後先..我msn有個人腥左個名叫X_0005_jpg既解壓檔俾我叫我開黎睇
禁我無留意就收左之後解左壓...
就係禁樣中左毒 NOD32彈左個信息出話
http://216.55.168.36/backup.zip威脅我既電腦
禁我之後上網睇過,,,跟住佢地既方法做 但都係唔得(可能我唔太明)
請問除左洗機之外仲有咩方法可以整走果毒...(詳細小小..因為我電腦白癡的)
唉...好憎果d腥毒俾人既人囉 都唔明佢地咩心態架-0-"
求好心人邦邦我/_\\"
我個msn中左毒呀!!救救我呀唔該!!!
2007-09-23 11:03 am
回答 (4)
2007-10-02 5:19 am
我之前都中過呢個毒,,你del左個file之後,,你去開始--->搜尋戈道搵個svchost既野,,個道會彈左好多個,,正常黎講,,佢地係應該係system 32裏邊,如果唔係既話,,個個就係毒黎架啦,,你就要del左佢,,不過msn都係會keep住sd比人,,過左一陣就冇事架啦!!
參考: my exp.
2007-09-26 9:52 pm
..........好難搞
圖片參考:http://hk.yimg.com/i/icon/16/2.gif
係你中毒後,個毒感染了MSN,有辦法......
你先移除MSN先,後去c://program files
入面有幾個關於MSN(5只1個MSN file),移除曬佢地
圖片參考:http://hk.yimg.com/i/icon/16/1.gif
重新開機,再裝MSN,冇事,如5得e-maiL比我:[email protected]
2007-09-24 2:07 am
2007-09-23 12:39 pm
The new variant of MSN worm began spreading via MSN Messenger from 20 Sept, 2007.
It sends out a .zip file "imag091307.zip" and messages. In the .zip file, it contains a .com file "img091307-www.photoshop.com". Everyone should be careful.
File name: imag091307.zip (img091307-www.photoshop.com)
Size: 25,600 bytes
Detection: Backdoor.Win32.SdBot.bze (Kaspersky)
HOW TO REMOVE
===============
STEP 1
Delete registry entry: (Under Start menu -> Run -> regeidt (OK))
(建議:先在 eg. C:\windows\dllcache [hidden directory] 內, sort by date 找出病毒的檔案名, 因為病毒可能會叫explorer.exe or other name, 不過它們的共通點是日期是中毒之日和時, 還有, 都是hidden status)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"winlogon"="%System%\dllcache\winlogon.exe"
OR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"explorer"="%System%\dllcache\explorer.exe"
STEP 2
Restart WINDOWS
STEP 3
Delete virus files:
(建議 sort by date, 那就會很明顯看得出virus file 是最新和在你中毒的日期和時間)
%System%\dllcache\winlogon.exe (Maybe name as 'explorer.exe' in hidden)
%Windows%\imag091307.zip (And delete the name which similar but in .zip extension)
STEP 4
Remove "Windows Sharing" from 'exceptions' tab of Windows Firewall
STEP 5
Set registry data from 7000 back to original setting 20000:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control]
"WaitToKillServiceTimeout"="20000"
如果你不是太明上述步驟, 建議你找朋友幫忙, 因為以上步驟牽涉到 register, 弄得不好會入windows 都有問題。
另外, 如果真的中了毒, 要即刻stop messenger 同關閉它, 不論它有甚麼diaglous box, 以免病毒漫延! (最簡單和快捷的方法: press "CRTL + ALT + DEL" 去close MSN 先)
不過既然你的NOD32 會有信息彈出來, 可能你的電腦根本沒有中毒, 因為已被Anti-virus software 擋了. (如果真的中了毒, 你的朋友應該會收到你發出的file transfer request)
It sends out a .zip file "imag091307.zip" and messages. In the .zip file, it contains a .com file "img091307-www.photoshop.com". Everyone should be careful.
File name: imag091307.zip (img091307-www.photoshop.com)
Size: 25,600 bytes
Detection: Backdoor.Win32.SdBot.bze (Kaspersky)
HOW TO REMOVE
===============
STEP 1
Delete registry entry: (Under Start menu -> Run -> regeidt (OK))
(建議:先在 eg. C:\windows\dllcache [hidden directory] 內, sort by date 找出病毒的檔案名, 因為病毒可能會叫explorer.exe or other name, 不過它們的共通點是日期是中毒之日和時, 還有, 都是hidden status)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"winlogon"="%System%\dllcache\winlogon.exe"
OR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"explorer"="%System%\dllcache\explorer.exe"
STEP 2
Restart WINDOWS
STEP 3
Delete virus files:
(建議 sort by date, 那就會很明顯看得出virus file 是最新和在你中毒的日期和時間)
%System%\dllcache\winlogon.exe (Maybe name as 'explorer.exe' in hidden)
%Windows%\imag091307.zip (And delete the name which similar but in .zip extension)
STEP 4
Remove "Windows Sharing" from 'exceptions' tab of Windows Firewall
STEP 5
Set registry data from 7000 back to original setting 20000:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control]
"WaitToKillServiceTimeout"="20000"
如果你不是太明上述步驟, 建議你找朋友幫忙, 因為以上步驟牽涉到 register, 弄得不好會入windows 都有問題。
另外, 如果真的中了毒, 要即刻stop messenger 同關閉它, 不論它有甚麼diaglous box, 以免病毒漫延! (最簡單和快捷的方法: press "CRTL + ALT + DEL" 去close MSN 先)
不過既然你的NOD32 會有信息彈出來, 可能你的電腦根本沒有中毒, 因為已被Anti-virus software 擋了. (如果真的中了毒, 你的朋友應該會收到你發出的file transfer request)
收錄日期: 2021-04-13 13:35:30
原文連結 [永久失效]:
https://hk.answers.yahoo.com/question/index?qid=20070923000051KK00560