急切求助各位高手老大！灰鸽子怎么杀不干净？？ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛急切求助各位高手老大！灰鸽子怎么杀不干净？？

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1 23

3 / 3 页

跳转页

急切求助各位高手老大！灰鸽子怎么杀不干净？？

clc777 初生襁褓狮帖子:21 注册: 2006-05-18 来自:	发表于： 2006-05-19 12:42 \| 显示全部短消息资料字号：小中大 21楼未知家族病毒分析扫描结果: C:\Program Files\Internet Explorer\IEXPLORE.EXE --> 与 Backdoor.Gpigeon 72%相似. 系统活动进程 C:\WINDOWS\SYSTEM32\WDFMGR.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\SYSTEM32\WDMAUD.DRV C:\WINDOWS\SYSTEM32\MSACM32.DRV C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPDSXX.DLL C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPDXXX.DLL C:\PROGRA~1\CNNIC\CDN\CDNSPIE.DLL C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE C:\PROGRAM FILES\RISING\RFW\RSGUILIB.DLL C:\PROGRAM FILES\RISING\RFW\RSCOMMON.DLL C:\PROGRAM FILES\RISING\RFW\PNGDLL.DLL C:\PROGRA~1\CNNIC\CDN\CDNSPIE.DLL C:\WINDOWS\VSNPSTD3.EXE C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\PROGRA~1\CNNIC\CDN\CDNSPIE.DLL D:\PROGRAM FILES\RINGZ STUDIO\STORM DOWNLOADER\STORMDOWNLOADER.EXE D:\PROGRAM FILES\RINGZ STUDIO\STORM DOWNLOADER\BOOST_THREAD-VC6-MT-1_31.DLL C:\PROGRA~1\CNNIC\CDN\CDNSPIE.DLL C:\WINDOWS\SYSTEM32\SMSS.EXE C:\WINDOWS\SYSTEM32\CSRSS.EXE C:\WINDOWS\SYSTEM32\WINLOGON.EXE C:\WINDOWS\SYSTEM32\SSMWINLOGONEX.DLL C:\WINDOWS\SYSTEM32\WDMAUD.DRV C:\WINDOWS\SYSTEM32\MSACM32.DRV C:\WINDOWS\SYSTEM32\SERVICES.EXE C:\WINDOWS\SYSTEM32\LSASS.EXE C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\CTFMON.EXE C:\PROGRA~1\CNNIC\CDN\CDNSPIE.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\PROGRA~1\IE-BAR\CAST\DMIPN.DLL C:\PROGRA~1\CNNIC\CDN\CDNSPIE.DLL C:\PROGRA~1\IE-BAR\CAST\DMSHELL.DLL C:\PROGRA~1\IE-BAR\CAST\215~1.0\DMPLAYER.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE C:\PROGRAM FILES\RISING\RFW\RFWRULE.DLL C:\PROGRAM FILES\RISING\RFW\RFWLOG.DLL C:\PROGRAM FILES\RISING\RFW\RFWDRV.DLL C:\PROGRAM FILES\RISING\RFW\PSAPI.DLL C:\PROGRAM FILES\RISING\RFW\MONDRV.DLL C:\PROGRAM FILES\RISING\RFW\PROCLIB.DLL D:\PROGRAM FILES\RINGZ STUDIO\STORM DOWNLOADER\TDUPDATE.EXE C:\WINDOWS\EXPLORER.EXE C:\PROGRA~1\CNNIC\CDN\CDNSPIE.DLL C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL C:\WINDOWS\SYSTEM32\WDMAUD.DRV C:\WINDOWS\SYSTEM32\MSACM32.DRV C:\PROGRA~1\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL C:\WINDOWS\SYSTEM32\ADSOBJ.DLL C:\PROGRA~1\YAHOO!\ASSIST~1\ASSIST\YDRAGS~1.DLL C:\WINDOWS\SYSTEM32\CACB.DLL C:\WINDOWS\SYSTEM32\HTTPREQ.DLL C:\WINDOWS\SYSTEM32\WEBDLL.DLL C:\WINDOWS\SYSTEM32\ADSHLP2.DLL C:\WINDOWS\SYSTEM32\WIN32HELP02.DLL C:\WINDOWS\SYSTEM32\MSHELPER.DLL C:\WINDOWS\SYSTEM32\RAVEXT.DLL C:\WINDOWS\SYSTEM32\SPOOLSV.EXE C:\WINDOWS\SYSTEM32\ALG.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE D:\RUIXING\RSDETECT.EXE C:\PROGRA~1\CNNIC\CDN\CDNSPIE.DLL 普通自启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ATIPTA = C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE snpstd3 = C:\WINDOWS\VSNPSTD3.EXE NMGameX_AutoRun = C:\WINDOWS\SYSTEM32\RUNDLL32.EXE NMGAMEX.DLL,LIVEPROCESS /AA ExFilter = RUNDLL32.EXE "C:\PROGRA~1\CNNIC\CDN\CDNSPIE.DLL",EXECFILTER SOLO MINI_BFYY = D:\PROGRAM FILES\RINGZ STUDIO\STORM DOWNLOADER\STORMDOWNLOADER.EXE RfwMain = "C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE" -STARTUP RavTask = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM PHIME2002ASync = ; C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /SYNC RavTimer = ; C:\PROGRAM FILES\RISING\RAV\RAVTIMER.EXE SysExplr = ; C:\HEROSOFT\HERO3000\SYSEXPLR.EXE WinampAgent = ; "C:\PROGRAM FILES\WINAMP\WINAMPA.EXE" HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CTFMON.EXE = C:\WINDOWS\SYSTEM32\CTFMON.EXE RegBar = REGSVR32.EXE /U C:\PROGRA~1\BLOGMARK\BOCAITOOLBAR.DLL /S /I /N HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run AboutSys = REGSVR32.EXE MSADDON.DLL /S MSAboutDialog = REGSVR32 XADOWNER.DLL /S AppInit_DLLs HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs = REGSVR32 XADOWNER.DLL /S 系统文件关联 .exe ==> exefile = "%1" %* .com ==> comfile = "%1" %* .cmd ==> cmdfile = "%1" %* .bat ==> batfile = "%1" %* .txt ==> txtfile = %SystemRoot%\system32\NOTEPAD.EXE %1 .scr ==> scrfile = "%1" /S .reg ==> regfile = regedit.exe "%1" .doc ==> Word.Document.8 = "C:\Program Files\Microsoft Office\Office\WINWORD.EXE" /n 其它启动项 WIN.INI 无信息 SYSTEM.INI SHELL = Explorer.exe Winlogon 启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify crypt32chain = CRYPT32.DLL cryptnet = CRYPTNET.DLL cscdll = CSCDLL.DLL ScCertProp = WLNOTIFY.DLL Schedule = WLNOTIFY.DLL sclgntfy = SCLGNTFY.DLL SensLogn = WLNOTIFY.DLL System Safety Monitor = SSMWINLOGONEX.DLL termsrv = WLNOTIFY.DLL wlballoon = WLNOTIFY.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = C:\WINDOWS\SYSTEM32\USERINIT.EXE, shell = EXPLORER.EXE
clc777 初生襁褓狮帖子:21 注册: 2006-05-18 来自:

<<上一主题|下一主题>>

1 23

3 / 3 页

跳转页

页面顶部

Powered by Discuz!NT