廣告廣告
  加入我的最愛 設為首頁 風格修改
首頁 首尾
 手機版   訂閱   地圖  簡體 
您是第 7424 個閱讀者
 
發表文章 發表投票 回覆文章
  可列印版   加為IE收藏   收藏主題   上一主題 | 下一主題   
狠小子
數位造型
個人文章 個人相簿 個人日記 個人地圖
路人甲
級別: 路人甲 該用戶目前不上站
推文 x0 鮮花 x3
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片
推文 x0
[問題討論] 我家的電腦好像中毒了><請大大幫忙!!
我家的電腦好像中毒了...
小弟家中用的防毒軟體是F-Secure Anti-Virus...
現在這個防毒軟體跑出這樣的警告視窗

Malicious code found in file C:\WINDOWS\SYSTEM32\MSXOS.DLL.
Infection:Packed.NSAnti.p
Action:failed

請問大大這是啥意思.還有要如何解決...
以及小弟用這個防毒軟體是否可行...或者有何推薦!
請大大多多幫忙!!


獻花 x0 回到頂端 [樓 主] From:臺灣 | Posted:2007-06-10 21:42 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

樓主您應該是用F-secure的防毒軟體..
F-secure的防毒能力算是不錯了..個人目前也是用這種防毒軟體..

至於意思是在您的電腦中發現了惡意程式..


獻花 x0 回到頂端 [1 樓] From:臺灣中華電信HINET | Posted:2007-06-10 21:51 |
狠小子
數位造型
個人文章 個人相簿 個人日記 個人地圖
路人甲
級別: 路人甲 該用戶目前不上站
推文 x0 鮮花 x3
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

那大大不好意思...
這樣有辦法解決嗎?


獻花 x0 回到頂端 [2 樓] From:臺灣 | Posted:2007-06-15 14:48 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

請先參考置頂文章線上掃毒多家比對看看..
如果病毒無法刪除或有重生的情形..
請參考置頂文章貼SREng上來判讀..


獻花 x0 回到頂端 [3 樓] From:臺灣中華電信HINET | Posted:2007-06-16 00:22 |
狠小子
數位造型
個人文章 個人相簿 個人日記 個人地圖
路人甲
級別: 路人甲 該用戶目前不上站
推文 x0 鮮花 x3
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

麻煩大大了!!

複製程式

2007-06-18,10:30:53

System Repair Engineer 2.4.12.806
Smallfrogs ([url]http://www.KZTechs.com[/url])

Windows XP Professional Service Pack 1 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
    <Yahoo! Pager><"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet>  [(Verified)Yahoo! Inc.]
    <msnmsgr><"C:\Program Files\MSN Messenger\msnmsgr.exe" /background>  [(Verified)Microsoft Corporation]
    <urtd1575c5t5qwv><C:\WINDOWS\crasoa.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [(Verified)"RealNetworks, Inc."]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows XP Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]

==================================
Startup Folders
N/A

==================================
Services
[F-Secure Automatic Update / BackWeb Plug-in - 7681197][Running/Auto Start]
  <D:\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE><F-Secure Automatic Update>
[Boonty Games / Boonty Games][Stopped/Manual Start]
  <"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe"><BOONTY>
[FSGKHS / F-Secure Gatekeeper Handler Starter][Running/Auto Start]
  <"D:\F-Secure\Anti-Virus\fsgk32st.exe"><F-Secure Corp.>
[F-Secure Network Request Broker / F-Secure Network Request Broker][Running/Manual Start]
  <"D:\F-Secure\Common\FNRB32.EXE"><F-Secure Corporation>
[fsbwsys / fsbwsys][Running/Auto Start]
  <"D:\F-Secure\BackWeb\7681197\program\fsbwsys.exe"><F-Secure Corp.>
[F-Secure Anti-Virus Firewall Daemon / FSDFWD][Running/Manual Start]
  <"D:\F-Secure\FWES\Program\fsdfwd.exe"><F-Secure Corporation>
[F-Secure Management Agent / FSMA][Running/Auto Start]
  <"D:\F-Secure\Common\FSMA32.EXE"><F-Secure Corporation>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[PDEngine / PDEngine][Stopped/Manual Start]
  <C:\Program Files\Raxco\PerfectDisk\PDEngine.exe><Raxco Software, Inc.>
[PDScheduler / PDSched][Running/Auto Start]
  <C:\Program Files\Raxco\PerfectDisk\PDSched.exe><Raxco Software, Inc.>
[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]
  <"C:\Program Files\Cyberlink\Shared files\RichVideo.exe"><>
[StarWind iSCSI Service / StarWindService][Running/Auto Start]
  <E:\Alcohol 120\StarWind\StarWindService.exe><Rocket Division Software>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\mspmsnsv.dll><Microsoft Corporation>

