为什么杀了一个灰鸽子还有一个?大侠帮忙看看日志啊,谢谢
我先发现一个:Gray_Pigeon_Server在C:/windows/server.exe下,进安全模式,删除整个键值,开机还是有:
2005-12-06 22:40:14, IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE ->Backdoor.GPigeon.smd
又做扫描:
O23 - NT 服务: DriveHealth - Helexis Software Development - D:\Program Files\Helexis\Drive Health\dhcore.exe
O23 - NT 服务: Exqlorer - Unknown owner - C:\WINDOWS\Grass.exe
O23 - NT 服务: HDD Temperature (HDDTService) - PalickSoft - D:\Program Files\Palick Soft\HDD Temperature Pro\HDDTsvc.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)
请问哪个是啊?
谢谢啦
