Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 36

Thread: Problem to remove Virtumonde virus

  1. 2008-06-08, 14:17 #21
    tony6725
    tony6725 is offline
    Junior Member
    Join Date
    May 2008
    Posts
    18

    Default

    yes, I did download this programme as window sreensaver. In terms of P2P, I remember I close it when I ran Combofix.

    So, do you mean I should redo?
  2. 2008-06-08, 20:47 #22
    ndmmxiaomayi
    ndmmxiaomayi is offline
    Malware Team-Emeritus
    Join Date
    Jul 2007
    Location
    Little Red Dot
    Posts
    507

    Default

    There's no need to re-do.

    Run ATF Cleaner

    Download ATF Cleaner and save it to your desktop.

    Double click on ATF-Cleaner.exe to run it.

    • Click on Main at the top.
    • Tick all the boxes except the Prefetch and Cookies box.
    • Click on Empty Selected button.


    If you use Firefox

    • Click on Firefox at the top.
    • Tick all the boxes except Firefox Cookies and Firefox Saved Passwords.
    • Click on Empty Selected button.


    If you use Opera

    • Click on Opera at the top.
    • Tick all the boxes except Opera Cookies and Opera Saved Passwords.
    • Click on Empty Selected button.


    Close ATF Cleaner when you are done.

    Run Malwarebytes' Anti-Malware

    1. Please download Malwarebytes' Anti-Malware and save it to a convenient location.
    2. Double click on mbam-setup.exe to install it.
    3. Before clicking the Finish button, make sure that these 2 boxes are checked (ticked):
      • Update Malwarebytes' Anti-Malware
        Launch Malwarebytes' Anti-Malware
    4. Malwarebytes' Anti-Malware will now check for updates. If your firewall prompts, please allow it. If you can't update it, select the Update tab. Under Update Mirror, select one of the websites and click on Check for Updates.
    5. Select the Scanner tab. Click on Perform full scan, then click on Scan.
    6. Leave the default options as it is and click on Start Scan.
    7. When done, you will be prompted. Click OK, then click on Show Results.
    8. Checked (ticked) all items and click on Remove Selected.
    9. After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest.


    In your next reply, please post:

    1. Malwarebytes' Anti-Malware scan report
    2. A new HijackThis log
    扎西德勒 微笑中有阳光 不放弃的人都拥有希望

    Please do not message me for help. Create a new topic in the Malware Removal room instead.
  3. 2008-06-09, 03:10 #23
    tony6725
    tony6725 is offline
    Junior Member
    Join Date
    May 2008
    Posts
    18

    Default

    I had a problem when I ran Malware software.

    when the scan was running after 1 mins plus, there was a window suddenly poping out. It said Run-Time Error "6". Overflow. I had tried twice, but the problem keep happening.
  4. 2008-06-09, 15:18 #24
    ndmmxiaomayi
    ndmmxiaomayi is offline
    Malware Team-Emeritus
    Join Date
    Jul 2007
    Location
    Little Red Dot
    Posts
    507

    Default

    I will pass your message along to the developer.

    In the meanwhile, please do the following:

    Please go to Kaspersky website and perform an online antivirus scan. Please use Internet Explorer as it uses ActiveX.

    1. Read through the requirements and privacy statement and click on Accept button.
    2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an ActiveX from Kaspersky. Click Yes.
    3. When the downloads have finished, click on Next button.
    4. Click on Scan Settings button.
    5. Select extended under Scan using the following antivirus database:
    6. Check (tick) these boxes under Scan options:
      • Scan Archives
      • Scan Mail Bases
    7. Click OK
    8. Click on My Computer under Please select a target to scan:
    9. Once the scan is complete it will display if your system has been infected. Click on Save as text button and save it to your desktop.
    10. Copy and paste this log in your next reply.


    In your next reply, please post:

    1. Kaspersky Antivirus scan report
    2. A new HijackThis log
    扎西德勒 微笑中有阳光 不放弃的人都拥有希望

    Please do not message me for help. Create a new topic in the Malware Removal room instead.
  5. 2008-06-10, 11:31 #25
    tony6725
    tony6725 is offline
    Junior Member
    Join Date
    May 2008
    Posts
    18

    Default

    --------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER 7 REPORT
    Tuesday, June 10, 2008
    Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
    Kaspersky Online Scanner 7 version: 7.0.25.0
    Program database last update: Tuesday, June 10, 2008 00:45:36
    Records in database: 845469
    --------------------------------------------------------------------------------