==================================
Drivers
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[F-Secure File System Filter / F-Secure Filter][Running/Auto Start]
  <\??\D:\F-Secure\Anti-Virus\Win2K\FSfilter.sys><>
[F-Secure Gatekeeper / F-Secure Gatekeeper][Running/Auto Start]
  <\??\D:\F-Secure\Anti-Virus\Win2K\FSgk.sys><>
[F-Secure File System Recognizer / F-Secure Recognizer][Running/Auto Start]
  <\??\D:\F-Secure\Anti-Virus\Win2K\FSrec.sys><>
[F-Secure Firewall Driver / FSFW][Running/Boot Start]
  <\SystemRoot\System32\drivers\fsdfw.sys><F-Secure Corporation>
[nv / nv][Running/Manual Start]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
  <System32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <System32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Flashget Catch Url Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <E:\FlashGet\jccatch.dll, [url]www.flashget.com>[/url]
[EpsonToolBandKicker Class]
  {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} <C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll, SEIKO EPSON CORPORATION>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <E:\FlashGet\getflash.dll, >
[D.S.Lite]
  {F8475519-8412-4D40-A46E-692D9D04DF7F} <E:\DSLite2[1].07.45\DSLite2\DSLite.exe, watermonster.org>
[收音機(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[ALiBaBar]
  {0A1375E1-56C2-11D6-8E45-8933A0FB5235} <C:\PROGRA~1\ALiBaBar\ALiBaBar.dll, Alfred, C. S. Li>
[EPSON Web-To-Page]
  {EE5D279F-081B-4404-994D-C6B60AAEBA6D} <C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll, SEIKO EPSON CORPORATION>
[FlashGet]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <E:\FlashGet\fgiebar.dll, Amaze Soft>
[CKAVWebScan Object]
  {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <C:\WINDOWS\System32\Kaspersky Lab\Kaspersky On-line Scanner\kavwebscan.dll, Kaspersky Lab>
[&使用 FlashGet 下載]
  <E:\FlashGet\jc_link.htm, N/A>
[&全部使用 FlashGet 下載]
  <E:\FlashGet\jc_all.htm, N/A>
[Foxy 下載]
  <res://E:\Foxy\Foxy.exe/download.htm, N/A>
[Foxy 搜尋]
  <res://E:\Foxy\Foxy.exe/search.htm, N/A>
[下載編碼內容(&D.S.Lite)]
  <E:\DSLite2[1].07.45\DSLite2\dl_text.html, N/A>
[下載編碼檔案內容(&D.S.Lite)]
  <E:\DSLite2[1].07.45\DSLite2\dl_url.html, N/A>
[匯出至 Microsoft Office Excel(&X)]
  <res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 504][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 568][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 592][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1272][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1221 (xpsp2.030511-1403)]
    [C:\WINDOWS\System32\Msxos.dll]  [N/A, ]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.1.2003110300]
    [E:\FlashGet\fgmgr.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
    [E:\Haali\MatroskaSplitter\mmfinfo.dll]  [N/A, ]
    [E:\Haali\MatroskaSplitter\mkunicode.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Messenger\idle.dll]  [Yahoo! Inc., 1,0,0,2]
    [C:\Program Files\Yahoo!\Messenger\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1460][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3760]
[PID: 1476][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1500][C:\Program Files\MSN Messenger\msnmsgr.exe]  [Microsoft Corporation, 8.1.0178.00]
    [C:\WINDOWS\System32\msdmo.dll]  [, ]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
[PID: 1652][D:\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe]  [F-Secure Automatic Update, Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\6.3.2.116-7681197L\Program\backWeb.dll]  [BackWeb Technologies Inc., Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\6.3.2.116-7681197L\Program\bwsec.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\6.3.2.116-7681197L\Program\clntutil.dll]  [N/A, ]
    [D:\F-Secure\BackWeb\7681197\632~1.116\program\EN\ClientRC.dll]  [BackWeb Technologies Inc., Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\Program\BWfiles-7681197.dll]  [F-Secure Automatic Update, Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\6.3.2.116-7681197L\Program\BWfiles.dll]  [, Version 6.3.2 (Build 116R)]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\6.3.2.116-7681197L\Program\ncast.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [D:\F-Secure\BackWeb\7681197\program\fsbwce.dll]  [F-Secure Corporation, 7.01.13]
