Manual Clean Removal Instruction for Worm.Pabug.ck or Worm.Pabug.co手冊清潔搬遷的指示,為worm.pabug.ck或worm.pabug.co
Worm.Pabug.ck is a computer virus also known as Worm.Pabug.co, Dropper/QQPass.48436, Trojan-PSW.Win32.QQPass.jh or DeepScan.Generic.Malware.SP!dldPk!g.01C03DEE. worm.pabug.ck是計算機病毒也稱為worm.pabug.co , dropper/qqpass.48436 ,木馬- psw.win32.qqpass.jh或deepscan.generic.malware.sp ! dldpk ! g.01c03dee 。 The virus carries high system risk as the malicious dropper will disable some commonly used anti-virus software and unable to open security applications.該病毒進行高系統風險作為惡意滴管將禁用一些常用的反病毒軟件和無法開啟安全應用程序。 Other reported infected symptoms include unable to update virus signatures, unable to access or load antivirus websites or forums.其他報導,受感染的症狀包括無法更新病毒碼,無法訪問或加載防毒網站或論壇。 All these effects caused the removal or disinfection process for Worm.Pabug.ck/co virus a little bit harder.所有這些影響所造成的取消或消毒過程worm.pabug.ck /合作病毒有點困難。
The worm can’t self-propagate.該蠕蟲不能自我宣傳。 It is likely that the system could be infected when a user downloads an executable file from email, messenger, board, and download centers and run the file.可能是該系統可感染,當用戶下載一個可執行文件,從電子郵件,即時通訊,董事會,並下載中心和運行該文件。 Or, it is possible that it is installed by other malicious codes (worms, viruses and trojan horses).或者,是有可能的,這是安裝其他惡意代碼(蠕蟲,病毒和特洛伊木馬) 。 The worm which is a dropper, when executed, will create the following files:該蠕蟲這是一個滴管,當處決,將創建下列文件:
%systemroot%\system32\gfosdg.exe or jusodl.exe的% SystemRoot % \ system32 \ gfosdg.exe或jusodl.exe
%systemroot%\system32\gfosdg.dll or jusodl.dll的% SystemRoot % \ system32 \ gfosdg.dll或jusodl.dll
%systemroot%\system32\severe.exe的% SystemRoot % \ system32 \ severe.exe
%systemroot%\system32\drivers\mpnxyl.exe or pnvifj.exe的% SystemRoot % \的System32 \ Drivers \ mpnxyl.exe或pnvifj.exe
%systemroot%\system32\drivers\conime.exe的% SystemRoot % \的System32 \ Drivers \ conime.exe
%systemroot%\system32\hx1.bat的% SystemRoot % \ system32 \ hx1.bat
%systemroot%\system32\noruns.reg的% SystemRoot % \ system32 \ noruns.reg
X:\OSO.exe x : \ oso.exe
X:\autorun.inf x : \的Autorun.inf
X represents non-system hard drive. X代表非系統硬盤驅動器。 %systemroot% folder is usually C:\Windows on most systems (so the path to the infected files are C:\Windows\System for Windows 95/98/ME, C:\WinNT\System32 for Windows NT/2000, or C:\Windows\System32 for Windows XP). % SystemRoot %文件夾是通常是C : \ Windows的大多數系統(使路徑受感染的文件為C : \的Windows \系統Windows 95/98/Me中為C : \ Winnt \ System32中,為的Windows NT/2000 ,或C : \的Windows \ system32用於Windows XP ) 。
Beside, the dropper also adds the following value to Windows registry key entries by executing noruns.reg and then delete the file once done to run itself automatically whenever Windows starts.旁邊,滴管,還增加了以下值到Windows的註冊表項參賽作品由執行noruns.reg ,然後刪除該文件,一旦這樣做本身運行時自動在Windows啟動。
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] [ hkey_current_user \軟件\微軟\的Windows \ currentversion \政策\總管]
“NoDriveTypeAutoRun”=dword:b5 “ nodrivetypeautorun ” =的DWORD : B5的
Above change the auto run method of the drive.上述改變自動運行的方法驅動器。
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [ hkey_local_machine \軟件\微軟\的Windows \ currentversion \運行]