    Scan settings:
    Scan using the following database: extended
    Scan archives: yes
    Scan mail databases: yes

    Scan area - My Computer:
    C:\

    Scan statistics:
    Files scanned: 78069
    Threat name: 15
    Infected objects: 17
    Suspicious objects: 0
    Duration of the scan: 01:57:09


    File name / Threat name / Threats count
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Outlook\OutlookHotmail-00000002.pst Infected: Email-Worm.Win32.Bagle.gt 1
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Windows Live Mail\Hotmail (to 836\Deleted items\2DDA5BAC-0000101E.eml Infected: Trojan-PSW.Win32.Magania.smb 1
    C:\Program Files\Eset\infected\23RGQNCA.NQF Infected: Trojan.Win32.Agent.hfr 1
    C:\Program Files\Eset\infected\CKDPTXBA.NQF Infected: Trojan.Win32.Agent.cnm 1
    C:\Program Files\Eset\infected\ESVQV5AA.NQF Infected: Trojan-Downloader.Win32.Agent.qzz 1
    C:\Program Files\Eset\infected\MJKO1RBA.NQF Infected: Trojan.Win32.Inject.ud 1
    C:\Program Files\Eset\infected\QKKCMDAA.NQF Infected: Worm.Win32.Skipi.c 1
    C:\Program Files\Eset\infected\TJ4YF0DA.NQF Infected: not-a-virus:Downloader.Win32.WinFixer.au 1
    C:\Program Files\Eset\infected\XGG0DGAA.NQF Infected: Trojan-Dropper.Win32.Agent.bdj 1
    C:\QooBox\Quarantine\C\WINDOWS\system32\dxitpbqh.dll.vir Infected: Trojan.Win32.Monder.le 1
    C:\QooBox\Quarantine\C\WINDOWS\system32\fsungpdg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.vqd 1
    C:\QooBox\Quarantine\C\WINDOWS\system32\lbjjqrbt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.vqf 1
    C:\QooBox\Quarantine\C\WINDOWS\system32\mlJDsRki.dll.vir Infected: Trojan.Win32.Monder.gen 1
    C:\QooBox\Quarantine\C\WINDOWS\system32\qvwnvmfa.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.vqf 1
    C:\QooBox\Quarantine\catchme2008-06-01_163742.91.zip Infected: not-a-virus:AdWare.Win32.Virtumonde.trt 2
    C:\QooBox\Quarantine\catchme2008-06-01_163742.91.zip Infected: Backdoor.Win32.Agent.gkf 1

    The selected area was scanned.


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 上午 10:29:49, on 2008/6/10
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Kontiki\KService.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\vssvc.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\00THotkey.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\TFNF5.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\WINDOWS\system32\conime.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\WINDOWS\vVX1000.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\3M\PDNotes\PDNotes.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Documents and Settings\TOSHIBA\Local Settings\Temp\jkos-TOSHIBA\binaries\ScanningProcess.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R3 - URLSearchHook: Yahoo! 工具列 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
    O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [CJIMETIPSYNC] C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync
    O4 - HKLM\..\Run: [PHIMETIPSYNC] C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ezHelper] C:\Program Files\ezHelper\ezHelper.exe 300
    O4 - HKCU\..\Run: [foxy] "C:\Program Files\Foxy\Foxy.exe" -tray
    O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Foxy 下載 - res://C:\Program Files\Foxy\Foxy.exe/download.htm
    O8 - Extra context menu item: Foxy 搜尋 - res://C:\Program Files\Foxy\Foxy.exe/search.htm
    O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java 主控台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: 參考資料 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.webmail.hinet.net
    O15 - Trusted Zone: webmail.hinet.net
    O15 - ESC Trusted Zone: http://*.update.microsoft.com
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
    O16 - DPF: {1159CFA4-6BEA-4ED4-8166-5556B1BFB232} (pocx Control) - http://202.133.245.200/iCF20071025.cab
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedIn...derControl.cab
    O16 - DPF: {4C833081-D026-4FF8-968F-7EAB660D2FBA} (TVAnts ActiveX Control) - http://download.tvants.com/pub/tvant...cab/tvants.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02...s/MSNPUpld.cab
    O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader3.cab
    O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} - http://download.ppstream.com/bin/powerplayer.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase4009.cab
    O16 - DPF: {5F4D222D-5EEE-40A8-8810-5642B4E4F441} (KENCAPI Class) - https://ebank.tcb-bank.com.tw/netban.../FSCAPIATL.cab
    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1185374795424
    O16 - DPF: {C01170CC-AF05-46C3-88BC-2C120DCEE288} (KooPlayer Control) - http://www.im.tv/IMTVPlayer.ocx
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://extranet.cranfield.ac.uk/dan...erSetupSP1.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{40233121-6B0E-4121-8A54-6B29E63F652F}: NameServer = 138.250.1.75,138.250.1.67
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod 服務 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 13992 bytes
  6. 2008-06-10, 16:55 #26
    ndmmxiaomayi
    ndmmxiaomayi is offline
    Malware Team-Emeritus
    Join Date
    Jul 2007
    Location
    Little Red Dot
    Posts
    507

