第一个键接是帮你扫瞄你的电脑,并且有一些工具来处理。
第二个键接教你如何删除毒档。good luck!!
这个病毒会将你的防毒关闭,并将%System%\dnsamqut.dll置入下列的档案。
services.exe
zlclient.exe
iexplore.exe
mpftray.exe
svchost.exe
outpost.exe
firefox.exe
ccapp.exe
zapro.exe
opera.exe
smc.exe
[传播途径]
This worm spreads via ICQ messages. Messages contain the following text: "Check this:" or "My party pics:". A link to the executable file of the latest variant of Warezov follows the text.
If the user opens this link in the browser, s/he will be asked if s/he wants to download and launch a file called "archive.exe”. When this file is launched, the worm will be installed to the victim machine.
Use Task Manager to terminate the backdoor process.
一、打开你的工作管理员,找到正在执行后门的程序,并按右键停止程序。
Delete the original worm file (the location will depend on how the program originally penetrated the victim machine).
Manually delete the files listed below from the Windows system directory:
%System%\dnsamqut.dll
%System%\sdhccard.dll
二、找到原始有毒的档案,手动删除,并到window系统目录找到下面二项,手动删除。
%System%\dnsamqut.dll
%System%\sdhccard.dll
Delete the following parameter from the system registry (see What is a system registry and how do I use it for details on how to edit the registry):
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLs = "dnsamqut.dll sdhccard.dll"
三、开始>执行>输入regedit>确定。找到HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]AppInit_DLLs 将"..."括号的值删除。
Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).
四、下载卡巴并将卡巴update到最新的病毒定义档,扫瞄电脑。(这个你可用你的防毒来做)