    [D:\F-Secure\Common\fsexc.dll]  [F-Secure Corporation, 6.05.8452 ]
    [D:\F-Secure\BackWeb\7681197\program\fsbwres.ENG]  [F-Secure Corporation, 7.00.1]
    [d:\f-secure\common\fsld32.dll]  [F-Secure Corporation, 6.05.8452 ]
    [D:\F-Secure\BackWeb\7681197\program\fsbwres.dll]  [F-Secure Corporation, 6.70.707]
    [d:\f-secure\common\fspmapi.dll]  [F-Secure Corporation, 6.05.8452 ]
    [d:\f-secure\common\fsma32.dll]  [F-Secure Corporation, 6.05.8452 ]
    [E:\FlashGet\fgmgr.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
[PID: 1660][C:\WINDOWS\crasos.exe]  [N/A, ]
    [C:\WINDOWS\System32\Msxos.dll]  [N/A, ]
[PID: 3560][C:\WINDOWS\System32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [E:\FlashGet\fgmgr.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [C:\Program Files\Yahoo!\Messenger\idle.dll]  [Yahoo! Inc., 1,0,0,2]
    [C:\Program Files\Yahoo!\Messenger\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1940][E:\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [E:\FlashGet\fgmgr.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [C:\Program Files\Yahoo!\Messenger\idle.dll]  [Yahoo! Inc., 1,0,0,2]
    [C:\Program Files\Yahoo!\Messenger\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [E:\sreng2\Plugins\NWMON.SRE]  [Smallfrogs Studio, 1, 0, 0, 8]
[PID: 4092][C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe]  [Yahoo! Inc., 8,1,0,240]
    [C:\Program Files\Yahoo!\Messenger\idle.dll]  [Yahoo! Inc., 1,0,0,2]
    [C:\Program Files\Yahoo!\Messenger\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Yahoo!\Messenger\pcre.dll]  [Pcre, 3.9]
    [C:\Program Files\Yahoo!\Messenger\YML.dll]  [Yahoo! Inc., 3,0,0,2]
    [C:\Program Files\Yahoo!\Messenger\YImage.dll]  [Yahoo! Inc., 1,0,0,1]
    [C:\Program Files\Yahoo!\Messenger\xmlparse.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Messenger\xmltok.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Messenger\yvoiceui.dll]  [Yahoo! Inc., 1,0,0,1]
    [C:\Program Files\Yahoo!\Messenger\yaudiomgr.dll]  [Yahoo! Inc., 1,0,200,1]
    [C:\Program Files\Yahoo!\Messenger\GIPSVoiceEngineDLL.dll]  [Global IP Sound, 2, 0, 4, 0]
    [C:\Program Files\Yahoo!\Messenger\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Yahoo!\Messenger\id3lib.dll]  [[url]http://www.id3lib.org/[/url], 3.8.3]
    [C:\Program Files\Yahoo!\Messenger\YIniDom.dll]  [, 0, 1, 0, 0]
    [C:\Program Files\Yahoo!\Messenger\YCPFoundation.dll]  [, 1, 0, 0, 0]
    [C:\Program Files\Yahoo!\Messenger\nspr4.dll]  [Netscape Communications Corporation, 4.6.1]
    [C:\Program Files\Yahoo!\Messenger\YPluginRegistry.dll]  [, 1, 0, 0, 0]
    [E:\FlashGet\fgmgr.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [C:\Program Files\Yahoo!\Messenger\ft60.dll]  [Yahoo! Inc., 1,0,0,4]
    [C:\Program Files\Yahoo!\Messenger\res_msgr.dll]  [Yahoo! Inc., 8,5,0,1]
    [C:\Program Files\Yahoo!\Shared\YbSkin2.dll]  [Yahoo! Inc., 2006, 10, 11, 1]
    [C:\Program Files\Yahoo!\Messenger\MyYahoo.dll]  [Yahoo! Inc., 8,0,0,1]
    [C:\Program Files\Yahoo!\Messenger\D32-FW.DLL]  [Distinct Corporation, 3.4.6]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\System32\Macromed\Common\SwSupport.dll]  [Macromedia, Inc., 10.0r210]
    [C:\Program Files\Yahoo!\Messenger\yvoicesm.dll]  [Yahoo! Inc., 1,0,201,1]
    [C:\Program Files\Yahoo!\Messenger\rvsip.dll]  [RADVISION, 3.1.1.30]
    [C:\Program Files\Yahoo!\Messenger\rvcommon.dll]  [RADVISION, 1.0.18]
    [C:\Program Files\Yahoo!\Messenger\rvads.dll]  [RADVISION, 3.1.1.30]
    [C:\Program Files\Yahoo!\Messenger\rvsdp.dll]  [RADVISION, ]
    [C:\Program Files\Yahoo!\Messenger\P2PCE.dll]  [, 1, 0, 0, 0]
    [C:\Program Files\Yahoo!\Messenger\yv_res.dll]  [Yahoo! Inc., 1,0,0,1]
    [C:\Program Files\Yahoo!\Shared\YAlertCenter.dll]  [Yahoo! Inc., 2006, 7, 17, 1]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\1028\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\INK\PENCHT.DLL]  [Microsoft Corporation, 1.0.1038.0]
[PID: 740][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [E:\FlashGet\fgmgr.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
    [C:\WINDOWS\TEMP\IadHide5.dll]  [BackWeb, Version 6.3.2 (Build 116R)]