“jusodl” = “C:\WINDOWS\system32\severe.exe” “ jusodl ” = “為C : \的Windows \ system32 \ severe.exe ”
“pnvifj” = “C:\WINDOWS\system32\jusodl.exe” “ pnvifj ” = “為C : \的Windows \ system32 \ jusodl.exe ”
or或
“mpnxyl” = “C:\WINDOWS\system32\gfosdg.exe” “ mpnxyl ” = “為C : \的Windows \ system32 \ gfosdg.exe ”
“gfosdg” = “C:\WINDOWS\system32\severe.exe” “ gfosdg ” = “為C : \的Windows \ system32 \ severe.exe ”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] [ hkey_local_machine \軟件\微軟\ Windows NT的\ currentversion \ Winlogon中]
“Shell” = “explorer.exe C:\WINDOWS\system32\drivers\conime.exe” “空殼” = “ Explorer.exe的為C : \的Windows \的System32 \ Drivers \ conime.exe ”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] [ hkey_local_machine \軟件\微軟\ Windows NT的\ currentversion \圖像文件的執行選項]
Debugger = Windows system folder\drivers\pnvifj.exe調試器= Windows系統文件夾\司機\ pnvifj.exe
or或
“Debugger”=”C:\WINDOWS\system32\drivers\mpnxyl.exe” “調試” = “為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe ”
The above registry value is for the child registry key which based on the executables file names of the security programs, so that when these security software are been double clicked, the virus file that is been run.上面的註冊表值是為兒童的註冊表項,其中基礎上,可執行文件名的安全程式,因此當這些安全軟件是被雙重點擊,病毒文件即是被運行。 The child registry keys include:兒童的註冊表項,包括:
+ 360Safe.exe + 360safe.exe
+ adam.exe + adam.exe
+ avp.com + avp.com
+ avp.exe + avp.exe
+ IceSword.exe + icesword.exe
+ iparmo.exe + iparmo.exe
+ kabaload.exe + kabaload.exe
+ KRegEx.exe + kregex.exe
+ KvDetect.exe + kvdetect.exe
+ KVMonXP.kxp + kvmonxp.kxp
+ KvXP.kxp + kvxp.kxp
+ MagicSet.exe + magicset.exe
+ mmsk.exe + mmsk.exe
+ msconfig.com + msconfig.com
+ msconfig.exe + Msconfig.exe的
+ PFW.exe + pfw.exe
+ PFWLiveUpdate.exe + pfwliveupdate.exe
+ QQDoctor.exe + qqdoctor.exe
+ Ras.exe + ras.exe
+ Rav.exe + rav.exe
+ RavMon.exe + ravmon.exe
+ regedit.com + regedit.com
+ regedit.exe + Regedit.exe中
+ runiep.exe + runiep.exe
+ SREng.EXE + sreng.exe
+ TrojDie.kxp + trojdie.kxp
+ WoptiClean.exe + wopticlean.exe
The worm terminates following running process(es).該蠕蟲終止以下運行的進程(安老服務) 。 Targets (listed below) are antivirus software, firewall, system process, and other malicious codes.目標(下面列出)是防病毒軟件,防火牆,系統的過程中,和其他惡意代碼。 The command used in ‘net stop’ and using sc.exe to configure forbid usage of these services with the command “config [service_name] start=disabled”命令中使用的'淨一站式'和使用sc.exe配置,禁止使用這些服務與指揮“配置[ service_name ]開始=禁用”
srservice
sharedaccess
KVWSC kvwsc
KVSrvXP kvsrvxp
kavsvc
RsRavMon rsravmon
RsCCenter rsccenter
The virus also terminates and stops the following process from running:該病毒還終止和停止以下進程從運行:
PFW.exe pfw.exe
Kav.exe kav.exe
KVOL.exe kvol.exe
KVFW.exe kvfw.exe
adam.exe
qqav.exe
qqkav.exe
TBMon.exe tbmon.exe
kav32.exe
kvwsc.exe
CCAPP.exe ccapp.exe
EGHOST.exe eghost.exe
KRegEx.exe kregex.exe
kavsvc.exe
VPTray.exe vptray.exe
RAVMON.exe ravmon.exe
KavPFW.exe kavpfw.exe
SHSTAT.exe shstat.exe
RavTask.exe ravtask.exe
TrojDie.kxp trojdie.kxp
Iparmor.exe iparmor.exe
MAILMON.exe mailmon.exe
MCAGENT.exe mcagent.exe
KAVPLUS.exe kavplus.exe
RavMonD.exe ravmond.exe
