由于偶的机器裸奔大半年了,一直没出什么事情。昨晚在浏览网站准备干邪恶滴事情时,360说发现了病毒,但杀不掉。 呃,和谐真的在呀~~~立马装上了NOD 32(http://www.greendown.cn/soft/14303.html),检测如下:
重启过后,COMRes.dll没有被清除,360也会挂掉(因为comres.dll被感染了,COM组件不能加载)。下载360专杀大全(http://www.360.cn/killer/360compkill.html),可以杀掉木马和阻止可疑启动项以及修复被感染的文件。以防万一,用NOD32再扫描,进行隔离和删除处理。下载新的comres.dll文件(http://www.zhaodll.com/dll/c/200610/788.html),安全模式下覆盖原来的。另外hosts文件也被隔离了,所以可以在Windows\system32\drivers\etc下用记事本写入如下内容并保存为hosts文件,没有扩展名:
# Copyright (c) 1993-1999 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
然后基本上就OK了,剩下的就是重启,修复360之类的了。
|