看了一些国外的网页(GOOGLE翻译的)
有一位的回复如下:
进入安全模式,尽快其他病毒感染的,在安全模式是惰性,
Virut is a file-infector, that is rather serious Virut是一个文件感染者,这是相当严重
1. 1 。 Download Dr.Web CureIt to your Desktop: cureit.exe from ftp://ftp.drweb.com/pub/drweb/cureit/cureit.exe下载Dr.Web CureIt到桌面: cureit.exe从ftp://ftp.drweb.com/pub/drweb/cureit/cureit.exe
(Preferably from a pendrive/ usb-stick onto mentioned PC, after this has been downloaded using a non-infected PC) you could approach your PC from a pen-drive that has been disinfected with the autorun disinfector from here: (最好是从pendrive / USB的坚持上提到的电脑,之后被下载使用非感染的PC )的方法你可以从你的电脑笔式驱动器,已消毒与自动消毒从这里:
http://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe http://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe
Leave the file this leaves on your USB-stick there and set the properties to system, hidden and read-only,离开这使该文件在您的USB棒,并设置系统的属性,隐藏和只读,
2. 2 。 Doubleclick cureit.exe and then click Start in order to start a Quick Scan. DoubleClick的cureit.exe然后单击开始以启动快速扫描。
This will first scan all those files that have been loaded into momentary memory,这将第一次扫描所有的文件已经加载到瞬间记忆,
and when something has been found up have CureIt repair this/these...当遇到已经发现了有CureIt修理这个/这些...
- Then there appears a window with an offer to buy the software with 50% off, click to disappear through clicking X. -然后出现一个窗口,与出价购买该软件的50 %的,按一下消失十,通过点击
Now the main menu will be visible.现在在主菜单将会看到。
- Choose the language to use at the top if you want to use another language as english. -选择语言使用上方如果您想使用另一种语言为英语。
- Then choose Actions and set for the following options: -然后选择操作和设置以下选项:
Adware: Move广告:移动
Dialers: Move拨号:移动
Jokes: Report笑林:报告
Riskware: Report Riskware :报告
Hacktools: Move Hacktools :移动
Then take away the tag at Prompt at action.然后拿走标记提示在行动。
Then click OK.然后单击确定。
- Choose options - Change Settings and remove tag at Heuristic analysis. -选择选项-更改设置和删除标记,启发式分析。
- Then click OK. -然后单击确定。
3. 3 。 Back in the main window you can select the drives that you want to be scanned.回在主窗口中,您可以选择驱动器您要进行扫描。
- Select all drives here. -选择所有驱动器在这里。 Then a red ball will apear for the drives selected for scanning.然后红球将apear选定的驱动器进行扫描。
- Then click the green arrow to start the scan. -然后按一下绿色箭头开始扫描。
This will replace the infected files to the following folder %userprofile%\DoctorWeb\Quarantine\这将取代受感染的文件到以下文件夹% userprofile % \ DoctorWeb \检疫\
whenever disinfection fails.每当消毒失败。
- If the scan has run then choose for File - save Report list. -如果扫描运行,然后选择的文件-保存报告清单。 Save this log onto your desktop.保存这个登录到您的桌面上。
- Close Dr.Web Cureit. -关闭Dr.Web Cureit 。
4. 4 。 Now restart your computer!!现在重新启动计算机! This is an important stage, because it may well be that DrWebCureIT like to replace/remove files during a restart.这是一个重要的阶段,因为它可能是DrWebCureIT要替换/删除文件在重新启动。 Do an additonal avast full scan with your PC started in SafeMode, because this virus is apparently inactive in SafeMode,做额外avast完整扫描与你的PC开始在安全模式,因为这种病毒显然是无效的安全模式,
Load the files you wanna save (drivers, etc) onto a pendrive and scan these thoroughly with DrWeb's CureIt in the proposed settings and again after you started up in SafeMode, so you have various scanning routines following each other up, but better safe then sorry, because the file infector can raise from the dead almost in any infected executable and then we are right back where we started,负载档案要保存(司机等) ,到pendrive和扫描这些彻底DrWeb的CureIt在拟议的设置,并再次启动后,在安全模式,使您有以下各种扫描例程对方,但更好的安全然后抱歉,因为该文件感染可以提高从死几乎在任何感染可执行文件,然后我们回到我们开始,
If the infection is really bad, the computer maybe beyond repair (because of the corruptive nature of the random file-infector and its encryption), the next thing left is the FFR solution, namely fdisk - format - reinstall, so I hope you haven't have to do that,如果感染是非常糟糕,计算机可能无法修复(因为腐败性质的随机文件,感染者和加密) ,在未来的左边是的五年免于复发率的解决方案,即分区-格式-重新安装,所以我希望你的天堂'吨要做到这一点,
polonus
有人建议用这两个查杀:
1、http://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe
(好像是AUTORUN查杀的)
2、ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe
(应该是大蜘蛛扫描) |
楼主: 宝贝要升天了
[复制链接]
楼主
发表于 2009-2-26 22:14:54
