广告广告
  加入我的最爱 设为首页 风格修改
首页 首尾
 手机版   订阅   地图  繁体 
您是第 7427 个阅读者
 
发表文章 发表投票 回覆文章
  可列印版   加为IE收藏   收藏主题   上一主题 | 下一主题   
狠小子
数位造型
个人文章 个人相簿 个人日记 个人地图
路人甲
级别: 路人甲 该用户目前不上站
推文 x0 鲜花 x3
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片
推文 x0
[问题讨论] 我家的电脑好像中毒了><请大大帮忙!!
我家的电脑好像中毒了...
小弟家中用的防毒软体是F-Secure Anti-Virus...
现在这个防毒软体跑出这样的警告视窗

Malicious code found in file C:\WINDOWS\SYSTEM32\MSXOS.DLL.
Infection:Packed.NSAnti.p
Action:failed

请问大大这是啥意思.还有要如何解决...
以及小弟用这个防毒软体是否可行...或者有何推荐!
请大大多多帮忙!!


献花 x0 回到顶端 [楼 主] From:台湾 | Posted:2007-06-10 21:42 |
彗星风采 手机
个人头像
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x0 鲜花 x24
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

楼主您应该是用F-secure的防毒软体..
F-secure的防毒能力算是不错了..个人目前也是用这种防毒软体..

至于意思是在您的电脑中发现了恶意程式..


献花 x0 回到顶端 [1 楼] From:台湾中华电信HINET | Posted:2007-06-10 21:51 |
狠小子
数位造型
个人文章 个人相簿 个人日记 个人地图
路人甲
级别: 路人甲 该用户目前不上站
推文 x0 鲜花 x3
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

那大大不好意思...
这样有办法解决吗?


献花 x0 回到顶端 [2 楼] From:台湾 | Posted:2007-06-15 14:48 |
彗星风采 手机
个人头像
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x0 鲜花 x24
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

请先参考置顶文章线上扫毒多家比对看看..
如果病毒无法删除或有重生的情形..
请参考置顶文章贴SREng上来判读..


献花 x0 回到顶端 [3 楼] From:台湾中华电信HINET | Posted:2007-06-16 00:22 |
狠小子
数位造型
个人文章 个人相簿 个人日记 个人地图
路人甲
级别: 路人甲 该用户目前不上站
推文 x0 鲜花 x3
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

麻烦大大了!!

复制程式

2007-06-18,10:30:53

System Repair Engineer 2.4.12.806
Smallfrogs ([url]http://www.KZTechs.com[/url])

Windows XP Professional Service Pack 1 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
    <Yahoo! Pager><"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet>  [(Verified)Yahoo! Inc.]
    <msnmsgr><"C:\Program Files\MSN Messenger\msnmsgr.exe" /background>  [(Verified)Microsoft Corporation]
    <urtd1575c5t5qwv><C:\WINDOWS\crasoa.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [(Verified)"RealNetworks, Inc."]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows XP Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]

