12   1  /  2  页   跳转

中了灰鸽子.

收藏
xiaotinve
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2005-02-18
  • 来自:
发表于: 2005-10-18 17:07 | 只看楼主 短消息 资料
字号: 1楼

中了灰鸽子.

想用HijackThis 扫描日志 让大家帮帮我.
但是现在打开HijackThis的时候 就弹出一个对话诓

(没有找到 MSVBVM60.DLL,因此这个引用程序未能启动.重新安装应用程序可能会修复此问题)

是什么问题呢.
最后编辑2005-10-18 17:42:47
分享到:
gototop
 
独孤豪侠
头像
横据古稀狮
  • 帖子:11896
  • 注册: 2005-08-10
  • 来自:花果山
发表于: 2005-10-18 17:09 | 短消息 资料
字号: 2楼

重新下载地址是:http://forum.ikaka.com/topic.asp?board=28&artid=6979213一楼
gototop
 
xiaotinve
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2005-02-18
  • 来自:
发表于: 2005-10-18 17:16 | 只看楼主 短消息 资料
字号: 3楼

各位帮帮忙.我中了灰鸽子...
下面是我扫描的日志,拜托各位高手帮我看下!

Logfile of HijackThis v1.99.1
Scan saved at 17:13:27, on 2005-10-18
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\sys\rising2004\Rav\RavMon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\SYS\RISING2004\RAV\CCENTER.EXE
C:\SYS\RISING2004\RAV\Ravmond.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\SYS\RISING2004\RAV\RavStub.exe
F:\Tencent\qq2005B3\QQ.exe
F:\Tencent\QQ2005B1\TIMPlatform.exe
C:\Program Files\Rising\Rfw\rfwmain.exe
C:\Program Files\Rising\Rfw\rfwsrv.exe
C:\Program Files\eMule\eMule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Sandai Technologies Inc\Thunder\TDUpdate.exe
C:\Documents and Settings\Bluewater\桌面\HijackThis.exe