Rtvscan.exe rtvscan.exe
Nvsvc32.exe nvsvc32.exe
KVMonXP.exe kvmonxp.exe
Kvsrvxp.exe kvsrvxp.exe
CCenter.exe ccenter.exe
KpopMon.exe kpopmon.exe
RfwMain.exe rfwmain.exe
KWATCHUI.exe kwatchui.exe
MCVSESCN.exe mcvsescn.exe
MSKAGENT.exe mskagent.exe
kvolself.exe
KVCenter.kxp kvcenter.kxp
kavstart.exe
RAVTIMER.exe ravtimer.exe
RRfwMain.exe rrfwmain.exe
FireTray.exe firetray.exe
UpdaterUI.exe updaterui.exe
KVSrvXp_1.exe kvsrvxp_1.exe
RavService.exe ravservice.exe
It also modifies HOSTS file to keep the user from connecting specifiec addresses.它還修改Hosts檔案,讓使用者從連接specifiec地址。 Generally, the addresses are homepages of Internet security sites and antivirus engine updates servers.一般來說,網頁地址是互聯網安全的網站和殺毒引擎的更新服務器。 So the infected system’s user can’t get information or engine updates to scan and remove the malicious code.因此,受感染的系統的用戶無法獲取信息或引擎更新,以掃描並刪除惡意代碼。
Following is the addresses that are blocked:以下是地址被封鎖:
127.0.0.1 localhost 127.0.0.1本地
127.0.0.1 mmsk.cn 127.0.0.1 mmsk.cn
127.0.0.1 ikaka.com 127.0.0.1 ikaka.com
127.0.0.1 safe.qq.com 127.0.0.1 safe.qq.com
127.0.0.1 360safe.com 127.0.0.1 360safe.com
127.0.0.1 www.mmsk.cn 127.0.0.1 www.mmsk.cn
127.0.0.1 www.ikaka.com 127.0.0.1 www.ikaka.com
127.0.0.1 tool.ikaka.com 127.0.0.1 tool.ikaka.com
127.0.0.1 www.360safe.com 127.0.0.1 www.360safe.com
127.0.0.1 zs.kingsoft.com 127.0.0.1 zs.kingsoft.com
127.0.0.1 forum.ikaka.com 127.0.0.1 forum.ikaka.com
127.0.0.1 up.rising.com.cn 127.0.0.1 up.rising.com.cn
127.0.0.1 scan.kingsoft.com 127.0.0.1 scan.kingsoft.com
127.0.0.1 kvup.jiangmin.com 127.0.0.1 kvup.jiangmin.com
127.0.0.1 reg.rising.com.cn 127.0.0.1 reg.rising.com.cn
127.0.0.1 update.rising.com.cn 127.0.0.1 update.rising.com.cn
127.0.0.1 update7.jiangmin.com 127.0.0.1 update7.jiangmin.com
127.0.0.1 download.rising.com.cn 127.0.0.1 download.rising.com.cn
127.0.0.1 dnl-us1.kaspersky-labs.com 127.0.0.1 dnl - us1.kaspersky - labs.com
127.0.0.1 dnl-us2.kaspersky-labs.com 127.0.0.1 dnl - us2.kaspersky - labs.com
127.0.0.1 dnl-us3.kaspersky-labs.com 127.0.0.1 dnl - us3.kaspersky - labs.com
127.0.0.1 dnl-us4.kaspersky-labs.com 127.0.0.1 dnl - us4.kaspersky - labs.com
127.0.0.1 dnl-us5.kaspersky-labs.com 127.0.0.1 dnl - us5.kaspersky - labs.com
127.0.0.1 dnl-us6.kaspersky-labs.com 127.0.0.1 dnl - us6.kaspersky - labs.com
127.0.0.1 dnl-us7.kaspersky-labs.com 127.0.0.1 dnl - us7.kaspersky - labs.com
127.0.0.1 dnl-us8.kaspersky-labs.com 127.0.0.1 dnl - us8.kaspersky - labs.com
127.0.0.1 dnl-us9.kaspersky-labs.com 127.0.0.1 dnl - us9.kaspersky - labs.com
127.0.0.1 dnl-us10.kaspersky-labs.com 127.0.0.1 dnl - us10.kaspersky - labs.com
127.0.0.1 dnl-eu1.kaspersky-labs.com 127.0.0.1 dnl - eu1.kaspersky - labs.com
127.0.0.1 dnl-eu2.kaspersky-labs.com 127.0.0.1 dnl - eu2.kaspersky - labs.com
127.0.0.1 dnl-eu3.kaspersky-labs.com 127.0.0.1 dnl - eu3.kaspersky - labs.com
127.0.0.1 dnl-eu4.kaspersky-labs.com 127.0.0.1 dnl - eu4.kaspersky - labs.com
127.0.0.1 dnl-eu5.kaspersky-labs.com 127.0.0.1 dnl - eu5.kaspersky - labs.com
127.0.0.1 dnl-eu6.kaspersky-labs.com 127.0.0.1 dnl - eu6.kaspersky - labs.com
127.0.0.1 dnl-eu7.kaspersky-labs.com 127.0.0.1 dnl - eu7.kaspersky - labs.com