==================================
Startup Folders
N/A

==================================
Services
[F-Secure Automatic Update / BackWeb Plug-in - 7681197][Running/Auto Start]
  <D:\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE><F-Secure Automatic Update>
[Boonty Games / Boonty Games][Stopped/Manual Start]
  <"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe"><BOONTY>
[FSGKHS / F-Secure Gatekeeper Handler Starter][Running/Auto Start]
  <"D:\F-Secure\Anti-Virus\fsgk32st.exe"><F-Secure Corp.>
[F-Secure Network Request Broker / F-Secure Network Request Broker][Running/Manual Start]
  <"D:\F-Secure\Common\FNRB32.EXE"><F-Secure Corporation>
[fsbwsys / fsbwsys][Running/Auto Start]
  <"D:\F-Secure\BackWeb\7681197\program\fsbwsys.exe"><F-Secure Corp.>
[F-Secure Anti-Virus Firewall Daemon / FSDFWD][Running/Manual Start]
  <"D:\F-Secure\FWES\Program\fsdfwd.exe"><F-Secure Corporation>
[F-Secure Management Agent / FSMA][Running/Auto Start]
  <"D:\F-Secure\Common\FSMA32.EXE"><F-Secure Corporation>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[PDEngine / PDEngine][Stopped/Manual Start]
  <C:\Program Files\Raxco\PerfectDisk\PDEngine.exe><Raxco Software, Inc.>
[PDScheduler / PDSched][Running/Auto Start]
  <C:\Program Files\Raxco\PerfectDisk\PDSched.exe><Raxco Software, Inc.>
[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]
  <"C:\Program Files\Cyberlink\Shared files\RichVideo.exe"><>
[StarWind iSCSI Service / StarWindService][Running/Auto Start]
  <E:\Alcohol 120\StarWind\StarWindService.exe><Rocket Division Software>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\mspmsnsv.dll><Microsoft Corporation>