    Default

    The new Kaspersky scan doesn't look very informative. It showed that there are infected mails in your mail box, but it doesn't tell us what mails are infected. We aren't going to delete the whole mail box just for one infected mail.

    Let's see if another scanner works.

    Please go to Eset website to perform an online scan. Please use Internet Explorer as it uses ActiveX.

    1. Check (tick) this box: YES, I accept the Terms of Use.
    2. Click on the Start button next to it.
    3. When prompted to run ActiveX. click Yes.
    4. You will be asked to install an ActiveX. Click Install.
    5. Once installed, the scanner will be initialized.
    6. After the scanner is initialized, click Start.
    7. Uncheck (untick) Remove found threats box.
    8. Check (tick) Scan unwanted applications.
    9. Click on Scan.
    10. It will start scanning. Please be patient.
    11. Once the scan is done, you will find a log in C:\Program Files\esetonlinescanner\log.txt. Please post this log in your next reply.
    扎西德勒 微笑中有阳光 不放弃的人都拥有希望

    Please do not message me for help. Create a new topic in the Malware Removal room instead.
  7. 2008-06-10, 22:03 #27
    tony6725
    tony6725 is offline
    Junior Member
    Join Date
    May 2008
    Posts
    18

    Default

    # version=4
    # OnlineScanner.ocx=1.0.0.635
    # OnlineScannerDLLA.dll=1, 0, 0, 79
    # OnlineScannerDLLW.dll=1, 0, 0, 78
    # OnlineScannerUninstaller.exe=1, 0, 0, 49
    # vers_standard_module=3173 (20080610)
    # vers_arch_module=1.064 (20080214)
    # vers_adv_heur_module=1.064 (20070717)
    # EOSSerial=0925a11e1bf37f49a096187e8e84b65d
    # end=finished
    # remove_checked=false
    # unwanted_checked=true
    # utc_time=2008-06-10 07:59:36
    # local_time=2008-06-10 08:59:36 )
    # country="Taiwan"
    # osver=5.1.2600 NT Service Pack 2
    # scanned=246126
    # found=5
    # scan_time=4394
    # nod_component=NOD32MOD_WINNT_CHINESE_BASE Build:0x1108031e (NOD32 for Windows NT/2000/XP/2003/x64 - Base)
    # nod_component=NOD32MOD_WINNT_CHINESE_INET Build:0x1108031e (NOD32 for Windows NT/2000/XP/2003/x64 - Internet support)
    # nod_component=NOD32MOD_WINNT_CHINESE_STANDARD Build:0x1108031e (NOD32 for Windows NT/2000/XP/2003/x64 - Standard component)
    C:\QooBox\Quarantine\catchme2008-06-01_163742.91.zip multiple infiltrations 4D0201511FF470C311996349D9BDC558
    C:\QooBox\Quarantine\catchme2008-06-01_163742.91.zip ?ZIP ?Documents and Settings/TOSHIBA/catchme.zip multiple infiltrations 00000000000000000000000000000000
    C:\QooBox\Quarantine\catchme2008-06-01_163742.91.zip ?ZIP ?Documents and Settings/TOSHIBA/catchme.zip ?ZIP ?iifgEvSL.dll Win32/Adware.Virtumonde application 00000000000000000000000000000000
    C:\QooBox\Quarantine\catchme2008-06-01_163742.91.zip ?ZIP ?Documents and Settings/TOSHIBA/catchme.zip ?ZIP ?ljJDSKAP.dll Win32/Adware.Virtumonde application 00000000000000000000000000000000
    C:\QooBox\Quarantine\catchme2008-06-01_163742.91.zip ?ZIP ?Documents and Settings/TOSHIBA/catchme.zip ?ZIP ?MsnShell32.dll Win32/AutoRun.OQ worm 00000000000000000000000000000000
  8. 2008-06-11, 15:18 #28
    ndmmxiaomayi
    ndmmxiaomayi is offline
    Malware Team-Emeritus
    Join Date
    Jul 2007
    Location
    Little Red Dot
    Posts
    507

    Default

    Doesn't look very informative.

    I see that you have NOD32 Antivirus. Does it has an email scanner? Please try scanning your whole system with NOD32 Antivirus.
    扎西德勒 微笑中有阳光 不放弃的人都拥有希望

    Please do not message me for help. Create a new topic in the Malware Removal room instead.
  9. 2008-06-11, 20:48 #29
    tony6725
    tony6725 is offline
    Junior Member
    Join Date
    May 2008
    Posts
    18

    Default

    NOD32版本 3172 (20080610) NT
    正在檢查NOD32.EXE檔案的CRC:狀態正常
    掃描操作記憶體時發生錯誤。 不能掃描操作記憶體(核心服務並未運作或載入nod32m1.vxd時發生錯誤)。
    日期: 11.6.2008 時間:18:40:57
    已掃描的磁碟,目錄及檔案:C:
    C:\pagefile.sys - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\Documents and Settings\NetworkService\NTUSER.DAT - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\NTUSER.DAT - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\ntuser.dat.LOG - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\01\35-{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}-v1-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v35-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\04\204-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v204-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v204-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\05\205-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v205-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v205-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\06\206-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v206-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v206-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\07\207-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v207-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v207-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\08\208-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v208-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v208-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\09\209-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v209-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v209-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\10\141-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v210-{B15AD867-F633-41BE-80FC-FE2555A3A699}-v141-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\11\2917-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v11-{383E0AF5-1026-47ED-BAAA-00FA695F5784}-v2917-Partial.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\12\2916-{81199B9C-A1ED-4272-B20B-68D8DDA3F709}-v12-{383E0AF5-1026-47ED-BAAA-00FA695F5784}-v2916-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\32\32-{B83E7ACB-BAF6-4BC7-83AF-463640566992}-v32-{B83E7ACB-BAF6-4BC7-83AF-463640566992}-v32-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\33\33-{B83E7ACB-BAF6-4BC7-83AF-463640566992}-v33-{B83E7ACB-BAF6-4BC7-83AF-463640566992}-v33-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\36\36-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v36-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v36-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\37\37-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v37-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v37-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\38\38-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v38-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v38-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\38\38-{B83E7ACB-BAF6-4BC7-83AF-463640566992}-v38-{B83E7ACB-BAF6-4BC7-83AF-463640566992}-v38-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\39\39-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v39-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v39-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\39\39-{B83E7ACB-BAF6-4BC7-83AF-463640566992}-v39-{B83E7ACB-BAF6-4BC7-83AF-463640566992}-v39-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\40\40-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v40-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v40-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\40\40-{B83E7ACB-BAF6-4BC7-83AF-463640566992}-v40-{B83E7ACB-BAF6-4BC7-83AF-463640566992}-v40-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\41\41-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v41-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v41-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\41\41-{B83E7ACB-BAF6-4BC7-83AF-463640566992}-v41-{B83E7ACB-BAF6-4BC7-83AF-463640566992}-v41-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\42\42-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v42-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v42-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\43\43-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v43-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v43-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\44\44-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v44-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v44-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\45\45-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v45-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v45-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\46\46-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v46-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v46-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\47\47-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v47-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v47-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\48\48-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v48-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v48-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\49\49-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v49-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v49-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\50\50-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v50-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v50-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\51\51-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v51-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v51-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\52\52-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v52-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v52-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\53\53-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v53-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v53-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\54\54-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v54-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v54-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\55\55-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v55-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v55-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\56\56-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v56-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v56-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\57\57-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v57-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v57-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\58\58-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v58-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v58-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\60\60-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v60-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v60-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\63\63-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v63-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v63-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\66\66-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v66-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v66-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\69\69-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v69-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v69-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\72\72-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v72-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v72-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\75\75-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v75-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v75-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\ella0802@hotmail.com\DFSR\Staging\CS{AA8F5D76-C455-E00A-3CCB-A3EE13E65825}\78\78-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v78-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v78-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\00\2761-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1600-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2761-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\01\10-{CEA7A175-653F-0B2F-6FF5-30079103B814}-v1-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v10-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\03\2759-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1603-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2759-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\05\1565-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1505-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1565-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\05\2756-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1605-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2756-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\06\1566-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1506-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1566-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\07\1567-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1507-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1567-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\08\1568-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1508-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1568-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\08\2764-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1608-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2764-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\10\2765-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1610-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2765-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\12\2766-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1612-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2766-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\14\2767-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1614-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2767-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\20\20-{306B156E-57F1-47E0-A578-49876903AC72}-v20-{306B156E-57F1-47E0-A578-49876903AC72}-v20-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\21\21-{306B156E-57F1-47E0-A578-49876903AC72}-v21-{306B156E-57F1-47E0-A578-49876903AC72}-v21-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\21\2768-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1521-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2768-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\22\22-{306B156E-57F1-47E0-A578-49876903AC72}-v22-{306B156E-57F1-47E0-A578-49876903AC72}-v22-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\23\23-{306B156E-57F1-47E0-A578-49876903AC72}-v23-{306B156E-57F1-47E0-A578-49876903AC72}-v23-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\47\247-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v247-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v247-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\48\248-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v248-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v248-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\49\249-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v249-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v249-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\49\2769-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2649-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2769-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\50\250-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v250-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v250-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\50\2770-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2650-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2770-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\56\4293-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v4256-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v4293-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\58\4282-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v4258-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v4282-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\60\4261-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v4260-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v4261-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\64\64-{306B156E-57F1-47E0-A578-49876903AC72}-v64-{306B156E-57F1-47E0-A578-49876903AC72}-v64-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\65\65-{306B156E-57F1-47E0-A578-49876903AC72}-v65-{306B156E-57F1-47E0-A578-49876903AC72}-v65-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\78\2755-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1578-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2755-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\81\2758-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1581-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2758-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\84\2753-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1584-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2753-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\86\2763-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1586-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2763-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\88\2754-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1588-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2754-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\91\2757-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1591-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2757-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\94\2762-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1594-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2762-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\may826@hotmail.com\DFSR\Staging\CS{CEA7A175-653F-0B2F-6FF5-30079103B814}\97\2760-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v1597-{B32ECFDA-CF04-4016-8561-DD17787B95BC}-v2760-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Messenger\tony6725@hotmail.com\SharingMetadata\thinkytseng@hotmail.com\DFSR\Staging\CS{A66AA3A7-10FC-7466-5273-0EE6F9F3E3E3}\29\329-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v329-{8D199142-0E6B-4DFE-90A6-B5C02A76AAD5}-v329-Downloaded.frx - 開啟時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\Documents and Settings\TOSHIBA\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\System Volume Information\MountPointManagerRemoteDatabase - 開啟 (存取拒絕)時發生錯誤。 [4]
    C:\System Volume Information\_restore{FE01E12C-C4D0-4F4E-80E6-4A25B7882A1A}\RP240\A0042194.dll - Win32/Adware.Virtumonde.FP 應用程式
    C:\System Volume Information\_restore{FE01E12C-C4D0-4F4E-80E6-4A25B7882A1A}\RP246\A0042933.dll - Win32/Adware.Virtumonde.FP 應用程式
    C:\System Volume Information\_restore{FE01E12C-C4D0-4F4E-80E6-4A25B7882A1A}\RP246\A0042934.dll - Win32/Adware.AdMedia 應用程式
    C:\System Volume Information\_restore{FE01E12C-C4D0-4F4E-80E6-4A25B7882A1A}\RP246\A0042935.dll - Win32/Adware.Virtumonde 應用程式
    C:\WINDOWS\system32\config\default - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\WINDOWS\system32\config\default.LOG - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\WINDOWS\system32\config\SAM - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\WINDOWS\system32\config\SAM.LOG - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\WINDOWS\system32\config\SECURITY - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\WINDOWS\system32\config\SECURITY.LOG - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\WINDOWS\system32\config\software - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\WINDOWS\system32\config\software.LOG - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\WINDOWS\system32\config\system - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    C:\WINDOWS\system32\config\system.LOG - 開啟 (檔案被鎖定)時發生錯誤。 [4]
    已掃描的檔案數目:94296
    已發現的病毒數目:4
    完結時間: 19:31:22 總掃描時間:3025 秒 (00:50:25)
    注意:
    [4] 檔案無法被開啟,可能正被另一程式或操作系統使用中。


    Does it help you?! BTW, some of my infected emails have been isolated into one category in the outlook. Do you mean this?
  10. 2008-06-11, 20:55 #30
    ndmmxiaomayi
    ndmmxiaomayi is offline
    Malware Team-Emeritus
    Join Date
    Jul 2007
    Location
    Little Red Dot
    Posts
    507

    Default

    If the infected mails are quarantined, it's OK.
    扎西德勒 微笑中有阳光 不放弃的人都拥有希望

    Please do not message me for help. Create a new topic in the Malware Removal room instead.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules