ff14机工是副技能:电脑中毒，紧急求援！

不是新病毒
用McAfee绝对可杀

McAfee VirusScan （麦咖啡杀毒软件） v10.0.27 最新汉化完全版
http://down.htcnc.net/Software/catalog25/991.html

注册很简单,到这个网址: http://us.mcafee.com/root/register.asp用你的邮箱注册一个Mcafee帐号, 安装的时候填入你注册用的那个邮箱地址＆密码就可以在线升级了。

病毒信息
Generic PWS.oType Trojan SubType Win32 Discovery Date 04/06/2005 Length Minimum DAT 4463 (04/06/2005) Updated DAT 4790 (06/21/2006) Minimum Engine 4.4.00 Description Added 04/06/2005 Description Modified 01/11/2006 9:47 AM (PT)

This is a trojan detection. Unlike viruses, trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include email, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.

Characteristics
This is a password stealing trojan that captures keystrokes and sends notification and captured information to the author via HTTP. Online email and bank account information (username/password) is particularly vulnerable to this threat.

There are several variants of the trojan. The description is for a specific sample.

When run, the trojan copies itself to %Sysdir% directory. The following file names are used:

MSSVC.EXE Itt creates a registry run key to load itself at Windows start up.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
"winnsvc" = "msvc.exe "
Symptoms
Existence of files and registry keys mentioned above.

Contacts a server via port 80 (g2.slapeddw.info) and proceeds posting system info to a PHP file. Info such as OS, Service pack, Browser, etc....

Trojan also has a keylogger component attached to it. Waiting for keystrokes and then posting these strokes to the PHP file.

Acts a Proxy Server

Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial. Distribution channels include IRC, peer-to-peer networks, newsgroup postings, etc.
Removal

McAfee全球最畅销的杀毒软件之一，McAfee防毒软件, 除了*作介面更新外,也将该公司的WebScanX功能合在一起,增加了许多新功能! 除了帮你侦测和清除病毒，它还有VShield自动监视系统，会常驻在System Tray，当你从磁盘、网络上、E-mail夹文件中开启文件时便会自动侦测文件的安全性，若文件内含病毒，便会立即警告，并作适当的处理，而且支持鼠标右键的快速选单功能，并可使用密码将个人的设定锁住让别人无法乱改你的设定。

在安全模式下杀毒。先升级杀毒软件，再重启，重启时长按F8健进入安全模式，（用上下健选择）再杀毒。 杀毒时关闭系统还原（右键 我的电脑 属性 系统还原 在所有驱动器上关闭系统还原上打勾） 推荐卡巴

在注册表里查找DEVMONAPP,然后将相关的键值全部删除,再在SYSTEM和SYSTEM32下搜索DEVMONAPP．EXE,将其删除试试^0^

到雅虎助手上的“免费杀毒”看看 平时是免费查毒 周六周日是免费杀毒的 我都经常在那里杀毒 ～～～它提供瑞星和金山杀毒 而且不用本地安装杀毒软件 只需要装些小插件即可
http://cn.zs.yahoo.com/start.htm

用带网络连接的安全模式 下一个杀毒的