==================================
Drivers
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[F-Secure File System Filter / F-Secure Filter][Running/Auto Start]
  <\??\D:\F-Secure\Anti-Virus\Win2K\FSfilter.sys><>
[F-Secure Gatekeeper / F-Secure Gatekeeper][Running/Auto Start]
  <\??\D:\F-Secure\Anti-Virus\Win2K\FSgk.sys><>
[F-Secure File System Recognizer / F-Secure Recognizer][Running/Auto Start]
  <\??\D:\F-Secure\Anti-Virus\Win2K\FSrec.sys><>
[F-Secure Firewall Driver / FSFW][Running/Boot Start]
  <\SystemRoot\System32\drivers\fsdfw.sys><F-Secure Corporation>
[nv / nv][Running/Manual Start]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
  <System32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <System32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[直接平行连接埠连结驱动程式 / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Flashget Catch Url Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <E:\FlashGet\jccatch.dll, [url]www.flashget.com>[/url]
[EpsonToolBandKicker Class]
  {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} <C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll, SEIKO EPSON CORPORATION>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <E:\FlashGet\getflash.dll, >
[D.S.Lite]
  {F8475519-8412-4D40-A46E-692D9D04DF7F} <E:\DSLite2[1].07.45\DSLite2\DSLite.exe, watermonster.org>
[收音机(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[ALiBaBar]
  {0A1375E1-56C2-11D6-8E45-8933A0FB5235} <C:\PROGRA~1\ALiBaBar\ALiBaBar.dll, Alfred, C. S. Li>
[EPSON Web-To-Page]
  {EE5D279F-081B-4404-994D-C6B60AAEBA6D} <C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll, SEIKO EPSON CORPORATION>
[FlashGet]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <E:\FlashGet\fgiebar.dll, Amaze Soft>
[CKAVWebScan Object]
  {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <C:\WINDOWS\System32\Kaspersky Lab\Kaspersky On-line Scanner\kavwebscan.dll, Kaspersky Lab>
[&使用 FlashGet 下载]
  <E:\FlashGet\jc_link.htm, N/A>
[&全部使用 FlashGet 下载]
  <E:\FlashGet\jc_all.htm, N/A>
[Foxy 下载]
  <res://E:\Foxy\Foxy.exe/download.htm, N/A>
[Foxy 搜寻]
  <res://E:\Foxy\Foxy.exe/search.htm, N/A>
[下载编码内容(&D.S.Lite)]
  <E:\DSLite2[1].07.45\DSLite2\dl_text.html, N/A>
[下载编码档案内容(&D.S.Lite)]
  <E:\DSLite2[1].07.45\DSLite2\dl_url.html, N/A>
[汇出至 Microsoft Office Excel(&X)]
  <res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 504][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 568][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 592][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1272][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1221 (xpsp2.030511-1403)]
    [C:\WINDOWS\System32\Msxos.dll]  [N/A, ]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.1.2003110300]
    [E:\FlashGet\fgmgr.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
    [E:\Haali\MatroskaSplitter\mmfinfo.dll]  [N/A, ]
    [E:\Haali\MatroskaSplitter\mkunicode.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Messenger\idle.dll]  [Yahoo! Inc., 1,0,0,2]
    [C:\Program Files\Yahoo!\Messenger\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1460][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3760]
[PID: 1476][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1500][C:\Program Files\MSN Messenger\msnmsgr.exe]  [Microsoft Corporation, 8.1.0178.00]
    [C:\WINDOWS\System32\msdmo.dll]  [, ]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
[PID: 1652][D:\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe]  [F-Secure Automatic Update, Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\6.3.2.116-7681197L\Program\backWeb.dll]  [BackWeb Technologies Inc., Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\6.3.2.116-7681197L\Program\bwsec.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\6.3.2.116-7681197L\Program\clntutil.dll]  [N/A, ]
    [D:\F-Secure\BackWeb\7681197\632~1.116\program\EN\ClientRC.dll]  [BackWeb Technologies Inc., Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\Program\BWfiles-7681197.dll]  [F-Secure Automatic Update, Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\6.3.2.116-7681197L\Program\BWfiles.dll]  [, Version 6.3.2 (Build 116R)]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\6.3.2.116-7681197L\Program\ncast.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\program\fsbwce.dll]  [F-Secure Corporation, 7.01.13]
    [D:\F-Secure\Common\fsexc.dll]  [F-Secure Corporation, 6.05.8452 ]
    [D:\F-Secure\BackWeb\7681197\program\fsbwres.ENG]  [F-Secure Corporation, 7.00.1]
    [d:\f-secure\common\fsld32.dll]  [F-Secure Corporation, 6.05.8452 ]
    [D:\F-Secure\BackWeb\7681197\program\fsbwres.dll]  [F-Secure Corporation, 6.70.707]
    [d:\f-secure\common\fspmapi.dll]  [F-Secure Corporation, 6.05.8452 ]
    [d:\f-secure\common\fsma32.dll]  [F-Secure Corporation, 6.05.8452 ]
    [E:\FlashGet\fgmgr.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
[PID: 1660][C:\WINDOWS\crasos.exe]  [N/A, ]
    [C:\WINDOWS\System32\Msxos.dll]  [N/A, ]
[PID: 3560][C:\WINDOWS\System32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [E:\FlashGet\fgmgr.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [C:\Program Files\Yahoo!\Messenger\idle.dll]  [Yahoo! Inc., 1,0,0,2]
    [C:\Program Files\Yahoo!\Messenger\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1940][E:\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [E:\FlashGet\fgmgr.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [C:\Program Files\Yahoo!\Messenger\idle.dll]  [Yahoo! Inc., 1,0,0,2]
    [C:\Program Files\Yahoo!\Messenger\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [E:\sreng2\Plugins\NWMON.SRE]  [Smallfrogs Studio, 1, 0, 0, 8]
[PID: 4092][C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe]  [Yahoo! Inc., 8,1,0,240]
    [C:\Program Files\Yahoo!\Messenger\idle.dll]  [Yahoo! Inc., 1,0,0,2]
    [C:\Program Files\Yahoo!\Messenger\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Yahoo!\Messenger\pcre.dll]  [Pcre, 3.9]
    [C:\Program Files\Yahoo!\Messenger\YML.dll]  [Yahoo! Inc., 3,0,0,2]
    [C:\Program Files\Yahoo!\Messenger\YImage.dll]  [Yahoo! Inc., 1,0,0,1]
    [C:\Program Files\Yahoo!\Messenger\xmlparse.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Messenger\xmltok.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Messenger\yvoiceui.dll]  [Yahoo! Inc., 1,0,0,1]