    [C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll]  [SEIKO EPSON CORPORATION, 1, 0, 0, 0]
    [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.1.2003110300]
    [E:\FlashGet\jccatch.dll]  [[url]www.flashget.com[/url], 1, 8, 0, 1001]
    [E:\FlashGet\getflash.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Yahoo!\Messenger\idle.dll]  [Yahoo! Inc., 1,0,0,2]
    [C:\Program Files\Yahoo!\Messenger\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\1028\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL]  [Microsoft Corporation, 7.00.9466]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Program Files\Common Files\Microsoft Shared\INK\PENCHT.DLL]  [Microsoft Corporation, 1.0.1038.0]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL]  [Microsoft Corporation, 5.00.2916.0]
    [C:\WINDOWS\System32\rmoc3260.dll]  [RealNetworks, Inc., 6.0.9.2568]
    [C:\WINDOWS\System32\PNCRT.dll]  [Real Networks, Inc, 6.0.0.0]
    [C:\Program Files\Real\RealPlayer\rpplugins\embd3260.dll]  [RealNetworks, Inc., 6.0.12.1739]
    [C:\Program Files\Common Files\Real\Common\pngu3267.dll]  [RealNetworks, Inc., 6.7.0.2962]
    [C:\Program Files\Common Files\Real\Common\pnrs3260.dll]  [RealNetworks, Inc., 6.0.9.4317]
    [C:\Program Files\Common Files\Real\Common\objb3201.dll]  [RealNetworks, Inc., 0.1.0.6726]
    [C:\Program Files\Real\RealPlayer\rpplugins\rpcl3260.dll]  [RealNetworks, Inc., 6.0.9.3362]
    [C:\Program Files\Real\RealPlayer\rpplugins\rput3260.dll]  [RealNetworks, Inc., 6.0.9.3338]
    [C:\Program Files\Common Files\Real\Common\pnen3260.dll]  [RealNetworks, Inc., 10.0.0.1283]
    [C:\Program Files\Common Files\Real\Plugins\zipf3260.dll]  [RealNetworks, Inc., 6.0.8.2799]
    [C:\Program Files\Common Files\Real\Plugins\vsrlocal.dll]  [RealNetworks, Inc., 10.1.0.1180]
    [C:\Program Files\Common Files\Real\Plugins\vidsite.dll]  [RealNetworks, Inc., 10.0.0.1253]
    [C:\Program Files\Common Files\Real\Plugins\clntxres.dll]  [RealNetworks, Inc., 10.0.0.4181]
    [C:\Program Files\Real\RealPlayer\lang\cdplay_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\dbcomp_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\embed_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\gemctl_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\pngui_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\pdgenxfer_tw.dll]  [RealNetworks, Inc., 6.0.12.299]
    [C:\Program Files\Real\RealPlayer\lang\rjctl_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjeq_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjres_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjskin_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjviz_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjfade_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjdlg_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjmisc_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rjprog_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpapp_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpclsvc_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpclutil_tw.dll]  [RealNetworks, Inc., 6.0.12.299]
    [C:\Program Files\Real\RealPlayer\lang\rpdemand_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpdsplyr_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpgutil_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpmnpane_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpplylst_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\rpwebctl_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\tcdinfo_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\tclsvc_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\tdwnmgr_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\tmp3_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\twave_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\teasdk_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\tearm_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\tmdedit_tw.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Real\RealPlayer\lang\mydevices_tw.dll]  [RealNetworks, Inc., 6.0.12.299]
    [C:\Program Files\Common Files\Real\Plugins\memfsys.dll]  [RealNetworks, Inc., 10.0.0.1219]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1       localhost

