請問c槽中system32\winhttp.dll是什麼？

Question

c槽中 C:\\WINNT\\system32\\winhttps.dll是什麼東西？
刪掉會怎樣？
因為我家掃毒程式掃出來它好像被感染了！
不刪掉會怎樣呢？
如果不能刪掉那要怎麼處理？重灌？

Answer 1

間諜程式/灰色程式(Grayware)TSPY_LINEAGE.ND
QUICK LINKS Printer Friendly Page
--------------------------------------------------------------------------------
Initial samples received on: ?? 17, 2005
File type: PE
Memory resident: Yes
Compression type: Aspack
File size: 73,217 Bytes (compressed)
--------------------------------------------------------------------------------
Details:
This memory-resident spyware usually arrives either as a file dropped by other malware or as a file downloaded by an unsuspecting user when visiting a malicious Web site.
Upon execution, it drops WINHTTPS.DLL in the Windows system folder. The said dropped file is detected by Trend Micro also as TSPY_LINEAGE.ND. It then registers the DLL component by creating the following registry keys and entries:
HKEY_CLASSES_ROOT\CLSID\
{5DDBD43F-0F56-490C-8CCA-B8A2249813EA}\InProcServer32
@ ="%System%\winhttps.dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\
{5DDBD43F-0F56-490C-8CCA-B8A2249813EA}\InProcServer32
@= "%System%\winhttps.dll"
(Note: %System% is the Windows system folder, which is usually C:\Windows\System on Windows 98 and ME, C:\WINNT\System32 on Windows NT and 2000, or C:\Windows\System32 on Windows XP and 2003.)

This spyware steals information, typically user names and passwords, related to the game Lineage. It saves the gathered information in a .TXT file, which it sends to a remote malicious user via email using its own Simple Mail Transfer Protocol (SMTP) engine.
It runs on Windows 98, ME, NT, 2000, XP, and Server 2003.
如果不能刪掉,開機後進入安全模式(按F8),執行掃毒程式掃除它。

Answer 2

→電腦筆電維修~電腦重灌~電腦組裝~重灌win7~xp重灌~
→電腦中毒~電腦無法開機~電腦變慢~
→筆電win8改win7~MAC改win7 or 雙系統
◎◎◎各式各樣電腦問題，問他們就對了◎◎◎
→他們會很快解決你的問題 也可以免費諮詢喔！
→北市可以到府收送喔！評價很高
我有認識電腦公司-金滿意電腦
收費便宜●技術超好●修不好不收費

有需要可以打電話詢問
電話:02-29405818或者●加LINE~直接線上詢問
ID:gmepc168
希望能幫到你
Yahoo服務加網址
http://tw.serviceplus.yahoo.com/booth/seller/Y0193898792