强化毛毛虫 - 2006-3-13 0:28:00
最近用瑞星一直有这样一个病毒被查杀 Backdoor.Gpigeon.tkj,但过段时间又会出来了,这个应该怎么样彻底杀掉啊
附件:
372738200631302846.JPG
读来毒网 - 2006-3-13 1:24:00
请您先下载HijackThis1.99.1(它是免费的):
http://www.spywareinfo.com/~merijn/files/hijackthis.zip将它解压到一个非临时性的文件夹(比如C:\Program Files\HijackThis\HijackThis.exe)。然后双击HijackThis.exe图标,选择Do a system scan and save a logfile,将产生的文本文件中的日志贴上来。如果一个帖子贴不下,可以将剩余的部分另开一帖。
峰霖 - 2006-3-13 3:57:00
O23 - NT 服务: C-DillaCdaC11BA - Macrovision - C:\WINNT\system32\drivers\CDAC11BA.EXE
O23 - NT 服务: Crypkey License - Kenonic Controls Ltd. - C:\WINNT\SYSTEM32\crypserv.exe
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: Legato AAM - domain Agent (domain) - Unknown owner - C:\Program Files\Legato AAM Agent - domain\bin\ftAgent.exe (file missing)
O23 - NT 服务: Legato AAM - domain Backbone (domain_BACKBONE) - Unknown owner - C:\Program Files\Legato AAM Agent - domain\bin\ftbackbonesrv.exe (file missing)
O23 - NT 服务: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\Ravmond.exe
O23 - NT 服务: Smart Card Helper (SCardDrv) - Unknown owner - C:\WINNT\system32\scardsvr32.exe
O23 - NT 服务: Windows Imag Acquisition (WIA - Unknown owner - C:\WINNT\MSN.exe
O23 - NT 服务: WinkldUP - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wz\wz.exe (file missing)
帮我看看日志,哪个是木马的进程?
© 2000 - 2026 Rising Corp. Ltd.