|
查看: 1217|回复: 42
|
求助,我的PC中了WORM该用什么杀毒软件呢?
[复制链接]
|
|
|
发表于 19-1-2005 08:20 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 19-1-2005 08:43 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 19-1-2005 08:46 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
发表于 19-1-2005 08:47 PM
|
显示全部楼层
就是 copy拷贝 和 paste粘贴
会生成一个叫hijackthis.log的log文件
用notepad打开copy拷贝然后在就在帖子里paste粘贴 |
|
|
|
|
|
|
|
|
|
|
|
发表于 19-1-2005 08:50 PM
|
显示全部楼层
|
用hijackthis扫描scan之后会出现一个save log保存日志的 |
|
|
|
|
|
|
|
|
|
|
|
发表于 19-1-2005 08:52 PM
|
显示全部楼层
|
不是把文件给上传,而是把文件的内容粘贴在发表帖子里 |
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 19-1-2005 08:54 PM
|
显示全部楼层
Logfile of HijackThis v1.99.0
Scan saved at 20:39:22, on 2005-1-19
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\EPSON\EBAPI\SAGENT2.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TPPALDR.EXE
C:\WINDOWS\SYSTEM\VTTIMER.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\E_S10IC2.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\180SOLUTIONS\SAIS.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\CSTAR\CSTAR.EXE
C:\CSTAR\CSTARMSG.EXE
C:\PROGRAM FILES\MYIE\MYIE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\BITCOMET\BITCOMET.EXE
C:\DOWNLOADS\HIJACKTHIS.EXE
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRAM FILES\FLASHGET\JCCATCH.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FGIEBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [AME_CSA] rundll32 AmeCSA.cpl,RUN_DLL
O4 - HKLM\..\Run: [EPSON Stylus C41 Series] C:\WINDOWS\SYSTEM\E_S10IC2.EXE /P23 "EPSON Stylus C41 Series" /O7 "EPUSB1:" /M "Stylus C41"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [vilahsf] C:\WINDOWS\vilahsf.exe
O4 - HKLM\..\Run: [SyServer] C:\WINDOWS\SYSTEM\SyServer.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O4 - Startup: 迅雷4.LNK
O8 - Extra context menu item: Download using FlashGet - C:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRAM FILES\FLASHGET\jc_all.htm
O8 - Extra context menu item: Download by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Download all by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Fullscreen Toggle - C:\PROGRAM FILES\MYIE\fullscrn.htm
O8 - Extra context menu item: Send to Systray - C:\PROGRAM FILES\MYIE\systray.htm
O8 - Extra context menu item: Send to Pic Grabber - C:\PROGRAM FILES\MYIE\image.htm
O8 - Extra context menu item: Send Shortcut to Tab 1 - C:\PROGRAM FILES\MYIE\sendtotab1.htm
O8 - Extra context menu item: Send Shortcut to Tab 2 - C:\PROGRAM FILES\MYIE\sendtotab2.htm
O8 - Extra context menu item: Send Shortcut to Tab 3 - C:\PROGRAM FILES\MYIE\sendtotab3.htm
O8 - Extra context menu item: Send Shortcut to Tab 4 - C:\PROGRAM FILES\MYIE\sendtotab4.htm
O8 - Extra context menu item: Send Shortcut to Tab 5 - C:\PROGRAM FILES\MYIE\sendtotab5.htm
O8 - Extra context menu item: Send Shortcut to Tab 6 - C:\PROGRAM FILES\MYIE\sendtotab6.htm
O8 - Extra context menu item: Launch search in Tab 1 - C:\PROGRAM FILES\MYIE\search1.htm
O8 - Extra context menu item: Launch search in Tab 2 - C:\PROGRAM FILES\MYIE\search2.htm
O8 - Extra context menu item: Launch search in Tab 3 - C:\PROGRAM FILES\MYIE\search3.htm
O8 - Extra context menu item: Launch search in Tab 4 - C:\PROGRAM FILES\MYIE\search4.htm
O8 - Extra context menu item: Launch search in Tab 5 - C:\PROGRAM FILES\MYIE\search5.htm
O8 - Extra context menu item: Launch search in Tab 6 - C:\PROGRAM FILES\MYIE\search6.htm
O8 - Extra context menu item: Send Page to Tab 1 - C:\PROGRAM FILES\MYIE\CurrentTo1.htm
O8 - Extra context menu item: Send Page to Tab 2 - C:\PROGRAM FILES\MYIE\CurrentTo2.htm
O8 - Extra context menu item: Send Page to Tab 3 - C:\PROGRAM FILES\MYIE\CurrentTo3.htm
O8 - Extra context menu item: Send Page to Tab 4 - C:\PROGRAM FILES\MYIE\CurrentTo4.htm
O8 - Extra context menu item: Send Page to Tab 5 - C:\PROGRAM FILES\MYIE\CurrentTo5.htm
