瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 新版灰鸽子dllhost.exe的一些特点及手工查杀流程

123456   4  /  6  页   跳转

新版灰鸽子dllhost.exe的一些特点及手工查杀流程

收藏
zheng882006
头像
初生襁褓狮
  • 帖子:18
  • 注册: 2007-03-31
  • 来自:
发表于: 2007-04-02 11:29 | 短消息 资料
字号: 31楼

谢谢版主

我用HijackThis扫描系统:

Logfile of HijackThis v1.99.1
Scan saved at 11:06:15, on 2007-4-2
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\瑞星\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\瑞星\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
c:\瑞星\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
c:\瑞星\rising\rfw\RfwMain.exe
C:\WINDOWS\System32\alg.exe
C:\木马克星\Iparmor\Iparmor.exe
C:\Program Files\Rising\AntiSpyware\runiep.exe
C:\瑞星\Rising\Rav\RavTask.exe
C:\瑞星\Rising\Rav\Ravmon.exe
C:\Windows木马清道夫\Trojanwall.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\白猫系统王\CatKing.exe
C:\WINDOWS\system32\conime.exe
C:\万联2003\hexin.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {672AF8C7-19FA-485A-A82E-2642E15375B6} - C:\Windows木马清道夫\FygIEmon.dll (file missing)
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - (no file)
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] rem ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] rem ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] rem ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SysExplr] rem ; C:\Herosoft\HeroV8\SysExplr.EXE
O4 - HKLM\..\Run: [igfxtray] rem ; C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] rem ; C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] rem ; C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IMSCMig] rem ; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [TkBellExe] rem "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [iparmor] C:\木马克星\Iparmor\Iparmor.exe mini
O4 - HKLM\..\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - HKLM\..\Run: [RavTask] "C:\瑞星\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "C:\瑞星\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [Windows木马防火墙] C:\Windows木马清道夫\Trojanwall.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder

Network\Thunder\Thunder.exe
O9 - Extra button: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Herosoft\HeroV8\STHSDVD.EXE
O9 - Extra 'Tools' menuitem: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Herosoft\HeroV8\STHSDVD.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O23 - Service: COM+ System Application (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing)
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\瑞星\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\瑞星

\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\瑞星

\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\瑞星\Rising\Rav\Ravmond.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing)



您看有没有问题?
gototop
 
baohe
头像
大版主
  • 帖子:72578
  • 注册: 2003-04-10
  • 来自:
年度优秀版主奖端午辟邪香囊卡卡名人堂就爱不长大论坛9周年纪念09欢乐圣诞十周年年度风云人物2012我眼中的你们茶馆劳模瑞星金牌用户十一周年勋章
发表于: 2007-04-02 17:13 | 只看楼主 短消息 资料
字号: 32楼

引用:
【zheng882006的贴子】谢谢版主

我用HijackThis扫描系统:

Logfile of HijackThis v1.99.1
Scan saved at 11:06:15, on 2007-4-2
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\瑞星\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\瑞星\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
c:\瑞星\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
c:\瑞星\rising\rfw\RfwMain.exe
C:\WINDOWS\System32\alg.exe
C:\木马克星\Iparmor\Iparmor.exe
C:\Program Files\Rising\AntiSpyware\runiep.exe
C:\瑞星\Rising\Rav\RavTask.exe
C:\瑞星\Rising\Rav\Ravmon.exe
C:\Windows木马清道夫\Trojanwall.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\白猫系统王\CatKing.exe
C:\WINDOWS\system32\conime.exe
C:\万联2003\hexin.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {672AF8C7-19FA-485A-A82E-2642E15375B6} - C:\Windows木马清道夫\FygIEmon.dll (file missing)
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - (no file)
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] rem ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] rem ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] rem ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SysExplr] rem ; C:\Herosoft\HeroV8\SysExplr.EXE
O4 - HKLM\..\Run: [igfxtray] rem ; C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] rem ; C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] rem ; C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IMSCMig] rem ; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [TkBellExe] rem "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [iparmor] C:\木马克星\Iparmor\Iparmor.exe mini
O4 - HKLM\..\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - HKLM\..\Run: [RavTask] "C:\瑞星\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "C:\瑞星\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [Windows木马防火墙] C:\Windows木马清道夫\Trojanwall.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra ''Tools'' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder

Network\Thunder\Thunder.exe
O9 - Extra button: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Herosoft\HeroV8\STHSDVD.EXE
O9 - Extra ''Tools'' menuitem: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Herosoft\HeroV8\STHSDVD.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O23 - Service: COM+ System Application (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing)
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\瑞星\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\瑞星

\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\瑞星

\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\瑞星\Rising\Rav\Ravmond.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing)



您看有没有问题?
………………

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O23 - Service: COM+ System Application (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing)
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing)


