatch) - Unknown owner - D:\WINDOWS\System32\drivers\svchost.exe (file missing)上面这几项修复一下就可以了!
O23 - Service: SVCHOST.EXE - Unknown owner - D:\WINDOWS\SVCHOST.EXE这个是鸽子。要用杀鸽子的方法清除。
黑魅爵士 - 2005-9-25 12:51:00
谢过豪侠!
请问:怎么修复?怎么清除?
黑魅爵士 - 2005-9-25 14:58:00
在注册表中删除后,重启,再查日志,023项如下:
O23 - Service: DuDu Accelerator (DuDuProsvc) - Unknown owner - D:\Program Files\DuDu\DddClient\DuDuProsvc.exe (file missing)
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - D:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - D:\PROGRA~1\EFFICI~1\ENTERN~1.5\app\pppoeservice.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - D:\Program Files\Rising\Rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - Service: Performance Accounts (WksPatch) - Unknown owner - D:\WINDOWS\System32\drivers\svchost.exe (file missing)
用瑞星查杀,似乎没有灰鸽子了,请专家诊断!
黑魅爵士 - 2005-9-25 21:38:00
没有版主在吗?请教了!
猎鹰渔民 - 2005-9-25 21:45:00
| 引用: |
【独孤豪侠的贴子】O23 - Service: DuDu Accelerator (DuDuProsvc) - Unknown owner - D:\Program Files\DuDu\DddClient\DuDuProsvc.exe (file missing)
O23 - Service: Remote_Procedure_Call (svchost) - Unknown owner - %windir%\system32\svchost.cmd (file missing)
O23 - Service: Performance Accounts (WksPatch) - Unknown owner - D:\WINDOWS\System32\drivers\svchost.exe (file missing)上面这几项修复一下就可以了!
O23 - Service: SVCHOST.EXE - Unknown owner - D:\WINDOWS\SVCHOST.EXE这个是鸽子。要用杀鸽子的方法清除。
........................... |
按上面的操作,再显示所有文件,查找可能存在的病毒文件SVCHOST.EXE SVCHOST.DLL SVCHOSTKey.dll SVCHOST_hook.dll删除就行了
李小强 - 2005-9-25 22:24:00
O23 - Service: DuDu Accelerator (DuDuProsvc) - Unknown owner - D:\Program Files\DuDu\DddClient\DuDuProsvc.exe (file missing)
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - D:\PROGRA~1\EFFICI~1\ENTERN~1.5\app\pppoeservice.exe
O23 - Service: Remote_Procedure_Call (svchost) - Unknown owner - %windir%\system32\svchost.cmd (file missing)
O23 - Service: SVCHOST.EXE - Unknown owner - D:\WINDOWS\SVCHOST.EXE
O23 - Service: Performance Accounts (WksPatch) - Unknown owner - D:\WINDOWS\System32\drivers\svchost.exe (file missing)
第一个是某软件生成的,第2个是你的Enternet300生成的,下面三个都可疑,不是鸽子也是其它东西。。
病毒新手 - 2005-9-25 22:31:00
O23 - Service: SVCHOST.EXE - Unknown owner - D:\WINDOWS\SVCHOST.EXE
这个是鸽子!~~~~
我是一只小小鸟哟 - 2005-9-25 23:16:00
晕了头.你门说的这些东西我看的一头雾水.
有哪为小心的大哥能教教小妹吗?
winekk - 2005-9-25 23:26:00
关于鸽子的病毒手动删除方法的帖子已经很多了,自己找找吧
© 2000 - 2026 Rising Corp. Ltd.