127.0.0.1 dnl-eu8.kaspersky-labs.com 127.0.0.1 dnl - eu8.kaspersky - labs.com
127.0.0.1 dnl-eu9.kaspersky-labs.com 127.0.0.1 dnl - eu9.kaspersky - labs.com
127.0.0.1 dnl-eu10.kaspersky-labs.com 127.0.0.1 dnl - eu10.kaspersky - labs.com
The virus is may also affect USB flash drive or portable hard disk, by autorun OSO.exe.該病毒是也可能影響USB快閃磁碟機或便攜式硬盤,自動oso.exe 。 All non system partition will contains OSO.exe and autorun.inf virus files too.所有非系統分區將包含oso.exe和病毒的Autorun.inf文件太多。 Beside, system time may be changed too to cause some anti virus programs to expire.旁邊的,系統的時間可能會改變,也造成一些反病毒程序過期。
How to Remove and Disinfect Worm.Pabug.ck or Worm.Pabug.co Manually 如何刪除及消毒worm.pabug.ck或worm.pabug.co手動
To run antivirus program that has been disabled, you can try to rename the antivirus executable file name to another file name, and then run the new file name.運行防病毒程序已被禁用,您可以嘗試重新命名的防病毒的可執行文件的名稱到另一個文件名,然後運行新的檔案名稱。
Terminate and end the following processes (tasks) using Task Manager (alternative you can use procexp):終止和結束下列進程(任務)使用任務管理器(替代您可以使用procexp ) :
%systemroot%\system32\gfosdg.exe的% SystemRoot % \ system32 \ gfosdg.exe
%systemroot%\system32\severe.exe的% SystemRoot % \ system32 \ severe.exe
%systemroot%\system32\drivers\conime.exe的% SystemRoot % \的System32 \ Drivers \ conime.exe
Remove the registry key added by virus under the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options registry key using Registry Editor or刪除註冊表項添加病毒在HKEY_LOCAL_MACHINE \軟件\微軟\ Windows NT的\ currentversion \圖像文件的執行Options註冊表項使用註冊表編輯器或 Autoruns autoruns (for Autoruns, remember to first select Options -> Hide Microsoft Entries to avoid mistaken delete valid entries). This process will allow anti virus or security software or system utilities such as IceSword, SREng and etc to be able to function properly again: ( autoruns ,請記得先選擇選項-> “隱藏微軟的項目,以避免錯誤的刪除有效作品) ,這個過程將允許反病毒軟件或安全軟件或系統工具,如i cesword, s reng等,以便能夠正常運作,再次:
+ 360Safe.exe c:\windows\system32\drivers\mpnxyl.exe + 360safe.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ adam.exe c:\windows\system32\drivers\mpnxyl.exe + adam.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ avp.com c:\windows\system32\drivers\mpnxyl.exe + avp.com為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ avp.exe c:\windows\system32\drivers\mpnxyl.exe + avp.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ IceSword.exe c:\windows\system32\drivers\mpnxyl.exe + icesword.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ iparmo.exe c:\windows\system32\drivers\mpnxyl.exe + iparmo.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ kabaload.exe c:\windows\system32\drivers\mpnxyl.exe + kabaload.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ KRegEx.exe c:\windows\system32\drivers\mpnxyl.exe + kregex.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ KvDetect.exe c:\windows\system32\drivers\mpnxyl.exe + kvdetect.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ KVMonXP.kxp c:\windows\system32\drivers\mpnxyl.exe + kvmonxp.kxp為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ KvXP.kxp c:\windows\system32\drivers\mpnxyl.exe + kvxp.kxp為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ MagicSet.exe c:\windows\system32\drivers\mpnxyl.exe + magicset.