紧急求助:请问所有EXE文件打开不能,如何解决
这样的情况下重装系统都不行
诺顿查出来的病毒好像是W32。PHLIS
是什么样蠕虫病毒? http://securityresponse.symantec.com/avcenter/venc/data/w32.sophily.html CLOUD同学。。。
在下既然用诺顿查过病毒,就当然去赛门铁克的网站看过了
但是现在问题是,开机系统都进不去了
怎么办?
机器时东芝的TE2100本子 When W32.Philis.C is executed, it performs the following actions:
Creates the following files:
%Windir%\\YZH.exe
%Windir%\\YZH.sys
%Windir%\\YZH.TMP
Note: %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\\Windows or C:\\Winnt.
Creates the following files in the folder from which the virus was launched:
YZH.SYS
YZH.TMP
.tmp
.sys
Adds the value:
\"YZH.SYS\" =\"%Windir%\\YZH.exe\"
to the following registry keys:
HKEY_LOCAL_MNACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run
so that the virus is executed every time Windows starts.
Scans the hard drive for .exe files and infects any executable files that it finds.
The string \"Syphilis No 1\" is appended to the end of infected files.
Searches for passwords and confidential information, which it may send to a remote attacker via email.
@段是VIRUS工作原理 Click Start > Run.
Type regedit
Then click OK.
Navigate to the keys:
HKEY_LOCAL_MNACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run
In the right pane, delete the value:
\"YZH.SYS\" =\"%Windir%\\YZH.exe\"
Exit the Registry Editor.
Restart the computer in Normal mode. For instructions, read the section on returning to Normal mode in the document, \"How to start the computer in Safe Mode.\"
@是教你感染后消除方法,M安全模式,⒍荆然後]员硌Yc|西,@自己看啦
@病毒o非r加d一EXE,U柴型的啊。 首先谢谢您的帮助!!
253
您说的都对,可是进入不了系统,开机就黑屏。。。 问题已经解决
本子是MM的,我必须负责到底啊
253Max
谢谢CLOUD 草 哪个MM? 名字不知道
反正所有权是个MM MM个毛
页:
[1]