O8 - Extra context menu item: Send Page to Tab 6 - C:\PROGRAM FILES\MYIE\CurrentTo6.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - Extra button: Search cracks at CrackSpider.NET - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://crackspider.net/ie/btn.php (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Search cracks at CrackSpider.NET - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://crackspider.net/ie/btn.php (file missing) (HKCU)
O15 - Trusted Zone: http://free.aol.com
O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O16 - DPF: {042EEA26-2402-4E5A-B5BB-0FB445A5526E} (VacPro.win98_P) - http://www9.advnt01.com/dialer/win98_P.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bi ... Client.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - http://bar.baidu.com/update/IESearch.cab
O16 - DPF: {10954C80-4F0F-11D3-B17C-00C0DFE39736} - http://hot.thebugs.ws/fav.exe
O16 - DPF: {86BC8440-8693-4076-A144-6BAF942B40B0} - http://mysearch.8848.com/mysearch/MySearch.CAB
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} - http://iebar.t2t2.com/iebar.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {54F8C0E2-34F9-474F-B47F-2CFCFE2300A2} - http://download.imu.com.cn/client/chatatwill/ie/imuliver.cab |
|
|
|
|
|
|
|
|
|
|
|
发表于 19-1-2005 09:11 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
发表于 19-1-2005 09:17 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 19-1-2005 09:25 PM
|
显示全部楼层
austinlim 于 19-1-2005 09:17 PM 说 :
在关掉所有窗口,所有浏览器之后用hijackthis fix checked立即修复
还有这个
O16 - DPF: {10954C80-4F0F-11D3-B17C-00C0DFE39736} - http://hot.thebugs.ws/fav.exe
让我试试看
[ Last edited by ksang on 19-1-2005 at 09:27 PM ] |
|
|
|
|
|
|
|
|
|
|
|
发表于 19-1-2005 09:31 PM
|
显示全部楼层
我的也有问题,帮帮忙:
Logfile of HijackThis v1.99.0
Scan saved at 9:32:40 PM, on 1/19/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\keyhook.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\F-Secure Anti-Virus\Common\FSM32.EXE
C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure Anti-Virus\backweb\4476822\Program\fspex.exe
C:\Program Files\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe
C:\Program Files\F-Secure Anti-Virus\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\F-Secure Anti-Virus\Common\FSMB32.EXE
C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\F-Secure Anti-Virus\Common\FCH32.EXE
C:\Program Files\F-Secure Anti-Virus\Common\FAMEH32.EXE
C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure Anti-Virus\FSGUI\fsguiexe.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Maxthon\Maxthon.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.984\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Anti-Virus\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Anti-Virus\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure Anti-Virus\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe
O4 - HKLM\..\Run: [IMSCMIG40W] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: ʹÓÃKugooÏÂÔØ - C:\PROGRA~1\KuGoo2\KugooDownX.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_02\bin\npjpi142_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_02\bin\npjpi142_02.dll
O9 - Extra button: PowerWord - {9A687CA6-D585-4947-9ED9-BE96071F5CD9} - C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/305f ... netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsof ... e.cab?1104300242812
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.ms ... filesharingctrl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bi ... Client.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1883E26E-2B93-48CA-B12D-6A0FAB4EEC2B}: NameServer = 202.188.0.133 202.188.1.5
O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll
O23 - Service: F-Secure Anti-Virus 2005 - Unknown - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - Unknown - C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - Unknown - C:\Program Files\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon - F-Secure Corporation - C:\Program Files\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent - F-Secure Corporation - C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe |
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 19-1-2005 09:34 PM
|
显示全部楼层
不行哦....
