新西兰天维网社区

标题: 电脑中毒 [打印本页]

作者: vivianqq 时间: 2009-7-18 21:41:21 标题: 电脑中毒

我的电脑中毒了，现在竟如安全莫shi(my computer is on safe mode now) because the virus program keep coming up say you are in danger with virus infecting the computer, but the virus program wants to install itself on the the computer saying it will protect you from virus. But it tries to uninstall my virus checker and says I must pay to remove the virus. The virus calls it self system protector.

作者: 3rdman 时间: 2009-7-18 22:00:32

go borrow a WinPE cd then boot into WinPE and copy all the datas u want to keep in c drive into other partition.
format ur c drive reinstall windows, and first thing first install antivir classic (free antivirus from http://www.free-av.com/) update it then do a full pc scan.

that's best option i'll do in ur situation, since it seems the core is already corrupted and rather than trying to fix the os i'll suggest that u do the steps above and keep up ur virus protection this time.

作者: lijin40000 时间: 2009-7-18 22:19:02

试一下这个吧
System Protector manual removal:
Kill processes:
install.exe lsascs.exe windll32.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" => 1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\System Protector
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\System Protector
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{107A1D63-2EAA-4694-8ABA-EC209C630D83}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\System Protector
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\System Protector
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\lsascs.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "System Protector"
HELP:
how to remove registry entries

Unregister DLLs:
shellex.dll

HELP:
how to unregister malicious DLLs

Delete files:
install.exe lsascs.exe shellex.dll windll32.exe SpyProtectorSC_Base_new.dat SpyProtectorSC_Config.ini System Protector.lnk Purchase License.url Support Page.url spyprotector.cpl
HELP:
how to remove harmful files

Delete directories:
C:\Program Files\System Protector

网站的联接是http://www.2-spyware.com/remove-system-protector.html

作者: vivianqq 时间: 2009-7-18 22:28:38 标题: 回复 2# 3rdman 的帖子

thank you so much,

作者: vivianqq 时间: 2009-7-18 22:29:42 标题: 回复 3# lijin40000 的帖子

thanks, your advice

作者: vivianqq 时间: 2009-7-18 22:37:29 标题: 回复 2# 3rdman 的帖子

hi, what's winpe

作者: vivianqq 时间: 2009-7-18 22:40:27 标题: 回复 3# lijin40000 的帖子

i went to the webside, i couldn't find any of the registry values on my computer now, what shouuld i do now

作者: lijin40000 时间: 2009-7-18 22:42:58

you mean you couldn't find any registry values on that list in your registry, is that right?

作者: vivianqq 时间: 2009-7-18 23:51:26 标题: 回复 8# lijin40000 的帖子

yes, so what should i do

作者: vivianqq 时间: 2009-7-18 23:56:12

and, the computer is off line now , but always coming up information : the webpage you requested is not available offline, to view this page, click connect, .

作者: 一天 时间: 2009-7-19 00:17:06

原帖由 vivianqq 于 2009-7-18 22:37 发表
hi, what's winpe

虽然没用过，网上查查 Win pe下载能找到很多。

作者: lijin40000 时间: 2009-7-19 00:58:25

不要进safe mode正常启动windows你应该会找到那些东西

作者: lijin40000 时间: 2009-7-19 01:00:02

在你删任何东西之前,一定要把重要的文件做backup,万一你删完不能进windows你就麻烦了,如果不行的话,就只能重装windows了

作者: kennelly 时间: 2009-7-19 09:32:30

提示: 作者被禁止或删除内容自动屏蔽

作者: pctech 时间: 2009-7-19 11:51:35

顶LSD的MM

作者: kennelly 时间: 2009-7-19 12:55:43

提示: 作者被禁止或删除内容自动屏蔽

作者: 胡思≮乱想 时间: 2009-7-19 13:02:16

han....ls and ls you guys flirting?

作者: kennelly 时间: 2009-7-19 13:05:48

提示: 作者被禁止或删除内容自动屏蔽

欢迎光临新西兰天维网社区 (http://bbs.skykiwi.com/)