pegefile.pif病毒手动清除方法及专杀工具下载
一:1.到down.45it.com下载费尔木马强制删除器工具.zip,解压缩打开PowerRmv.exe,在文件名处依次输入
| C:\Program Files\Internet Explorer\PLUGINS\NewTemp.bak C:\Program Files\Internet Explorer\PLUGINS\NewTemp.dll 以及所有分区下的PegeFile.pif和autorun.inf文件 |
,并勾选"抑制文件再次生成"最后点击清除来删除该文件。
二:ctrl+alt+del打开任务管理器,结束explorer.exe 进程然后删除以下文件(参考步骤一)
| C:\DOCUME~1\TestUser\LOCALS~1\Temp\2.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\1.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\mhso.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\mhso0.dll C:\DOCUME~1\TestUser\LOCALS~1\Temp\3.exe C:\WINDOWS\system32\ztinetzt.exe C:\WINDOWS\system32\ztinetzt.dll C:\DOCUME~1\TestUser\LOCALS~1\Temp\4.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\rxso.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\rxso0.dll C:\DOCUME~1\TestUser\LOCALS~1\Temp\5.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\6.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\qjso.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\qjso0.dll C:\WINDOWS\system32\Ravasktao.exe C:\WINDOWS\system32\Ravasktao.dll C:\DOCUME~1\TestUser\LOCALS~1\Temp\7.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\tlso.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\tlso0.dll C:\DOCUME~1\TestUser\LOCALS~1\Temp\8.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\daso.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\daso0.dll C:\DOCUME~1\TestUser\LOCALS~1\Temp\7.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\8.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\9.exe C:\Program Files\Internet Explorer\PLUGINS\System64.Jmp C:\Program Files\Internet Explorer\PLUGINS\System64.Sys C:\DOCUME~1\TestUser\LOCALS~1\Temp\10.exe C:\WINDOWS\system32\Drivers\usbinte.sys C:\WINDOWS\system32\visin.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\11.exe C:\WINDOWS\system32\mydata.exe C:\WINDOWS\system32\moyu103.dll C:\DOCUME~1\TestUser\LOCALS~1\Temp\13.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\wlso.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\wlso0.dll C:\DOCUME~1\TestUser\LOCALS~1\Temp\14.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\wgso.exe C:\DOCUME~1\TestUser\LOCALS~1\Temp\wgso0.dll C:\DOCUME~1\TestUser\LOCALS~1\Temp\15.exe C:\WINDOWS\system32\wuclmi.exe C:\WINDOWS\system32\wincfg.exe C:\WINDOWS\system32\mvdbc.exe C:\WINDOWS\system32\packet.dll C:\WINDOWS\system32\pthreadVC.dll C:\WINDOWS\system32\wanpacket.dll C:\WINDOWS\system32\wpcap.dll C:\WINDOWS\system32\drivers\npf.sys C:\WINDOWS\system32\npf_mgm.exe C:\WINDOWS\system32\daemon_mgm.exe C:\WINDOWS\system32\NetMonInstaller.exe C:\WINDOWS\system32\rpcapd.exe C:\WINDOWS\system32\capinstall.exe |
三:开始菜单-运行-输入“regedit”打开注册表删除以下标橙色的项
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Run "wosa" = %TEMP%WOSO.EXE "mhsa" = %TEMP%MHSO.EXE "Microsoft Autorun14" = %SYSTEM%\ZTINETZT.EXE "rxsa" = %TEMP%RXSO.EXE "qjsa" = %TEMP%QJSO.EXE "Microsoft Autorun9" = %SYSTEM%\RAVASKTAO.EXE "tlsa" = %TEMP%TLSO.EXE "dasa" = %TEMP%DASO.EXE "wlsa" = %TEMP%WLSO.EXE "wgsa" = %TEMP%WGSO.EXE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nm HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0EA66AD2-CF26-2E23-532B-B292E22F3266} |
pegefile.pif病毒专杀工具下载地址:/it/200706/2213.html
推荐
热点