用AVG扫描之后还是有31个INFECTED FILE
i-worm opas
agobot
win32 worm |
|
|
|
|
|
|
|
|
|
|
|
发表于 19-1-2005 09:40 PM
|
显示全部楼层
你知道都是那些文件吗
能再scan一次把log传上来吗
AVG你upgrade 它的database到最新的了吗
注
稻草人 可以开新的帖子吗,这样会很混乱的。 |
|
|
|
|
|
|
|
|
|
|
|
发表于 19-1-2005 09:42 PM
|
显示全部楼层
|
用Trojan Guarder Gold Version 包你药到病除 |
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 19-1-2005 09:45 PM
|
显示全部楼层
austinlim 于 19-1-2005 09:40 PM 说 :
你知道都是那些文件吗
能再scan一次把log传上来吗
AVG你upgrade 它的database到最新的了吗
注
稻草人 可以开新的帖子吗,这样会很混乱的。
update了
都是在_RESTORE/temp里的 |
|
|
|
|
|
|
|
|
|
|
|
发表于 19-1-2005 09:47 PM
|
显示全部楼层
|
稻草人 看了你的 你是用Acer的吗?是什么问题呢 |
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 19-1-2005 09:47 PM
|
显示全部楼层
Edwen 于 19-1-2005 09:42 PM 说 :
用Trojan Guarder Gold Version 包你药到病除
我试试 |
|
|
|
|
|
|
|
|
|
|
|
发表于 19-1-2005 09:54 PM
|
显示全部楼层
ksang,
1. Click Start, point to Settings, and then click Control Panel.
2. Double-click System, and then click the Performance tab.
3. Click File System, and then click the Troubleshooting tab.
4. Click to select the Disable System Restore check box, click Apply, click to clear the Disable System Restore check box, click Apply, and then click OK.
5. Restart the computer when you are prompted to do so. When the computer restarts, the data store is purged and the System Restore feature begins monitoring the system again.
用这个方法吧
1. Click Start, Settings, and then click Control Panel.
2. Double-click the System icon. The System Properties dialog box appears.
NOTE: If the System icon is not visible, click "View all Control Panel options" to display it.
3. Click the Performance tab, and then click File System.
4. Click the Troubleshooting tab, and then check Disable System Restore.
5. Click OK. Click Yes, when you are prompted to restart Windows.
Once you have cleaned the virus or other problem from the computer, reenable System Restore by following these directions
To enable Windows Me System Restore:
1. Click Start, point to Settings, and then click Control Panel.
2. Double-click System, and then click the Performance tab.
3. Click File System, and then click the Troubleshooting tab.
4. Uncheck Disable System Restore.
5. Click OK. Click Yes, when you are prompted to restart Windows.
[ Last edited by austinlim on 19-1-2005 at 09:58 PM ] |
|
|
|
|
|
|
|
|
|
|
|
发表于 19-1-2005 09:57 PM
|
显示全部楼层
austinlim 于 19-1-2005 09:47 PM 说 :
稻草人 看了你的 你是用Acer的吗?是什么问题呢
我的问题是不时有同样的广告跳出,maxthon block不到,用Ad-aware SE Personal scan 到三个VX2(dll file来的,什么东东?),delete不掉,放进ignore list,又有新的在system32。并且把popup的url paste去IE option 的restricted sites,还是不行。
那些popup大概是888.com,ad-w-a-r-e.com,ads1.revenue.net等。 |
|
|
|
|
|
|
|
|
|
| |
 本周最热论坛帖子
|
变色卡
千斤顶
1694 
52
