第一個鍵接是幫你掃瞄你的電腦,並且有一些工具來處理。
第二個鍵接教你如何刪除毒檔。good luck!!
這個病毒會將你的防毒關閉,並將%System%\dnsamqut.dll置入下列的檔案。
services.exe
zlclient.exe
iexplore.exe
mpftray.exe
svchost.exe
outpost.exe
firefox.exe
ccapp.exe
zapro.exe
opera.exe
smc.exe
[傳播途徑]
This worm spreads via ICQ messages. Messages contain the following text: "Check this:" or "My party pics:". A link to the executable file of the latest variant of Warezov follows the text.
If the user opens this link in the browser, s/he will be asked if s/he wants to download and launch a file called "archive.exe”. When this file is launched, the worm will be installed to the victim machine.
Use Task Manager to terminate the backdoor process.
一、打開你的工作管理員,找到正在執行後門的程序,並按右鍵停止程序。
Delete the original worm file (the location will depend on how the program originally penetrated the victim machine).
Manually delete the files listed below from the Windows system directory:
%System%\dnsamqut.dll
%System%\sdhccard.dll
二、找到原始有毒的檔案,手動刪除,並到window系統目錄找到下面二項,手動刪除。
%System%\dnsamqut.dll
%System%\sdhccard.dll
Delete the following parameter from the system registry (see What is a system registry and how do I use it for details on how to edit the registry):
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLs = "dnsamqut.dll sdhccard.dll"
三、開始>執行>輸入regedit>確定。找到HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]AppInit_DLLs 將"..."括號的值刪除。
Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).
四、下載卡巴並將卡巴update到最新的病毒定義檔,掃瞄電腦。(這個你可用你的防毒來做)
