Virus Name:Worm/MSN.SendPhoto.a
Virus Type: Worm
Rank: ★★
Infected Platform: Win 9X/ME/NT/2000/XP/2003
HOW TO manually delete it:
(Backup your regedit first for your carelessness!!!)
- Open the REGEDIT:
Start -> Run -> regedit
Go to [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\ShellServiceObjectDelayLoad]
find the string value(s) other than- "(Default)",
- "CDBurn",
- "PostBootReminder",
- "SysTray",
- "WebCheck",
- "UPnPMonitor",
- "WPDShServiceObj",
copy down its "Data" on a piece of paper, we are gonna use it in step 2, we denoted as {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}.
Delete those value(s) you have found. (IMPORTANT: do NOT delete the values we have mentioned above!!! According to my experience, the virus value(s) might be "printers", "sysprinters", "syshost", "rdshost", and so on)
- Go to [HKEY_CLASSES_ROOT\CLSID], delete those {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX} which you wrote them down in step 1.
- Reboot your computer.
- Delete all files:
%Windows%\"virus file"
%system%\"virusfile".dll
%userprofile%\new.txt
Now restart your msn, and it should be working well on your pc.
Have Fun & Good Luck!
Cheers~ =)
No comments:
Post a Comment