Going home for the New Year, I found that my friend's machine is slow, it is definitely poisoned. I saw, good guy, I didn't open the Internet in this year. So he helped him with a catirware, update the virus library, patch XP, Torting for a day, I thought it should be no problem. The result is still the same, it seems to be more serious, and evil
.
I thought about it, it may not be a general virus, it should be in the Trojan, and the anti-virus software has not been checked.
The next day, I decided to manually clear the trembard, because I have never never passing the Trojan (there is no way, safety awareness is high), and I toss a day, I have gone some detours, and finally finalize. Summary experience is as follows:
1. Use netstat -n -o 5 command to detect what suspicious procedures are desperately packed.
2. Run the msinfo32 command, enter the [Software Environment] -> [Run Task] to view the path of the PID.
3. Trojans may be system hidden files, so it is best to display all files and files in the [Tools] -> [Folder Selection] -> [View] -> [Advanced Settings] -> [View] -> [Advanced Settings] -> [View] -> [Advanced Settings] -> [View] -> [Advanced Settings] -> [View] -> [Advanced Settings]. The clip "and" hidden protected operating system file "remove to ensure that all files can be viewed.
4. Find the program according to the path, permanently delete, ok!
5. You can also clean up the relevant information about the registry in the fee. But the fundamental problem has been resolved, this has no harm.