R3 - Default URLSearchHook is missing
O1 - Hosts: 219.147.217.74 www.wwwggg.com
O1 - Hosts: 219.147.217.74 www.1717333.com
O1 - Hosts: 219.147.217.74 www.bb999.com
O1 - Hosts: 219.147.217.74 www.5073.com
O1 - Hosts: 219.147.217.74 www.wg999.com
O1 - Hosts: 219.147.217.74 www.txwg.com
O1 - Hosts: 219.147.217.74 www.d186.com
O1 - Hosts: 219.147.217.74 www.51wg.com
O1 - Hosts: 219.147.217.74 www.77wg.com
O1 - Hosts: 219.147.217.74 www.365sky.com
O1 - Hosts: 219.147.217.74 www.gameswg.com
O1 - Hosts: 219.147.217.74 www.5dgame.com
O1 - Hosts: 219.147.217.74 www.ttee.com
O1 - Hosts: 219.147.217.74 www.comv9.com
O1 - Hosts: 219.147.217.74 www.95wg.com
O1 - Hosts: 219.147.217.74 www.jxwg.com
O1 - Hosts: 219.147.217.74 www.wgwang.com
O1 - Hosts: 219.147.217.74 www.wgxz.com
O1 - Hosts: 219.147.217.74 www.91333.com
O1 - Hosts: 219.147.217.74 www.wg86.com
O1 - Hosts: 219.147.217.74 www.skyxz.com
O1 - Hosts: 219.147.217.74 www.tywg.com
O1 - Hosts: 219.147.217.74 www.py126.com
O1 - Hosts: 219.147.217.74 www.banbancq.com
O1 - Hosts: 219.147.217.74 www.92wg.com
O1 - Hosts: 219.147.217.74 www.9wg.com
O1 - Hosts: 219.147.217.74 www.jxtool.com
O1 - Hosts: 219.147.217.74 www.wg-xz.com
O1 - Hosts: 219.147.217.74 www.7ywg.com
O1 - Hosts: 219.147.217.74 www.hahawg.com
O1 - Hosts: 219.147.217.74 www.comv8.com
O1 - Hosts: 219.147.217.74 www.andown.com
O1 - Hosts: 219.147.217.74 www.gm169.com
O1 - Hosts: 219.147.217.74 www.wgshop.com
O1 - Hosts: 219.147.217.74 www.wolvip.com
O1 - Hosts: 219.147.217.74 www.9csf.com
O1 - Hosts: 219.147.217.74 www.mir222.com
O1 - Hosts: 219.147.217.74 www.py999.com
O1 - Hosts: 219.147.217.74 www.pycq.com
O1 - Hosts: 219.147.217.74 www.newpy.com
O1 - Hosts: 219.147.217.74 www.py173.com
O1 - Hosts: 219.147.217.74 www.wggame.com
O1 - Hosts: 219.147.217.74 www.wgzzz.com
O1 - Hosts: 219.147.217.74 www.117799.com
O1 - Hosts: 219.147.217.74 www.wgsky.com
O1 - Hosts: 219.147.217.74 www.wg00.com
O1 - Hosts: 219.147.217.74 www.wg8.com
O1 - Hosts: 219.147.217.74 www.wgx8.com
O1 - Hosts: 219.147.217.74 www.139wg.com
O1 - Hosts: 219.147.217.74 www.wgdd.com
O1 - Hosts: 219.147.217.74 www.lxwg.com
O1 - Hosts: 219.147.217.74 www.ly888.com
O1 - Hosts: 219.147.217.74 www.heiyun.com
O1 - Hosts: 219.147.217.74 www.mir888.com
O1 - Hosts: 219.147.217.74 www.chiyue.com
O1 - Hosts: 219.147.217.74 www.waigua8.com
O1 - Hosts: 219.147.217.74 www.wwwggg.net
O1 - Hosts: 219.147.217.74 www.1717333.net
O1 - Hosts: 219.147.217.74 www.bb999.net
O1 - Hosts: 219.147.217.74 www.5073.net
O1 - Hosts: 219.147.217.74 www.wg999.net
O1 - Hosts: 219.147.217.74 www.txwg.net
O1 - Hosts: 219.147.217.74 www.d186.net
O1 - Hosts: 219.147.217.74 www.51wg.net
O1 - Hosts: 219.147.217.74 www.77wg.net
O1 - Hosts: 219.147.217.74 www.365sky.net
O1 - Hosts: 219.147.217.74 www.gameswg.net
O1 - Hosts: 219.147.217.74 www.5dgame.net
O1 - Hosts: 219.147.217.74 www.ttee.net
O1 - Hosts: 219.147.217.74 www.comv9.net
O1 - Hosts: 219.147.217.74 www.95wg.net
O1 - Hosts: 219.147.217.74 www.jxwg.net
O1 - Hosts: 219.147.217.74 www.wgwang.net
O1 - Hosts: 219.147.217.74 www.wgxz.net
O1 - Hosts: 219.147.217.74 www.91333.net
O1 - Hosts: 219.147.217.74 www.wg86.net
O1 - Hosts: 219.147.217.74 www.skyxz.net
O1 - Hosts: 219.147.217.74 www.tywg.net