    [C:\Program Files\Yahoo!\Messenger\yaudiomgr.dll]  [Yahoo! Inc., 1,0,200,1]
    [C:\Program Files\Yahoo!\Messenger\GIPSVoiceEngineDLL.dll]  [Global IP Sound, 2, 0, 4, 0]
    [C:\Program Files\Yahoo!\Messenger\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Yahoo!\Messenger\id3lib.dll]  [[url]http://www.id3lib.org/[/url], 3.8.3]
    [C:\Program Files\Yahoo!\Messenger\YIniDom.dll]  [, 0, 1, 0, 0]
    [C:\Program Files\Yahoo!\Messenger\YCPFoundation.dll]  [, 1, 0, 0, 0]
    [C:\Program Files\Yahoo!\Messenger\nspr4.dll]  [Netscape Communications Corporation, 4.6.1]
    [C:\Program Files\Yahoo!\Messenger\YPluginRegistry.dll]  [, 1, 0, 0, 0]
    [E:\FlashGet\fgmgr.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [C:\Program Files\Yahoo!\Messenger\ft60.dll]  [Yahoo! Inc., 1,0,0,4]
    [C:\Program Files\Yahoo!\Messenger\res_msgr.dll]  [Yahoo! Inc., 8,5,0,1]
    [C:\Program Files\Yahoo!\Shared\YbSkin2.dll]  [Yahoo! Inc., 2006, 10, 11, 1]
    [C:\Program Files\Yahoo!\Messenger\MyYahoo.dll]  [Yahoo! Inc., 8,0,0,1]
    [C:\Program Files\Yahoo!\Messenger\D32-FW.DLL]  [Distinct Corporation, 3.4.6]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\System32\Macromed\Common\SwSupport.dll]  [Macromedia, Inc., 10.0r210]
    [C:\Program Files\Yahoo!\Messenger\yvoicesm.dll]  [Yahoo! Inc., 1,0,201,1]
    [C:\Program Files\Yahoo!\Messenger\rvsip.dll]  [RADVISION, 3.1.1.30]
    [C:\Program Files\Yahoo!\Messenger\rvcommon.dll]  [RADVISION, 1.0.18]
    [C:\Program Files\Yahoo!\Messenger\rvads.dll]  [RADVISION, 3.1.1.30]
    [C:\Program Files\Yahoo!\Messenger\rvsdp.dll]  [RADVISION, ]
    [C:\Program Files\Yahoo!\Messenger\P2PCE.dll]  [, 1, 0, 0, 0]
    [C:\Program Files\Yahoo!\Messenger\yv_res.dll]  [Yahoo! Inc., 1,0,0,1]
    [C:\Program Files\Yahoo!\Shared\YAlertCenter.dll]  [Yahoo! Inc., 2006, 7, 17, 1]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\1028\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\INK\PENCHT.DLL]  [Microsoft Corporation, 1.0.1038.0]
[PID: 740][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [E:\FlashGet\fgmgr.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll]  [SEIKO EPSON CORPORATION, 1, 0, 0, 0]
    [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.1.2003110300]
    [E:\FlashGet\jccatch.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
    [E:\FlashGet\getflash.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Yahoo!\Messenger\idle.dll]  [Yahoo! Inc., 1,0,0,2]
    [C:\Program Files\Yahoo!\Messenger\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\1028\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL]  [Microsoft Corporation, 7.00.9466]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Program Files\Common Files\Microsoft Shared\INK\PENCHT.DLL]  [Microsoft Corporation, 1.0.1038.0]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL]  [Microsoft Corporation, 5.00.2916.0]
    [C:\WINDOWS\System32\rmoc3260.dll]  [RealNetworks, Inc., 6.0.9.2568]
    [C:\WINDOWS\System32\PNCRT.dll]  [Real Networks, Inc, 6.0.0.0]
    [C:\Program Files\Real\RealPlayer\rpplugins\embd3260.dll]  [RealNetworks, Inc., 6.0.12.1739]
    [C:\Program Files\Common Files\Real\Common\pngu3267.dll]  [RealNetworks, Inc., 6.7.0.2962]
    [C:\Program Files\Common Files\Real\Common\pnrs3260.dll]  [RealNetworks, Inc., 6.0.9.4317]
    [C:\Program Files\Common Files\Real\Common\objb3201.dll]  [RealNetworks, Inc., 0.1.0.6726]
    [C:\Program Files\Real\RealPlayer\rpplugins\rpcl3260.dll]  [RealNetworks, Inc., 6.0.9.3362]
    [C:\Program Files\Real\RealPlayer\rpplugins\rput3260.dll]  [RealNetworks, Inc., 6.0.9.3338]
    [C:\Program Files\Common Files\Real\Common\pnen3260.dll]  [RealNetworks, Inc., 10.0.0.1283]
    [C:\Program Files\Common Files\Real\Plugins\zipf3260.dll]  [RealNetworks, Inc., 6.0.8.2799]
    [C:\Program Files\Common Files\Real\Plugins\vsrlocal.dll]  [RealNetworks, Inc., 10.1.0.1180]
    [C:\Program Files\Common Files\Real\Plugins\vidsite.dll]  [RealNetworks, Inc., 10.0.0.1253]
    [C:\Program Files\Common Files\Real\Plugins\clntxres.dll]  [RealNetworks, Inc., 10.0.0.4181]
    [C:\Program Files\Real\RealPlayer\lang\cdplay_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\dbcomp_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\embed_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\gemctl_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\pngui_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\pdgenxfer_tw.dll]  [RealNetworks, Inc., 6.0.12.299]
    [C:\Program Files\Real\RealPlayer\lang\rjctl_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjeq_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjres_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjskin_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjviz_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjfade_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjdlg_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjmisc_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjprog_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpapp_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpclsvc_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpclutil_tw.dll]  [RealNetworks, Inc., 6.0.12.299]
    [C:\Program Files\Real\RealPlayer\lang\rpdemand_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpdsplyr_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpgutil_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpmnpane_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpplylst_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpwebctl_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\tcdinfo_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\tclsvc_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\tdwnmgr_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\tmp3_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\twave_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\teasdk_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\tearm_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\tmdedit_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\mydevices_tw.dll]  [RealNetworks, Inc., 6.0.12.299]
    [C:\Program Files\Common Files\Real\Plugins\memfsys.dll]  [RealNetworks, Inc., 10.0.0.1219]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1       localhost