建议:在安全模式下,用HJ修复上述项目。

另:请用IceSword找找,看看C:\WINDOWS\system32\dllhost.exe 是否确已被删除了。如果没删,请顺手删除。
gototop
 
不动如山
头像
飘泊而立狮
  • 帖子:740
  • 注册: 2005-01-14
  • 来自:
发表于: 2007-04-02 17:59 | 短消息 资料
字号: 33楼

baohe,怎么才知道注册表被改了哪里?
gototop
 
baohe
头像
大版主
  • 帖子:72578
  • 注册: 2003-04-10
  • 来自:
年度优秀版主奖端午辟邪香囊卡卡名人堂就爱不长大论坛9周年纪念09欢乐圣诞十周年年度风云人物2012我眼中的你们茶馆劳模瑞星金牌用户十一周年勋章
发表于: 2007-04-02 18:02 | 只看楼主 短消息 资料
字号: 34楼

引用:
【不动如山的贴子】baohe,怎么才知道注册表被改了哪里?
………………

我用Tiny的Track'nReverse监控。
设置好SSM的“注册表”模块以及日志记录内容,用SSM也行。
gototop
 
zheng882006
头像
初生襁褓狮
  • 帖子:18
  • 注册: 2007-03-31
  • 来自:
发表于: 2007-04-02 21:32 | 短消息 资料
字号: 35楼

目前在我的系统中还有以下文件:

C:\WINDOWS\system32\mag_hook.dll
C:\WINDOWS\system32\dllcache\mag_hook.dll

C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf
C:\WINDOWS\system32\dllcache\svchost.exe

C:\WINDOWS\system32\Winlogon.exe
C:\WINDOWS\system32\dllcache\Winlogon.exe

C:\WINDOWS\system32\ups.exe
C:\WINDOWS\system32\dllcache\ups.exe

C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllcache\dllhost.exe

用HijackThis扫描系统目前为:

Logfile of HijackThis v1.99.1
Scan saved at 21:03:55, on 2007-4-2
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\瑞星杀毒\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\瑞星杀毒\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
c:\瑞星杀毒\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
c:\瑞星杀毒\rising\rfw\RfwMain.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\木马克星\Iparmor\Iparmor.exe
C:\Program Files\Rising\AntiSpyware\runiep.exe
C:\瑞星杀毒\Rising\Rav\RavTask.exe
C:\Windows木马清道夫\Trojanwall.exe
C:\瑞星杀毒\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
D:\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {672AF8C7-19FA-485A-A82E-2642E15375B6} - C:\Windows木马清道夫\FygIEmon.dll (file missing)
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] rem ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] rem ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] rem ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SysExplr] rem ; C:\Herosoft\HeroV8\SysExplr.EXE
O4 - HKLM\..\Run: [igfxtray] rem ; C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] rem ; C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] rem ; C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IMSCMig] rem ; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [iparmor] C:\木马克星\Iparmor\Iparmor.exe mini
O4 - HKLM\..\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - HKLM\..\Run: [RavTask] "C:\瑞星杀毒\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "C:\瑞星杀毒\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [Windows木马防火墙] C:\Windows木马清道夫\Trojanwall.exe
O4 - HKLM\..\RunOnce: [KKDelay] C:\Program Files\Rising\AntiSpyware\RunOnce.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Herosoft\HeroV8\STHSDVD.EXE
O9 - Extra 'Tools' menuitem: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Herosoft\HeroV8\STHSDVD.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\瑞星杀毒\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\瑞星杀毒\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\瑞星杀毒\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\瑞星杀毒\Rising\Rav\Ravmond.exe

不知是不是灰鸽子? 我的电脑感觉给监控了,有时很慢.


  请版主帮忙解难.
gototop
 
well1001
头像
初生襁褓狮
  • 帖子:54
  • 注册: 2007-01-17
  • 来自:
发表于: 2007-04-03 00:12 | 短消息 资料
字号: 36楼

学习中
gototop
 
黄河到海
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2006-11-05
  • 来自:
发表于: 2007-04-03 01:27 | 短消息 资料
字号: 37楼

========Content========
19,.瑞星公司是不是在搞鬼啊?连简单的木马,蠕虫都杀不掉.我的硬盘D,E,F,双击打不开,因为丢失了ntoskrnl文件,而且还原c盘后防火墙不能升级了.我是买的 正版的从未转借别人啊!可是杀毒软件又可以升级的,怪了???  你能赐教吗?谢谢!
gototop
 
努力学习技术
头像
初生襁褓狮
  • 帖子:37
  • 注册: 2007-01-28
  • 来自:
发表于: 2007-04-03 11:46 | 短消息 资料
字号: 38楼

学习中,,
gototop
 
另壶冲
头像
拙长孩提狮
  • 帖子:152
  • 注册: 2005-09-30
  • 来自:
发表于: 2007-04-03 14:04 | 短消息 资料
字号: 39楼

原来新版不建服务项了。。。
gototop
 
simon482
头像
初生襁褓狮
  • 帖子:12
  • 注册: 2007-01-26
  • 来自:
发表于: 2007-04-03 14:18 | 短消息 资料
字号: 40楼

我们公司也有很多这个病毒啊。rising查杀不到
gototop
 
<<上一主题|下一主题>>
123456   4  /  6  页   跳转
页面顶部
Powered by Discuz!NT