Unknown virus means that there is no virus that is detected by anti-virus software. You may say that I update the virus definition library daily, it is impossible to have an unknown virus. But I have to tell you that I have encountered Norton, Rising can't kill the virus, in fact, it should be said to be a wooden virus. Such viral spreads, Norton, Rising Virus Monitoring Center is impossible to encounter viral samples in a short period of time, and it is impossible to add this virus to the latest definition library.
Of course, update Windows and anti-virus software before looking for viruses, this is the basic principle.
In fact, the hiding place of the virus is still very good.
1. Tibet in the Administrative Tools -> Services. Check out every service carefully. If you find that the service that has not been discovered, check the path to execute files, confirm what service, if you want, you will disable it. (This is going to take a closer look at each service, familiar with each service, otherwise the virus will not be seen by you.) Note: Don't disable it, remember the first time to study various services I have disabled an important service (it seems to be a plug and play) result recyclable into the system, and the security mode is useless, only reloading.
2. Tibet it in the registry. [HKEY_LOCAL_MACHINE / Software / Microsoft / Windows / CurrentVersion / RunServices] [HKEY_LOCAL_MACHINE / Software / Microsoft / Windows / CurrentVersion / RunServicesOnce] [HKEY_LOCAL_MACHINE / Software / Microsoft / Windows / CurrentVersion / Run] [HKEY_LOCAL_MACHINE / Software / Microsoft / Windows / CurrentVersion / RunOnce] [HKEY_CURRENT_USER / Software / Microsoft / Windows / CurrentVersion / Run] [HKEY_CURRENT_USER / Software / Microsoft / Windows / CurrentVersion / RunOnce] [HKEY_CURRENT_USER / Software / Microsoft / Windows / CurrentVersion / RunServices] these places have one by one inspection, There is no thing you don't know. (This should also look at your usual observation, you can take a look at the just installed clean system.) Note: Anti-virus software and the software you need are also there, don't put anti-virus software to remove!
If it is a virus related to IE to change the settings of the Internet, let you start IE every time I go to the annoying website, and I don't let you change it, I can have two ways, one is to find that hate that hate that hate it in the registration table. Site, put all the contents of the items, all empty. There is also the use of the registry repair tool (software such as a super rabbit), but this is not manual, I never use this type of tool to solve the problem, I have not reflected my horizontal, huh, huh.
3. Tibet in the system directory.
Check if there is any suspicious file in the Windows catalog and Windows / System32 / directory. You will call: God! So many files, where do I know which one is a virus file? Don't worry, there is a way, you can sort according to the modification time and create time, mainly see the exe and dll files, then observe those suspicious files.
Tips: You can open the properties of suspicious files to see if it is a Microsoft system file, which is Microsoft's file. In general, the virus file does not write a detailed file version information.
However, if it is uncertain, don't delete the file, you can move to the temporary folder. If you can't move, you can move in safe mode. This also needs to be familiar with the system file. It is faster to find, and the names of the virus files like the names similar to the system file, such as one or less letters to confuse your concept.
4. Tibet it in memory. Check the task manager and observe that there is a suspicious executable to run. Discover suspicious processes, immediately enforce it. It is possible that you can't end this process, and it is estimated that this process is started through the service. You must stop and disable it in the Administrative Tool -> Service to shut down, no more, it will go to security mode.
The above 4 places must be all set, do less, the virus will die, and all the four places are all restored, what you just have, it's all over.
I use this way to remove the virus, and I have not lost my hands, including the solve the anti-virus software unknown virus, of course, with anti-virus software and other software to synergy, the efficiency will be higher.