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================




獻花 x0 回到頂端 [4 樓] From:臺灣 | Posted:2007-06-18 10:35 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片
Re:我家ㄉ電腦好像中毒ㄌ><請大大幫忙!!
請參考以下..
關閉系統還原..清理IE暫存..進入安全模式..
SREng程式..切換至Boot Items分頁中的Registry選項..找到下列..
Boot Items
Registry
<urtd1575c5t5qwv><C:\WINDOWS\crasoa.exe> []
點選Delete..按下是刪除..

SREng程式..切換至Boot Items分頁中的Services中的Win32 Services選項..找到下列..
Services
[Boonty Games / Boonty Games][Stopped/Manual Start]
<"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe"><BOONTY>
勾選Delet services..再點選set..按下刪除..

最後請依照下列路徑刪除檔案...
Running Processes
[C:\WINDOWS\System32\Msxos.dll] [N/A, ]
[PID: 1660][C:\WINDOWS\crasos.exe] [N/A, ]
C:\WINDOWS\crasoa.exe
C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe


獻花 x0 回到頂端 [5 樓] From:臺灣中華電信HINET | Posted:2007-06-18 13:24 |

首頁  發表文章 發表投票 回覆文章
Powered by PHPWind v1.3.6
Copyright © 2003-04 PHPWind
Processed in 0.134555 second(s),query:16 Gzip disabled
本站由 瀛睿律師事務所 擔任常年法律顧問 | 免責聲明 | 本網站已依台灣網站內容分級規定處理 | 連絡我們 | 訪客留言