瑞星提示中了Backdoor.gpigeon.umx,但杀掉又反复出现,请版主看看,谢谢你 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛瑞星提示中了Backdoor.gpigeon.umx,但杀掉又反复出现,请版主看看,谢谢你

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

2 / 3 页

跳转页

瑞星提示中了Backdoor.gpigeon.umx,但杀掉又反复出现,请版主看看,谢谢你

richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:	发表于： 2005-12-30 10:23 \| 只看楼主短消息资料字号：小中大 11楼接================================== 正在运行的进程 [PID: 164][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.00.2195.6601> [PID: 192][\??\C:\WINNT\system32\csrss.exe] <Microsoft Corporation><5.00.2195.6601> [PID: 188][\??\C:\WINNT\system32\winlogon.exe] <Microsoft Corporation><5.00.2195.6970> [C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3> [PID: 240][C:\WINNT\system32\services.exe] <Microsoft Corporation><5.00.2195.6700> [C:\WINNT\system32\dmserver.dll] <VERITAS Software Corp.><2195.6605.297.3> [PID: 252][C:\WINNT\system32\lsass.exe] <Microsoft Corporation><5.00.2195.6902> [PID: 420][c:\program files\rising\rfw\rfwsrv.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 25> [c:\program files\rising\rfw\RfwRule.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 10> [c:\program files\rising\rfw\rfwlog.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6> [c:\program files\rising\rfw\Rfwdrv.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 19> [c:\program files\rising\rfw\MonDrv.dll] <rs><1, 0, 0, 4> [c:\program files\rising\rfw\ProcLib.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9> [PID: 432][C:\WINNT\system32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [PID: 468][C:\Program Files\rising\Rav\CCenter.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3> [PID: 508][C:\Program Files\rising\Rav\Ravmond.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 6> [C:\Program Files\rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16> [C:\Program Files\rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1> [C:\Program Files\rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2> [C:\Program Files\rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6> [C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4> [C:\Program Files\rising\Rav\RsLog.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18> [C:\Program Files\rising\Rav\HOOKSYS.dll] <Rising><18, 1, 0, 9> [C:\Program Files\rising\Rav\Scanner.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 28> [C:\Program Files\rising\Rav\libload.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10> [C:\Program Files\rising\Rav\VirusLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10> [C:\Program Files\rising\Rav\regmon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6> [C:\Program Files\rising\Rav\HookWeb.dll] <rising><18, 0, 0, 1> [C:\Program Files\rising\Rav\MemMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8> [C:\Program Files\rising\Rav\expscan.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4> [C:\Program Files\rising\Rav\mPorts.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3> [C:\Program Files\rising\Rav\MailMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5> [C:\Program Files\rising\Rav\SpamEng.dll] <N/A><18, 0, 0, 4> [C:\Program Files\rising\Rav\engine.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23> [C:\Program Files\rising\Rav\PostTrt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5> [C:\Program Files\rising\Rav\UnExe.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6> [C:\Program Files\rising\Rav\ScanExec.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6> [C:\Program Files\rising\Rav\ScanEx.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5> [C:\Program Files\rising\Rav\NvFile.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7> [C:\Program Files\rising\Rav\ScanMac.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7> [C:\Program Files\rising\Rav\ScanSct.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10> [C:\Program Files\rising\Rav\Unpacker.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3> [C:\Program Files\rising\Rav\ExtFile.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15> [C:\Program Files\rising\Rav\ExtOLE.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5> [PID: 568][C:\WINNT\system32\spoolsv.exe] <Microsoft Corporation><5.00.2195.7059> [C:\WINNT\system32\AdobePDF.dll] <Adobe Systems Incorporated.><6.0.000> [C:\Program Files\Adobe\Acrobat 6.0\Distillr\adistres.dll] <Adobe Systems Incorporated.><6.0.0.2003040700> [C:\WINNT\system32\HPDCMON.DLL] <Hewlett-Packard><04.20.00> [PID: 600][C:\WINNT\System32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [PID: 624][d:\MATLAB6p5\webserver\bin\win32\matlabserver.exe] <N/A><N/A> [d:\matlab6p5\bin\win32\libeng.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\libut.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\libmx.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\mwoles05.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\libmex.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\libmwservices.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\mpath.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\m_interpreter.dll] <The MathWorks Inc.><6.5.0.181260> [d:\matlab6p5\bin\win32\libmat.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\mlib.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\m_pcodeio.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\m_ir.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\m_parser.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\m_pcodegen.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\m_dispatcher.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\hg.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\numerics.dll] <The MathWorks Inc.><6.5.0.181030a> [d:\matlab6p5\bin\win32\libmwlapack.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\libmwfftw.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\libmwumfpack.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\udd.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\uiw.dll] <The MathWorks Inc.><6.5.0.180913a> [PID: 624][d:\matlab6p5\bin\win32\matlab.exe] <The MathWorks Inc.><6.0.0.180601> [d:\matlab6p5\bin\win32\dastudio.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\glee.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\jmi.dll] <The MathWorks Inc.><6.5.0.181035> [d:\matlab6p5\bin\win32\simulink.dll] <The MathWorks Inc.><5.0.0.181371> [d:\matlab6p5\bin\win32\libmwbuiltins.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\cg_ir.dll] <The MathWorks Inc.><1.0.0.0> [d:\matlab6p5\bin\win32\libfixedpoint.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\hardcopy.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\gui.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\sl_solver.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\udd_mi.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\comcli.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\mclcom.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\atlas_P4.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\lapack.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\DFORRT.dll] <Digital Equipment Corporation><6.0 - 575>
richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:

richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:	发表于： 2005-12-30 10:26 \| 只看楼主短消息资料字号：小中大 12楼接 [PID: 676][C:\WINNT\System32\nvsvc32.exe] <NVIDIA Corporation><6.13.10.2832> [PID: 696][C:\PROGRA~1\EFFICI~1\ENTERN~2\app\pppoeservice.exe] <N/A><N/A> [PID: 724][d:\matlab6p5\bin\win32\matlab.exe] <The MathWorks Inc.><6.0.0.180601> [d:\matlab6p5\bin\win32\mwoles05.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\libut.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\libmx.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\libmex.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\libmwservices.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\mpath.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\m_interpreter.dll] <The MathWorks Inc.><6.5.0.181260> [d:\matlab6p5\bin\win32\libmat.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\mlib.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\m_pcodeio.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\m_ir.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\m_parser.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\m_pcodegen.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\m_dispatcher.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\hg.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\numerics.dll] <The MathWorks Inc.><6.5.0.181030a> [d:\matlab6p5\bin\win32\libmwlapack.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\libmwfftw.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\libmwumfpack.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\udd.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\uiw.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\gui.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\simulink.dll] <The MathWorks Inc.><5.0.0.181371> [d:\matlab6p5\bin\win32\libmwbuiltins.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\cg_ir.dll] <The MathWorks Inc.><1.0.0.0> [d:\matlab6p5\bin\win32\libfixedpoint.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\glee.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\jmi.dll] <The MathWorks Inc.><6.5.0.181035> [d:\matlab6p5\bin\win32\dastudio.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\hardcopy.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\sl_solver.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\mclcom.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\udd_mi.dll] <The MathWorks Inc.><6.5.0.180913a> [d:\matlab6p5\bin\win32\comcli.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\atlas_P4.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\lapack.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\DFORRT.dll] <Digital Equipment Corporation><6.0 - 575> [d:\matlab6p5\sys\java\jre\win32\jre\bin\hotspot\jvm.dll] <N/A><N/A> [C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3> [d:\matlab6p5\sys\java\jre\win32\jre\bin\hpi.dll] <N/A><N/A> [d:\matlab6p5\sys\java\jre\win32\jre\bin\verify.dll] <N/A><N/A> [d:\matlab6p5\sys\java\jre\win32\jre\bin\java.dll] <N/A><N/A> [d:\matlab6p5\sys\java\jre\win32\jre\bin\zip.dll] <N/A><N/A> [D:\MATLAB6p5\sys\java\jre\win32\jre\bin\awt.dll] <N/A><N/A> [D:\MATLAB6p5\sys\java\jre\win32\jre\bin\fontmanager.dll] <N/A><N/A> [C:\WINNT\system32\nvoglnt.dll] <NVIDIA Corporation><6.13.10.2832> [D:\MATLAB6p5\bin\win32\nativejava.dll] <N/A><N/A> [d:\matlab6p5\bin\win32\glren.dll] <The MathWorks Inc.><6.0.0.180913a> [PID: 752][C:\WINNT\system32\MSTask.exe] <Microsoft Corporation><4.71.2195.6920> [PID: 816][C:\Program Files\rising\Rav\RavStub.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12> [C:\Program Files\rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1> [C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4> [PID: 936][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] <Analog Devices, Inc.><3, 2, 6, 0> [PID: 956][C:\WINNT\System32\WBEM\WinMgmt.exe] <Microsoft Corporation><1.50.1085.0100> [PID: 968][C:\WINNT\system32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [PID: 1288][C:\WINNT\Explorer.EXE] <Microsoft Corporation><5.00.3700.6690> [C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5>
richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:

richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:	发表于： 2005-12-30 10:27 \| 只看楼主短消息资料字号：小中大 13楼接 [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [C:\WINNT\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13> [C:\PROGRA~1\FLASHGET\fgiebar.dll] <Amaze Soft><1, 2, 0, 0> [C:\PROGRA~1\3721\assist\asbar.dll] <3721><1, 0, 1, 1001> [C:\PROGRA~1\3721\assist\ieaui.dll] <yahoo!china><1, 0, 1, 1006> [C:\PROGRA~1\3721\assist\tbwrap.dll] <3721><1, 0, 0, 2> [C:\PROGRA~1\3721\assist\asnoad.dll] <><1, 0, 0, 9> [C:\PROGRA~1\3721\assist\aswiper.dll] <3721><1, 0, 1, 1001> [C:\PROGRA~1\3721\assist\asiesec.dll] <yahoo><1, 0, 0, 9> [C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><6.0.0.2003040700> [C:\PROGRA~1\FLASHGET\jccatch.dll] <Amaze Soft><1, 1, 4, 0> [d:\WinZip\WZSHLSTB.DLL] <WinZip Computing, Inc.><3.0 (32-bit)> [C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL] <N/A><N/A> [D:\WinRAR\rarext.dll] <N/A><N/A> [C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll] <Adobe Systems Inc.><1.0.0.2003040700> [PID: 396][c:\program files\rising\rfw\RfwMain.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 40> [c:\program files\rising\rfw\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23> [C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3> [c:\program files\rising\rfw\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4> [c:\program files\rising\rfw\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [PID: 1264][C:\Program Files\Analog Devices\SoundMAX\SMTray.exe] <Analog Devices, Inc.><3, 2, 12, 0> [C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [PID: 1040][C:\program files\GoldenSoft\Recovery Genius 21st\WinNT\HDDGMon.exe] <><5, 0, 0, 350> [C:\program files\GoldenSoft\Recovery Genius 21st\WinNT\SimCom.dll] <N/A><N/A> [C:\program files\GoldenSoft\Recovery Genius 21st\WinNT\HMRes.dll] <><5, 0, 0, 350> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [PID: 1428][C:\WINNT\system32\rundll32.exe] <Microsoft Corporation><5.00.2134.1> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [C:\PROGRA~1\3721\autolive.dll] <><1, 0, 2, 9> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [PID: 1436][C:\PROGRA~1\3721\ASSISTSE.EXE] <yahoo><1, 0, 1, 1001> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [C:\PROGRA~1\3721\shell\Assecblk.dll] <3721><1, 0, 0, 7> [C:\PROGRA~1\3721\shell\MenuInfo.dll] <yahoo><1, 0, 0, 2> [C:\PROGRA~1\3721\shell\IEAngel.dll] <yahoo><1, 0, 0, 3> [C:\PROGRA~1\3721\shell\AsMenu.dll] <3721><1, 0, 1, 1001> [C:\PROGRA~1\3721\assist\assist.dll] <><2, 0, 3, 2> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [C:\PROGRA~1\3721\assist\repair.dll] <北京三七二一科技有限公司><1, 0, 4, 1001> [C:\PROGRA~1\3721\assist\asfsks.dll] <3721.com><2, 1, 1, 87> [c:\progra~1\3721\assist\adfilter.dll] < ><1, 0, 1, 6> [C:\PROGRA~1\3721\assist\assecblk.dll] <3721><1, 0, 0, 7> [C:\PROGRA~1\3721\assist\optimum.dll] <N/A><N/A> [C:\PROGRA~1\3721\assist\assistex.dll] <3721><1, 0, 1, 1001> [PID: 1444][C:\WINNT\system32\wuauclt.exe] <Microsoft Corporation><5.4.3630.2554 built by: lab04_n> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [PID: 1464][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] <RealNetworks, Inc.><0.1.0.3208> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [PID: 1504][C:\WINNT\system32\Rundll32.exe] <Microsoft Corporation><5.00.2134.1> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [PID: 1488][C:\WINNT\System32\pizzabx.exe] <Goldensoft Technology Co.,Ltd.