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ mmsk.exe c:\windows\system32\drivers\mpnxyl.exe + mmsk.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ msconfig.com c:\windows\system32\drivers\mpnxyl.exe + msconfig.com為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ msconfig.exe c:\windows\system32\drivers\mpnxyl.exe + Msconfig.exe的為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ PFW.exe c:\windows\system32\drivers\mpnxyl.exe + pfw.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ PFWLiveUpdate.exe c:\windows\system32\drivers\mpnxyl.exe + pfwliveupdate.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ QQDoctor.exe c:\windows\system32\drivers\mpnxyl.exe + qqdoctor.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ Ras.exe c:\windows\system32\drivers\mpnxyl.exe + ras.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ Rav.exe c:\windows\system32\drivers\mpnxyl.exe + rav.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ RavMon.exe c:\windows\system32\drivers\mpnxyl.exe + ravmon.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ regedit.com c:\windows\system32\drivers\mpnxyl.exe + regedit.com為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ regedit.exe c:\windows\system32\drivers\mpnxyl.exe + Regedit.exe中為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ runiep.exe c:\windows\system32\drivers\mpnxyl.exe + runiep.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ SREng.EXE c:\windows\system32\drivers\mpnxyl.exe + sreng.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ TrojDie.kxp c:\windows\system32\drivers\mpnxyl.exe + trojdie.kxp為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
+ WoptiClean.exe c:\windows\system32\drivers\mpnxyl.exe + wopticlean.exe為C : \的Windows \的System32 \ Drivers \ mpnxyl.exe
Remove the following auto run on Windows startup registry entries located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run registry key by using Registry Editor or SREng (System Repair Engineer)刪除以下的汽車上運行Windows啟動的註冊表項位於hkey_local_machine \軟件\微軟\的Windows \ currentversion \運行註冊表項使用註冊表編輯器或sreng (系統維修工程師)
“mpnxyl”=”C:\WINDOWS\system32\gfosdg.exe” “ mpnxyl ” = “為C : \的Windows \ system32 \ gfosdg.exe ”
“gfosdg”=”C:\WINDOWS\system32\severe.exe” “ gfosdg ” = “為C : \的Windows \ system32 \ severe.exe ”
Also navigate to the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon registry key, double click on it and remove the text behind “Explorer.exe” in the value data, so that it will become looked like as below:也瀏覽到HKEY_LOCAL_MACHINE \軟件\微軟\ Windows NT的\ currentversion \ Winlogon中的註冊表項,雙擊就資訊科技和刪除文本背後的“ explorer.exe ” ,在數值數據,使之成為看上去像如下:
“shell”=”Explorer.exe” “空殼” =的“ explorer.exe ”
Next delete all files planted by the virus.明年刪除所有檔案種植的禽流感病毒。 Note that even if you right click on these infected files may trigger the infection process, so it’s recommended to use IceSword or WinRAR to delete these files:請注意,即使你按一下滑鼠右鍵,這些受感染的文件可能引發感染的過程,因此它的推薦使用icesword或WinRAR要刪除這些文件:
