Registry
[Users questions | Browse:41 | Favorites]
Users questions:Even in the smss virus, it has created in system32 under a new com folder, hide inside and not the same as before the attack path, and is estimated to be a variant it help ah ~ Hard Right option auto has even been buttoned up, but After this virus with a command prompt to delete, then restart theEstimated to change the registry back, but I was rookie, how to change the registry can be summarized What next? Exe files are infected how to fix it? Thank you, friends ~ ~ thank ah, but even with out the registry will not ah, in particular, there are several keys I can not find ah ... tell me how to look for What? Thanks again ah
Experts answer: I won this virus is handled this way. One end of the virus with icesword process, note the COM folder corresponding to the virus process (lsass.exe and smss.exe), do not delete the system processes, otherwise you are lost. And remove all the virus files (Exe files and each of these two under the root directory of pagefile.pif and autorun.inf). I use a key GHOST backup system, so afraid, to have nothing arbitrary. I suggest you look at first while the backup system. Can refer to the following three. 2 in the registry to find pagefile.pif value, delete. 3 Create a folder in the COM two text files, two files named as lsass.exe and smss.exe, the properties of the two text files to read-only, safe to refuse. This virus attacks again, can not produce hereDamage files. icesword the Internet to find the download, please also refer to the following four: 1, No. 12 genuine global free antivirus software AVAST, antivirus powerful, resource-Bi Kaba, Rising much less speed automatic upgrades, permanent use, Register once with a one year, registrationme.html Select Simplified Chinese: Chinese (Simplified) version registered in (Sign Language Simplified Chinese): http: ** 66.98.172.73 * i_kat_207.php?% 20PHPSESSID = 3d64578dccd9def87821a653a4b76087 & Lang = CHS # register-form additive QQ group 7956658,34201997 to consult, the equivalent of free service. 2, FairFirewall description and download: www.onlinedown.net * soft * 139.htm 3, GHOST is a key means of prevention in advance, can C drive (system disk) to back up, when the virus can not be removed with antivirus software, 10 minutes to return to drug-free state. WhenHowever, C drive (including the desktop) all the files are restored, it is recommended to restore the desktop file before moving to the non-system disk. It makes the system have eternal life. Describes: it.people.com.cn * GB * 42892 * 42928 * 4226361.html download: www.onlinedown.net * soft * 33492.htm 4, ICESWORD may remove any known path, can not remove the virus, the virus could not be terminated to terminate any process. Before use with a key GHOST backup system will mistakenly delete system filesSystem crashes. Download at: http: ** www.crsky.com * soft * 6947.html lower left mouse click "file" will switch to show status of each letter, in accordance with the file path to point to open the file where the letter of the + sign, press file path has been open all the + pointsTo find the virus, right click and choose "delete" or "forced to delete." 5, 360 security guards to download at: www.360safe.com select repair - repair vulnerabilities, playing all the system patches, so that opportunities for greatly reduced toxicity. I use genuine products are free, feel good. In fact, any anti-virus software can not completely prevent poisoning, it added a one-click GHOST, any virus as long as too stubborn, I will restore. Allow the virus mad, so you happy every day. I shared the information available (including more than five anti-virus products) in the download archive: ishare.sina. Com.cn * cgi-bin * fileid.cgi? Fileid = 1100709 where the virus database as the end of December, and can then manually update once.
Experts answer: I won this virus is handled this way. One end of the virus with icesword process, note the COM folder corresponding to the virus process (lsass.exe and smss.exe), do not delete the system processes, otherwise you are lost. And remove all the virus files (Exe files and each of these two under the root directory of pagefile.pif and autorun.inf). I use a key GHOST backup system, so afraid, to have nothing arbitrary. I suggest you look at first while the backup system. Can refer to the following three. 2 in the registry to find pagefile.pif value, delete. 3 Create a folder in the COM two text files, two files named as lsass.exe and smss.exe, the properties of the two text files to read-only, safe to refuse. This virus attacks again, can not produce hereDamage files. icesword the Internet to find the download, please also refer to the following four: 1, No. 12 genuine global free antivirus software AVAST, antivirus powerful, resource-Bi Kaba, Rising much less speed automatic upgrades, permanent use, Register once with a one year, registrationme.html Select Simplified Chinese: Chinese (Simplified) version registered in (Sign Language Simplified Chinese): http: ** 66.98.172.73 * i_kat_207.php?% 20PHPSESSID = 3d64578dccd9def87821a653a4b76087 & Lang = CHS # register-form additive QQ group 7956658,34201997 to consult, the equivalent of free service. 2, FairFirewall description and download: www.onlinedown.net * soft * 139.htm 3, GHOST is a key means of prevention in advance, can C drive (system disk) to back up, when the virus can not be removed with antivirus software, 10 minutes to return to drug-free state. WhenHowever, C drive (including the desktop) all the files are restored, it is recommended to restore the desktop file before moving to the non-system disk. It makes the system have eternal life. Describes: it.people.com.cn * GB * 42892 * 42928 * 4226361.html download: www.onlinedown.net * soft * 33492.htm 4, ICESWORD may remove any known path, can not remove the virus, the virus could not be terminated to terminate any process. Before use with a key GHOST backup system will mistakenly delete system filesSystem crashes. Download at: http: ** www.crsky.com * soft * 6947.html lower left mouse click "file" will switch to show status of each letter, in accordance with the file path to point to open the file where the letter of the + sign, press file path has been open all the + pointsTo find the virus, right click and choose "delete" or "forced to delete." 5, 360 security guards to download at: www.360safe.com select repair - repair vulnerabilities, playing all the system patches, so that opportunities for greatly reduced toxicity. I use genuine products are free, feel good. In fact, any anti-virus software can not completely prevent poisoning, it added a one-click GHOST, any virus as long as too stubborn, I will restore. Allow the virus mad, so you happy every day. I shared the information available (including more than five anti-virus products) in the download archive: ishare.sina. Com.cn * cgi-bin * fileid.cgi? Fileid = 1100709 where the virus database as the end of December, and can then manually update once.
- Computer viruses can not find
- A search for "Rising" or "virus", etc., Baidu was shut down
- Computer virus
- U disk seeking samples of the virus [experimental use]
- U disk virus
- Kabbah year 2010 compatible version and it XPsp3
- Expert to help me see my computer the CPU has a great pattern?
- Computer virus, the virus get into the system, and how to repair the system?
- Expert help! ! Like a virus! !
- Computer virus a ......
- This information provided by the users.Thanks!
Computer Knowledge Copyright 2005-2015 All Rights Reserved.