推荐文章
- SohuNews.exe自动弹出窗口
- U盘病毒:伪装成文件夹图标
- ksuser.dll,50545171.dll查杀
- Backdoor.Win32.Agent.vc病毒分析报告
- jan.Win32.Agent.h病毒分析报告
- Trojan/Win32.Inject.adpk (globalt.exe )分析
- Trojan-Dropper.Win32.Small.aqt分析与解决方案
- 国内外企业级反垃圾邮件防火墙选购指南
- [图文]替雇主拿站成黑客常规业务
- [推荐]Worm.Win32.AutoRun.bbk解决方案
- [推荐]Backdoor.Win32.Hupigon.elv解决方案
- qu66.dll,234q2z43.sys,jjjxca44.sys等木马手工清
- svchost.dll,235780mm.dll,lotushlp.exe等木马群
- Worm.Win32.AutoRun.apj分析
- alcwzrd.exe,ineters.exe,SoundMan.exe解决方案
- 网络钓鱼:钓鱼者的三种典型攻击手段
- Trojan-Downloader.Win32.QQHelper.agx(my_70026
- 教你清除机器狗 pcihdd.sys pvc.exe解决方案
- U盘病毒sos.exe,systom.exe的查杀方案
- SERVICES.EXE手工查杀
Backdoor.Win32.Hupigon.elv解决方案
核心提示:
保护您的计算机 打造洁净网络 中国反病毒小组给您安全的保障
清除方案:
1、手工清除请按照行为分析删除对应文件,恢复相关系统设置.
(1) 关闭病毒进程
(2) 强行删除病毒文件
%WINDIR%/Winmgnts.exe
%WINDIR%/Winmgnts.DLL
%WINDIR%/WinmgntsKey.DLL
%WINDIR%/Winmgnts_Hook.DLL
(3) 恢复病毒修改的注册表项目,删除病毒添加的注册表项
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Paths/Directory
新: 字符串: "C:/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5"
旧: 字符串: "C:/Documents and Settings/commander/Local Settings/Temporary Internet Files/Content.IE5"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Paths/path1/CachePath
新: 字符串: "C:/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/Cache1"
旧: 字符串: "C:/Documents and Settings/commander/Local Settings/Temporary Internet Files/Content.IE5/Cache1"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Paths/path2/CachePath
新: 字符串: "C:/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/Cache2"
旧: 字符串: "C:/Documents and Settings/commander/Local Settings/Temporary Internet Files/Content.IE5/Cache2"
(4)禁用服务winmgntserver
中国反病毒小组
1、手工清除请按照行为分析删除对应文件,恢复相关系统设置.
(1) 关闭病毒进程
(2) 强行删除病毒文件
%WINDIR%/Winmgnts.exe
%WINDIR%/Winmgnts.DLL
%WINDIR%/WinmgntsKey.DLL
%WINDIR%/Winmgnts_Hook.DLL
(3) 恢复病毒修改的注册表项目,删除病毒添加的注册表项
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Paths/Directory
新: 字符串: "C:/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5"
旧: 字符串: "C:/Documents and Settings/commander/Local Settings/Temporary Internet Files/Content.IE5"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Paths/path1/CachePath
新: 字符串: "C:/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/Cache1"
旧: 字符串: "C:/Documents and Settings/commander/Local Settings/Temporary Internet Files/Content.IE5/Cache1"
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Paths/path2/CachePath
新: 字符串: "C:/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/Cache2"
旧: 字符串: "C:/Documents and Settings/commander/Local Settings/Temporary Internet Files/Content.IE5/Cache2"
(4)禁用服务winmgntserver
此文章对你有帮助吗?如果未能解决你的困扰,请访问我们的论坛发帖求助吧,我要求助!
分享按钮
上一篇文章:网络钓鱼:钓鱼者的三种典型攻击手段 下一篇文章:Worm.Win32.AutoRun.bbk解决方案
Copyright 2007-2011 AntiVirus.com, ALL Rights Reserved.
保护您的计算机 打造洁净网络 中国反病毒小组给您安全的保障
豫ICP备11016355号-1