%systemroot%\system32\gfosdg.exe的% SystemRoot % \ system32 \ gfosdg.exe
%systemroot%\system32\gfosdg.dll的% SystemRoot % \ system32 \ gfosdg.dll
%systemroot%\system32\severe.exe的% SystemRoot % \ system32 \ severe.exe
%systemroot%\system32\drivers\mpnxyl.exe的% SystemRoot % \的System32 \ Drivers \ mpnxyl.exe
%systemroot%\system32\drivers\conime.exe的% SystemRoot % \的System32 \ Drivers \ conime.exe
%systemroot%\system32\hx1.bat的% SystemRoot % \ system32 \ hx1.bat
%systemroot%\system32\noruns.reg的% SystemRoot % \ system32 \ noruns.reg
X:\OSO.exe x : \ oso.exe
X:\autorun.inf x : \的Autorun.inf
X mean all non system partitions, including your USB flash drive and portable hard disk. X平均數的所有非系統分區,包括您的USB閃存驅動器和便攜式硬盤。
System Recovery and Clean Up 系統恢復和清理
Navigate to the following registry keys and add back the original value.瀏覽到下列註冊表項和添加回原來的價值。
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] [ hkey_local_machine \軟件\微軟\的Windows \ currentversion \ Explorer中\高級\文件夾\隱藏\ showall ]
“CheckedValue”=dword:00000001 “ checkedvalue ” =的DWORD : 00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] [ hkey_current_user \軟件\微軟\的Windows \ currentversion \政策\總管]
“NoDriveTypeAutoRun” value is vary depending on system, normally by default it will set as 91 (in HEX value) “ nodrivetypeautorun ”的價值是有所不同的制度,通常默認情況下,將定為91 (在十六進制值)
Next remove all contents added by the worm in Hosts file.明年刪除所有的內容補充,由該蠕蟲在Hosts檔案。 Use Notepad to open %systemroot%\system32\drivers\etc\hosts, and remove the entries or lines specified above.使用記事本打開的% SystemRoot % \的System32 \ Drivers \等\主持人,並刪除項目或指定線以上。 If you’re using SREng, simply click on “System Recovery” -> “Hosts file”, then click “Replace” and then “Save”.如果您使用sreng ,只需點擊“系統恢復” -> “ ” H osts檔案“ ,然後點擊”替換“ ,然後”保存“ 。
Finally, you will need to recover or repair or reinstall the anti virus program, if it has been damaged.最後,您將需要恢復或修復或重新安裝反病毒程序,如果它已損壞。
IMPORTANT : This is a machine translated page which is provided "as is" without warranty. 重要說明 :這是一個機器翻譯網頁是“按原樣”提供的擔保。 Machine translation may be difficult to understand.機器翻譯可能很難理解。 Please refer to請參閱 original English article英文原版的文章 whenever possible.只要有可能。
Share and contribute or get technical support and help at分享和貢獻,或取得技術的支持和幫助,在 My Digital Life Forums 我的數字生活論壇 . 。
Related Articles相關文章
- Create Your Own Removal Tool創建自己的移除工具
- Uninstall and Remove Norton Products Completely with Norton Removal Tool卸載並刪除Norton的產品完全與Norton移除工具
- Download Latest Kaspersky Virus Removal Tool v7.0.0.223下載最新卡巴斯基病毒清除工具v7.0.0.223
- Google Adsense Infected by Trojan.Qhost.WU Google AdSense的感染trojan.qhost.wu
- How to Use Windows Malicious Software Removal Tool (MRT.EXE) in Vista, XP, 2000 and 2K3如何使用Windows惡意軟件刪除工具( mrt.exe )在Vista , XP中, 2000年和2k3
- Malicious Software Removal Tools by Microsoft惡意軟件清除工具,微軟
- Spyware Doctor 3.5 for Windows Review by NewsFactor Spyware Doctor的3.5用於Windows審查NewsFactor網站
- Best Spyware Removal and Anti-Spyware Software Reviews最好的間諜軟件清除和反間諜軟件評論
- Beware of Spyware While Browsing Edison Chen’s Sex Scandal Photos提防間諜軟件,而瀏覽陳冠希的緋聞照片
- How to Hard Reset (Clean Boot) Eten Glofiish M800如何硬復位(乾淨啟動) eten glofiish m800
