請教各位先進.該如何解除.謝謝!!感恩
請教各位先進.該如何解除.謝謝!!感恩
[url]http://securityresponse.symantec.com/avcenter/venc/data/backdoor.ranky.c.html[/url]
[QUOTE][i]最初由 ericlien 發表[/i]
[B][url]http://securityresponse.symantec.com/avcenter/venc/data/backdoor.ranky.c.html[/url] [/B][/QUOTE]
很感謝指教~~但是小弟英文很差.實在看不大懂..有解除工具嗎~~謝謝 !!
When Backdoor.Ranky.C is executed, it does the following:
Opens TCP port 41934, so that it can receive commands from remote hackers. It runs as a proxy server on a compromised machine.
Adds the value:
"rngmf" = "<path to trojan>"
to the registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
so that the Trojan runs when you start Windows.
以上方法來自諾頓網站
應該這是解毒步驟吧
我想請問一下
是設成"數值 字串 還是機碼 什麼的"
因為我不知道要新增成什磨樣子的..
thanks...
那一段是說病毒運行的原理, 解毒步驟在底下
最好是安裝個掃毒軟體來掃比較快