主题：机器中了病毒, 求救!! -- AK545

TROJ_HOOKER

感染文件

C:\WINNT\system32\apihookdll.dll

我的PC-CILLIN 无法屏蔽／清除．请问怎么办？

[SIZE=3]Description:[/SIZE]

This Trojan sends an email with information on the computer, RAS information, and cached passwords. It also intercepts keyboard entries.

[SIZE=3]Solution:[/SIZE]

Click Start>Run. type Regedit then hit the Enter key.

Double click the following:

HKEY_LOCAL_MACHINE>Software>Microsoft >Windows>CurrentVersion>RunOnce

In the right panel, search for and delete any of the registry keys that contains the data value as follows:

Kernel32=Kernel32.exe

Exit the registry.

Click Start>Shutdowm>"Restart in MS-DOS mode” then click OK.

In the %System% folder, delete the following files:

KERNEL32.EXE

SSTABL.DLL

Type “exit”, and then hit the Enter key to restart in Windows mode.

Scan your system with Trend Micro antivirus and delete all files detected as TROJ_HOOKER.24C. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro's free online virus scanner.

Trend Micro offers best-of-breed antivirus and content-security solutions for your corporate network, small and medium business or home PC.

但找不到这样的data value:

Kernel32=Kernel32.exe

再用Msconfig看一下，有没有那个Kernel32.exe，是在什么位置。

到google上查查，肯定会有answer的。

算是安全了吧.

GOOGLE一下Trojan Guarder Gold，如果找不到？留Hotmail or Yahoo EMAIL传给你（1557K with crack）。