O1 - Hosts: 219.147.217.74 www.py126.net
O1 - Hosts: 219.147.217.74 www.banbancq.net
O1 - Hosts: 219.147.217.74 www.92wg.net
O1 - Hosts: 219.147.217.74 www.9wg.net
O1 - Hosts: 219.147.217.74 www.jxtool.net
O1 - Hosts: 219.147.217.74 www.wg-xz.net
O1 - Hosts: 219.147.217.74 www.7ywg.net
O1 - Hosts: 219.147.217.74 www.hahawg.net
O1 - Hosts: 219.147.217.74 www.comv8.net
O1 - Hosts: 219.147.217.74 www.andown.net
O1 - Hosts: 219.147.217.74 www.gm169.net
O1 - Hosts: 219.147.217.74 www.wgshop.net
O1 - Hosts: 219.147.217.74 www.wolvip.net
O1 - Hosts: 219.147.217.74 www.9csf.net
O1 - Hosts: 219.147.217.74 www.mir222.net
O1 - Hosts: 219.147.217.74 www.py999.net
O1 - Hosts: 219.147.217.74 www.pycq.net
O1 - Hosts: 219.147.217.74 www.newpy.net
O1 - Hosts: 219.147.217.74 www.py173.net
O1 - Hosts: 219.147.217.74 www.wggame.net
O1 - Hosts: 219.147.217.74 www.wgzzz.net
O1 - Hosts: 219.147.217.74 www.117799.net
O1 - Hosts: 219.147.217.74 www.wgsky.net
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F57} - C:\WINDOWS\System32\THUNDE~1.DLL
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: DownloadBHO T2BHO - {B1D147E7-873E-4909-8127-695D9BB78728} - C:\WINDOWS\Downloaded Program Files\barhelp22.0.dll
O2 - BHO: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Dr.eye WebPage Translation - {92B255FE-94E2-4BCA-958D-3926CE38913F} - C:\PROGRA~1\Inventec\Dreye\DreyeMT\DREYEI~1.DLL
O3 - Toolbar: (no name) - {B225B89D-5E95-4194-98E8-149993071B31} - (no file)
O3 - Toolbar: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: 瑞星监控中心.lnk = C:\sys\rising2004\Rav\RavMon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Sandai Technologies Inc\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Sandai Technologies Inc\Thunder\getAllurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\Tencent\qq2005B3\AddToNetDisk.htm
O8 - Extra context menu item: 使用Kugoo下载 - C:\PROGRA~1\KUGOO2\KugooDownX.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\Tencent\qq2005B3\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\Tencent\qq2005B3\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\Tencent\qq2005B3\SendMMS.htm
O9 - Extra button: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O9 - Extra 'Tools' menuitem: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O16 - DPF: {169B0044-1CD6-4EFE-A5D8-AEC69797A953} (AvlPing Control) - http://benchmark.avl.com.cn/cab/avlPing.cab
O16 - DPF: {28E0FA88-ABA8-4937-A247-3031F1A11165} - http://pi.51.net/download/diybar2.cab
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} (天下搜索) - http://iebar.t2t2.com/iebar.cab
O16 - DPF: {6BB0C189-3676-4711-AA75-E2801D6B0E27} (AvlFTP Control) - http://benchmark.avl.com.cn/cab/avlFtp.cab
O16 - DPF: {98A62E3F-A8C5-4EF0-8A00-C70CF9D18A89} (LoaderCore Class) - http://tb.sogou.com/DLLoader.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/ravkill/rsonline.cab
O20 - AppInit_DLLs: apihookdll.dll
O23 - Service: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - C:\WINDOWS\G_Server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - C:\Program Files\Rising\Rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\SYS\RISING2004\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\SYS\RISING2004\RAV\Ravmond.exe
gototop
 