><2.55> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [PID: 1536][C:\Program Files\rising\Rav\RavTask.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22> [C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4> [C:\Program Files\rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2> [C:\Program Files\rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6> [C:\Program Files\rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [PID: 1544][C:\WINNT\system32\internat.exe] <Microsoft Corporation><5.00.2920.0000> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [PID: 1556][C:\Program Files\rising\Rav\Ravmon.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 99> [C:\Program Files\rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22> [C:\Program Files\rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16> [C:\Program Files\rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2> [C:\Program Files\rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6> [C:\Program Files\rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4> [C:\Program Files\rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1> [C:\Program Files\rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [PID: 1584][C:\Program Files\hexin\sslproxy\SSLCnt.exe] <杭州核新软件技术有限公司><1.103.2003.0624> [C:\Program Files\hexin\sslproxy\crypteng.dll] <杭州核新软件技术有限公司><1.44.2003.0426> [C:\Program Files\hexin\sslproxy\sslproxy.dll] <杭州核新软件技术有限公司><1.52.2002.326> [C:\Program Files\hexin\sslproxy\CAsAPI.dll] <杭州核新软件技术有限公司><1.49.2002.422> [C:\Program Files\hexin\sslproxy\Scard.dll] <杭州核新软件技术有限公司><1.02.2001.0529> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [C:\Program Files\hexin\sslproxy\CAs\Sheca.dll] <杭州核新软件技术有限公司><1.07.2001.0706> [C:\Program Files\hexin\sslproxy\CAs\RH.dll] <杭州核新软件技术有限公司><1.07.2001.1207> [C:\Program Files\hexin\sslproxy\MapProxy.dll] <核新软件技术有限公司><1.00.2003.0613> [PID: 772][C:\Program Files\Internet Explorer\IEXPLORE.EXE] <Microsoft Corporation><5.00.2920.0000> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5> [C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll] <N/A><N/A> [C:\PROGRA~1\3721\assist\asbar.dll] <3721><1, 0, 1, 1001> [C:\PROGRA~1\3721\assist\ieaui.dll] <yahoo!china><1, 0, 1, 1006> [C:\PROGRA~1\3721\assist\tbwrap.dll] <3721><1, 0, 0, 2> [C:\PROGRA~1\3721\assist\asnoad.dll] <><1, 0, 0, 9> [C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3> [C:\PROGRA~1\3721\assist\aswiper.dll] <3721><1, 0, 1, 1001> [C:\PROGRA~1\3721\assist\asiesec.dll] <yahoo><1, 0, 0, 9> [C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><6.0.0.2003040700> [C:\PROGRA~1\FLASHGET\jccatch.dll] <Amaze Soft><1, 1, 4, 0> [C:\Program Files\rising\Rav\RavScrCh.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3> [C:\WINNT\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0> [c:\progra~1\3721\assist\adfilter.dll] < ><1, 0, 1, 6> [C:\PROGRA~1\3721\assist\repair.dll] <北京三七二一科技有限公司><1, 0, 4, 1001> [C:\PROGRA~1\3721\assist\asfsks.dll] <3721.com><2, 1, 1, 87> [C:\PROGRA~1\3721\assist\optimum.dll] <N/A><N/A> [C:\PROGRA~1\3721\assist\XPStyle.dll] <N/A><N/A> [C:\PROGRA~1\3721\assist\assecblk.dll] <3721><1, 0, 0, 7> [C:\WINNT\system32\UNISPIM.IME] <北京清华紫光软件股份有限公司><3.0.0.3045> [C:\WINNT\system32\upengine.dll] <北京清华紫光软件股份有限公司><3.0.0.3045> [PID: 1736][G:\杀毒\扫描程序\sreng2\SREng.exe] <Smallfrogs Studio><2.0.12.350> [C:\WINNT\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 1, 2> [C:\PROGRA~1\3721\helper.dll] <><1, 0, 0, 5>
richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:

richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:	发表于： 2005-12-30 10:28 \| 只看楼主短消息资料字号：小中大 14楼接 ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINNT\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 ==================================
richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:

richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:	发表于： 2005-12-30 10:49 \| 只看楼主短消息资料字号：小中大 15楼魔法斑竹,请你帮忙看看?谢谢你
richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:

魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:	发表于： 2005-12-30 11:03 \| 短消息资料字号：小中大 16楼从两份log上看都没有问题，麻烦您将杀毒日志贴上来在看一下
魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:

richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:	发表于： 2005-12-30 11:11 \| 只看楼主短消息资料字号：小中大 17楼是瑞星的杀毒日志吗?我是新手,怎么贴,抓图?
richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:

魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:	发表于： 2005-12-30 11:15 \| 短消息资料字号：小中大 18楼在瑞星中可直接导出
魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:

richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:	发表于： 2005-12-30 11:47 \| 只看楼主短消息资料字号：小中大 19楼病毒名称处理结果发现日期扫描方式路径文件病毒来源本机本机 Trojan.Spy.Agent.vl 清除成功 2005-12-22 12:01 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Trojan.Spy.Agent.vl 清除成功 2005-12-22 12:14 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Trojan.Spy.Agent.vl 清除成功 2005-12-22 12:14 手动扫描 iexplore.exe>>C:\Program Files\Internet Explorer\iexplore.exe 本机 Trojan.Spy.Agent.vl 清除成功 2005-12-22 12:20 手动扫描 iexplore.exe>>C:\Program Files\Internet Explorer\iexplore.exe 本机 Trojan.Spy.Agent.vl 清除成功 2005-12-22 12:21 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Trojan.Spy.Agent.vl 清除成功 2005-12-22 13:00 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Trojan.Spy.Agent.vl 清除成功 2005-12-22 16:06 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机本机 Backdoor.Gpigeon.umx 清除成功 2005-12-29 20:18 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Backdoor.Gpigeon.umx 清除成功 2005-12-30 09:25 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Backdoor.Gpigeon.umx 清除成功 2005-12-30 09:54 手动扫描 iexplore.exe>>C:\Program Files\Internet Explorer\iexplore.exe 本机 Backdoor.Gpigeon.umx 清除成功 2005-12-30 09:56 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Backdoor.Gpigeon.umx 清除成功 2005-12-30 09:57 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Backdoor.Gpigeon.umx 清除成功 2005-12-30 09:58 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Backdoor.Gpigeon.umx 清除成功 2005-12-30 10:00 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Backdoor.Gpigeon.umx 清除成功 2005-12-30 11:16 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Backdoor.Gpigeon.umx 清除成功 2005-12-30 11:33 手动扫描 iexplore.exe>>C:\Program Files\Internet Explorer\iexplore.exe 本机 Backdoor.Gpigeon.umx 清除成功 2005-12-30 11:34 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Backdoor.Gpigeon.umx 清除成功 2005-12-30 11:39 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机 Backdoor.Gpigeon.umx 清除成功 2005-12-30 11:41 手动扫描 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE 本机
richard65555 初生襁褓狮帖子:50 注册: 2005-12-22 来自:

魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:	发表于： 2005-12-30 14:12 \| 短消息资料字号：小中大 20楼从log看不出问题……
魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:

<<上一主题|下一主题>>

2 / 3 页

跳转页

页面顶部

Powered by Discuz!NT