下面是轉自批踢踢實業坊的解法:
http://www.ptt.cc/bbs/MSNmessenger/M.1199348343.A.CC8.html
1.使用 icesword,在Functions的Process中,右鍵 terminate下列進程 : C:\WINDOWS\happy2008.exe : C:\Program Files\Windows Live\Messenger\msnmsgr.exe :
2.刪除下列 登錄檔值 : 登錄檔路徑:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run : 登錄檔名稱:Windows svchost : 登錄檔數值:happy2008.exe
3.刪除下列檔案 : C:\WINDOWS\Photos1-2008.zip : C:\WINDOWS\happy2008.exe
4.用 ccleaner 清掉暫存檔
5.完工 : 測試用的病毒載點: http://www.badongo.com/file/7145292
完整病毒測試: : http://www.avpclub.ddns.info/discuz/thread-7427-1-1.html
因為是轉的...過兩天會砍掉.
=================================================
This solution is come from PTT Taiwan http://www.ptt.cc/bbs/MSNmessenger/M.1199348343.A.CC8.html
1. Use icesword , terminate the processes a. C:\WINDOWS\happy2008.exe b. C:\Program Files\Windows Live\Messenger\msnmsgr.exe in”functions”
2. Start->Run, Keyin “regedit”, delete the keyvaluepair called [Windows svchost; happy2008.exe] under path [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
3. Delete the files : C:\WINDOWS\Photos1-2008.zip and C:\WINDOWS\happy2008.exe
4. Use ccleaner to clear the temp files.
5. Done.
The Point is 1. Terminate the happy2008.exe process 2. Delete the registry 3. Delete the file.
This Post is reference from PTT, so, it will delete in couple days.
No comments:
Post a Comment