首先,我发现的是该病毒没把精锐网吧辅助工具5.7禁用,所以我在其里面的进程管理项目栏里找到了上面那两个病毒的进程名与路径,直接右键选择“终止进程并禁止运行”,之后在限制恢复栏目里点击浏览找到病毒路径,直接选删除文件。并在启动管理项目栏里将病毒启动项清除。 使用”eFix--Hidden(恢复系统隐藏文件).reg”示隐藏属性 此时,路径病毒已经被清除,但还有残留。用资源管理器找到以下两个路径: C:\Program Files\common files\system和C:\Program Files\Common Files\Microsoft Shared 将可疑文件删掉。(主要是terebmi.exe和nuygtvw.exe两个) 需要特别注意的是在HOSTS里,将其内容改为 # Copyright (c) 1993-1999 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host
精品推荐