【求助】开着瑞星还是中了Backdoor.Gpigeon.tju 标，日志已扫描请高手赐教

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【求助】开着瑞星还是中了Backdoor.Gpigeon.tju 标，日志已扫描请高手赐教

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1 / 1 页

跳转页

【求助】开着瑞星还是中了Backdoor.Gpigeon.tju 标，日志已扫描请高手赐教

琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:	发表于： 2006-08-16 09:25 \| 显示全部短消息资料字号：小中大 1楼【求助】开着瑞星还是中了Backdoor.Gpigeon.tju 标，日志已扫描请高手赐教从前天开始每次开机监控就会显示查杀到 Backdoor.Gpigeon.tju ，总也杀不完，下载了专用的查杀软件也不行。无奈只好用HijackThis扫描了一下，把日志贴上来，请高手帮帮忙，谢谢了。 Logfile of HijackThis v1.99.1 Scan saved at 9:15:32, on 2006-8-16 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe D:\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE c:\rising\rfw\rfwsrv.exe D:\Rising\Rav\RavTask.exe C:\Rising\Rfw\rfwmain.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Rising\Rav\Ravmond.exe D:\Rising\Rav\RAVMON.EXE D:\Rising\Rav\RavStub.exe C:\Program Files\Internet Explorer\iexplore.exe D:\Rising\Rav\RsLogVw.exe F:\软件备份\新建文件夹\ha_hijackthis_1991\HijackThis.exe O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v13.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RavTask] "D:\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [RfwMain] "C:\Rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\qq\AddToNetDisk.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm O8 - Extra context menu item: 用迅雷下载(&D) - D:\Program Files\Thunder5.1.3.168\geturl.htm O8 - Extra context menu item: 用迅雷下载全部(&A) - D:\Program Files\Thunder5.1.3.168\getallurl.htm O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1155179666061 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155179646404 O17 - HKLM\System\CCS\Services\Tcpip\..\{60A4AF27-5F1F-4A41-803E-03B8AF55D26F}: NameServer = 61.177.7.1 221.228.255.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Inerver (PigeonServer) - Unknown owner - C:\WINDOWS\ienrver.exe O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\CCenter.exe O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\Ravmond.exe 2006-08-17 08:45:04
琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:	分享到：

初生襁褓狮

帖子:50
注册: 2004-08-09
来自:

发表于： 2006-08-16 09:31 | 显示全部 短消息资料

字号：小中大 2楼

引用:

【灞波儿奔的贴子】估计你和我一样哦.好象O23 - Service: Inerver (PigeonServer) - Unknown owner - C:\WINDOWS\ienrver.exe有问题.期待高手帮忙~~~~~
………………

可能性很大

初生襁褓狮

帖子:50
注册: 2004-08-09
来自:

发表于： 2006-08-16 10:03 | 显示全部 短消息资料

字号：小中大 3楼

引用:

【caoyangfeng的贴子】我的电脑CPU老是100%。其中Isass.exe占用50%，Rfwsrv.exe占用47%
Ravmon.exe异常动不动就占用50%以上请各位大峡看看。
一下是我的日志：
Logfile of HijackThis v1.99.1
Scan saved at 9:19:28, on 2006-8-16
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\drivers\CDAC11BA.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\NMSSvc.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\spool\ugplot\ugiipqd.exe
D:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\Explorer.EXE
D:\Program Files\EDS\License Servers\UGNXFLEXlm\uglmd.exe
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\RTHDCPL.EXE
C:\PROGRA~1\baigoo\bgoomain.exe
C:\Program Files\CNNIC\Cdn\cdnup.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINNT\system32\conime.exe
D:\Program Files\TENCENT\QQ\QQ.exe
D:\Program Files\TENCENT\QQ\TIMPlatform.exe
C:\Documents and Settings\yk\桌面\HijackThis.exe

R3 - URLSearchHook: (no name) - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - (no file)
R3 - URLSearchHook: SgUrlSearHook Class - {BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - C:\WINNT\system32\socul.dll
O2 - BHO: SohuDAIEHelper - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - C:\Program Files\P4P\sodaie.dll (file missing)
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O2 - BHO: bg - {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} - C:\Program Files\baigoo\BGooBHO.dll
O2 - BHO: MAngle Class - {9A556B8F-FD02-420E-A1FD-9DB33808254E} - C:\Program Files\MySec\secmouseaan.dll
O2 - BHO: QoiWjhwd Class - {A3A50391-B918-D4A0-E0C1-7A0AD02B7892} - C:\WINNT\DOWNLO~1\kpmcuvu.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll
O3 - Toolbar: My 网蜜(&M) - {102293E4-758B-4483-946B-714EBCEC91B8} - C:\Program Files\MySec\secbaraan.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\system32\KakaTool.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MSConfig] H:\win2000msconfig\MSCONFIG\msconfigWinXP\msconfig.exe /auto
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [SECUPDATE] C:\Program Files\MySec\secupdateaan.exe -sv
O4 - HKLM\..\Run: [bgoomain.exe] C:\PROGRA~1\baigoo\bgoomain.exe
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - Global Startup: Microtek 扫描仪探测器.lnk = C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe
O8 - Extra context menu item: !直接打开链接 - res://C:\Program Files\MySec\secmouseaan.dll/seopenurl.html
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\TENCENT\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用百度搜索 - res://C:\Program Files\MySec\secmouseaan.dll/sesch_bd.html
O8 - Extra context menu item: 加入365ＭＹ收藏夹(&U) - http://www.365my.com/rclick/add_url.php
O8 - Extra context menu item: 加入365ＭＹ网摘(&N) - http://www.365my.com/rclick/add_net.php
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\TENCENT\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\TENCENT\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\TENCENT\QQ\SendMMS.htm
O8 - Extra context menu item: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm
O9 - Extra button: My网蜜 - {102293E4-758B-4483-946B-714EBCEC91B8} - C:\Program Files\MySec\secbaraan.dll
O9 - Extra ''Tools'' menuitem: My网蜜 - {102293E4-758B-4483-946B-714EBCEC91B8} - C:\Program Files\MySec\secbaraan.dll
O9 - Extra button: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - Extra ''Tools'' menuitem: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra ''Tools'' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\cdnns.dll
O11 - Options group: [CDNCLIENT] 中文上网
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - //C:\TempEI4\EI40_\msxml4.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINNT\system32\drivers\CDAC11BA.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINNT\system32\NMSSvc.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: Unigraphics Plot Server (ugiipqd) (ugiipqd) - Unigraphics Solutions, Inc - C:\WINNT\system32\spool\ugplot\ugiipqd.exe
O23 - Service: Unigraphics License Server (uglmd) - Macrovision Corporation - D:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe

………………

怎么跑我的帖子里来了，自己开一贴呀

琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:	发表于： 2006-08-16 11:56 \| 显示全部短消息资料字号：小中大 4楼难道没人知道吗？版主呢
琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:

琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:	发表于： 2006-08-16 16:16 \| 显示全部短消息资料字号：小中大 5楼一直等
琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:

琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:	发表于： 2006-08-16 16:41 \| 显示全部短消息资料字号：小中大 6楼有点失望了，难道真没有人知道吗
琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:

琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:	发表于： 2006-08-17 08:09 \| 显示全部短消息资料字号：小中大 7楼麻烦哪位告诉一下好吗
琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:

初生襁褓狮

帖子:50
注册: 2004-08-09
来自:

发表于： 2006-08-17 08:28 | 显示全部 短消息资料

字号：小中大 8楼

引用:

【newcenturymoon的贴子】【回复“琴川烟雨”的帖子】
C:\WINDOWS\ienrver.exe请发送到 newcenturysun@eyou.com谢谢
开始运行输入 services.msc 找到Inerver (PigeonServer) 双击停止并且将启动类型改为已禁用
开始运行输入regedit 分别定位到HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet00X\Services（X代表任意，比如1，2 ，3……）

查找Inerver (PigeonServer) 目录，查到的清删除整个目录
重启计算机
显示所有文件并且显示隐藏的系统文件
删除如下文件C:\WINDOWS\ienrver.exe
………………

C:\WINDOWS\ienrver.exe这个文件找不到，Inerver启动被禁用了，但是本来就显示未启用。注册表看了半天没找到Inerver的目录，一共三个ControlSet001，ControlSet002，
CurrentControlSet，都没有，兄弟怎么办啊

琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:	发表于： 2006-08-17 08:53 \| 显示全部短消息资料字号：小中大 9楼解决了，谢谢兄弟啊
琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:

<<上一主题|下一主题>>

1 / 1 页

跳转页

琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:	发表于： 2006-08-16 09:25 \| 显示全部短消息资料字号：小中大 1楼【求助】开着瑞星还是中了Backdoor.Gpigeon.tju 标，日志已扫描请高手赐教从前天开始每次开机监控就会显示查杀到 Backdoor.Gpigeon.tju ，总也杀不完，下载了专用的查杀软件也不行。无奈只好用HijackThis扫描了一下，把日志贴上来，请高手帮帮忙，谢谢了。 Logfile of HijackThis v1.99.1 Scan saved at 9:15:32, on 2006-8-16 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe D:\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE c:\rising\rfw\rfwsrv.exe D:\Rising\Rav\RavTask.exe C:\Rising\Rfw\rfwmain.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Rising\Rav\Ravmond.exe D:\Rising\Rav\RAVMON.EXE D:\Rising\Rav\RavStub.exe C:\Program Files\Internet Explorer\iexplore.exe D:\Rising\Rav\RsLogVw.exe F:\软件备份\新建文件夹\ha_hijackthis_1991\HijackThis.exe O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v13.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RavTask] "D:\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [RfwMain] "C:\Rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\qq\AddToNetDisk.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm O8 - Extra context menu item: 用迅雷下载(&D) - D:\Program Files\Thunder5.1.3.168\geturl.htm O8 - Extra context menu item: 用迅雷下载全部(&A) - D:\Program Files\Thunder5.1.3.168\getallurl.htm O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1155179666061 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155179646404 O17 - HKLM\System\CCS\Services\Tcpip\..\{60A4AF27-5F1F-4A41-803E-03B8AF55D26F}: NameServer = 61.177.7.1 221.228.255.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Inerver (PigeonServer) - Unknown owner - C:\WINDOWS\ienrver.exe O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\CCenter.exe O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\Ravmond.exe 2006-08-17 08:45:04
琴川烟雨初生襁褓狮帖子:50 注册: 2004-08-09 来自:	分享到：

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】开着瑞星还是中了Backdoor.Gpigeon.tju 标，日志已扫描请高手赐教

【求助】开着瑞星还是中了Backdoor.Gpigeon.tju 标，日志已扫描请高手赐教

【求助】开着瑞星还是中了Backdoor.Gpigeon.tju 标，日志已扫描请高手赐教

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛【求助】开着瑞星还是中了Backdoor.Gpigeon.tju 标，日志已扫描请高手赐教