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================




献花 x0 回到顶端 [4 楼] From:台湾 | Posted:2007-06-18 10:35 |
彗星风采 手机
个人头像
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x0 鲜花 x24
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片
Re:我家ㄉ电脑好像中毒ㄌ><请大大帮忙!!
请参考以下..
关闭系统还原..清理IE暂存..进入安全模式..
SREng程式..切换至Boot Items分页中的Registry选项..找到下列..
Boot Items
Registry
<urtd1575c5t5qwv><C:\WINDOWS\crasoa.exe> []
点选Delete..按下是删除..

SREng程式..切换至Boot Items分页中的Services中的Win32 Services选项..找到下列..
Services
[Boonty Games / Boonty Games][Stopped/Manual Start]
<"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe"><BOONTY>
勾选Delet services..再点选set..按下删除..

最后请依照下列路径删除档案...
Running Processes
[C:\WINDOWS\System32\Msxos.dll] [N/A, ]
[PID: 1660][C:\WINDOWS\crasos.exe] [N/A, ]
C:\WINDOWS\crasoa.exe
C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe


献花 x0 回到顶端 [5 楼] From:台湾中华电信HINET | Posted:2007-06-18 13:24 |

首页  发表文章 发表投票 回覆文章
Powered by PHPWind v1.3.6
Copyright © 2003-04 PHPWind
Processed in 0.018053 second(s),query:16 Gzip disabled
本站由 瀛睿律师事务所 担任常年法律顾问 | 免责声明 | 本网站已依台湾网站内容分级规定处理 | 连络我们 | 访客留言