独孤豪侠
头像
横据古稀狮
  • 帖子:11896
  • 注册: 2005-08-10
  • 来自:花果山
发表于: 2005-10-18 17:17 | 短消息 资料
字号: 4楼

O23 - Service: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - C:\WINDOWS\G_Server.exe鸽子~
建议修复所有01项
gototop
 
xiaotinve
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2005-02-18
  • 来自:
发表于: 2005-10-18 17:21 | 只看楼主 短消息 资料
字号: 5楼

要怎么样才能修复01项呢.
gototop
 
独孤豪侠
头像
横据古稀狮
  • 帖子:11896
  • 注册: 2005-08-10
  • 来自:花果山
发表于: 2005-10-18 17:22 | 短消息 资料
字号: 6楼

晕,在HJ工具扫描完后不是有个修复按钮吗???
gototop
 
xiaotinve
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2005-02-18
  • 来自:
发表于: 2005-10-18 17:24 | 只看楼主 短消息 资料
字号: 7楼

是不是这样.



Logfile of HijackThis v1.99.1
Scan saved at 17:23:53, on 2005-10-18
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\sys\rising2004\Rav\RavMon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\SYS\RISING2004\RAV\CCENTER.EXE
C:\SYS\RISING2004\RAV\Ravmond.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\SYS\RISING2004\RAV\RavStub.exe
F:\Tencent\qq2005B3\QQ.exe
F:\Tencent\QQ2005B1\TIMPlatform.exe
C:\Program Files\Rising\Rfw\rfwmain.exe
C:\Program Files\Rising\Rfw\rfwsrv.exe
C:\Program Files\eMule\eMule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Sandai Technologies Inc\Thunder\TDUpdate.exe
C:\Documents and Settings\Bluewater\桌面\HijackThis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F57} - C:\WINDOWS\System32\THUNDE~1.DLL
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: DownloadBHO T2BHO - {B1D147E7-873E-4909-8127-695D9BB78728} - C:\WINDOWS\Downloaded Program Files\barhelp22.0.dll
O2 - BHO: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Dr.eye WebPage Translation - {92B255FE-94E2-4BCA-958D-3926CE38913F} - C:\PROGRA~1\Inventec\Dreye\DreyeMT\DREYEI~1.DLL
O3 - Toolbar: (no name) - {B225B89D-5E95-4194-98E8-149993071B31} - (no file)
O3 - Toolbar: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: 瑞星监控中心.lnk = C:\sys\rising2004\Rav\RavMon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Sandai Technologies Inc\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Sandai Technologies Inc\Thunder\getAllurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\Tencent\qq2005B3\AddToNetDisk.htm
O8 - Extra context menu item: 使用Kugoo下载 - C:\PROGRA~1\KUGOO2\KugooDownX.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\Tencent\qq2005B3\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\Tencent\qq2005B3\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\Tencent\qq2005B3\SendMMS.htm
O9 - Extra button: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O9 - Extra 'Tools' menuitem: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O16 - DPF: {169B0044-1CD6-4EFE-A5D8-AEC69797A953} (AvlPing Control) - http://benchmark.avl.com.cn/cab/avlPing.cab
O16 - DPF: {28E0FA88-ABA8-4937-A247-3031F1A11165} - http://pi.51.net/download/diybar2.cab
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} (天下搜索) - http://iebar.t2t2.com/iebar.cab
O16 - DPF: {6BB0C189-3676-4711-AA75-E2801D6B0E27} (AvlFTP Control) - http://benchmark.avl.com.cn/cab/avlFtp.cab
O16 - DPF: {98A62E3F-A8C5-4EF0-8A00-C70CF9D18A89} (LoaderCore Class) - http://tb.sogou.com/DLLoader.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/ravkill/rsonline.cab
O20 - AppInit_DLLs: apihookdll.dll
O23 - Service: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - C:\WINDOWS\G_Server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - C:\Program Files\Rising\Rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\SYS\RISING2004\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\SYS\RISING2004\RAV\Ravmond.exe
gototop
 
xiaotinve
头像
初生襁褓狮
  • 帖子:23
  • 注册: 2005-02-18
  • 来自:
发表于: 2005-10-18 17:26 | 只看楼主 短消息 资料
字号: 8楼

引用:
【独孤豪侠的贴子】晕,在HJ工具扫描完后不是有个修复按钮吗???

...........................


哈哈 我笨嘛.
请问这个病毒要怎么样才能删除.
gototop
 
独孤豪侠
头像
横据古稀狮
  • 帖子:11896
  • 注册: 2005-08-10
  • 来自:花果山
发表于: 2005-10-18 17:26 | 短消息 资料
字号: 9楼

嗯,现在你就专心对付鸽子了
gototop
 
独孤豪侠
头像
横据古稀狮
  • 帖子:11896
  • 注册: 2005-08-10
  • 来自:花果山
发表于: 2005-10-18 17:34 | 短消息 资料
字号: 10楼

O23 - Service: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - C:\WINDOWS\G_Server.exe
打开注册表编辑器,定位到HKEY_LOCAL_MACHINE\ SYSTEM \ CURRENTCONTROLSET \ SERVICES分支,删除左栏中的病毒服务名GrayPigeonServer。然后在c:\windows\下找到以G_Server开头的所有文件,能找几个删几个。
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT