Article Source:
http://www.hackdb.org/
Virus file: c: /windows/system/fmal.dll
File information:
Size: 31.0 KB (31,744 bytes)
Create time: Time (can be easier to create time with WSOCK32.DLL, if it is different)
Workaround, change its name or delete it (note you should turn off IE first)
Restart your IE.
------ The following is a fee (Mei Yan: Detoxification details), see you from you ------
The classmate's computer ended Search for virus, told me to help solve.
Features: Display the Search for ... page when I open IE, the homepage is still set from the About: Blank, can't see any changes.
Platform: Windowsme
Lazy, I found a way online in the first time, but unfortunately I didn't find it, I only do it ...
1. Check if there is a suspicious process: no
2. View C: / Windows / Downloaded Program Files Is there a malicious plugin installed: None
3. IE The main program is modified: no
4. Simply look at the following key values in the registry
HKEY_LOCAL_MACHINE / SOFTWARE / Microsoft / Internet Explorer
HKEY_USERS / .DEFAULT / SOFTWARE / Microsoft / Internet Explorer
Did not see something, change the above two primary links (I think it is a simple way to restore IE the most original settings, of course, there will be no more things, but also simplify some programs), thinking that it may be modified, The result is: no
5. (Depressed one% $ # @@ $! @ $ @ #! @ ##%% # $% &% &)
6. Think of the file creation time and think of hope (important!)
7. Fortunately, the kid knows when he has a problem. Search in C: The file created two days, OK! Found a "fmal.dll" (this is toxic!)
Note: Regmon is used in torch, compared, IE is directly loaded when loading other files, but when loading this file is loaded, a command to register its command with regsvr32.exe has caused doubts.
