Handling Method after encountering malicious code

In the past two days, I opened the IE browser and went to the Norton website to download the latest virus database. I suddenly found that I couldn't get it. I suspected it was a Trojan program, so I opened the registry, find "HKEY_LOCAL_MACHINE/software/Microsoft/windwos/CurrentVersion/Run" and check carefully. No suspicious programs are found. Then open the process viewer, and there are no suspicious processes. Use Norton to scan for viruses in "safe mode.

Try again and find that not only Norton, but Goole cannot be accessed, but Sina, Sohu, and other websites are OK.

If a problem occurs during local domain name resolution, open the C:/winnt/system32/Drivers/etc directory and use NotePad to compile the hosts file. Sure enough, Google, Norton and other websites are directed to a certain IP address, delete all of them, and then open IE, OK, everything is normal. The cause of this problem may be caused by a prompt to download the plug-in from a website of the previous type. After the result is downloaded successfully, it is recommended that you visit the website later, be careful when you are prompted to download the plug-in. You must check the plug-in before downloading it. Otherwise, it will be very difficult to get started. For this type of malicious code, sometimes anti-virus software is powerless.

The content of the hosts file is as follows:

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample hosts file used by Microsoft TCP/IP for Windows.
#
# This file contains the Mappings of IP addresses to host names. Each
# Entry shoshould be kept on an individual line. The IP address shold
# Be placed in the first column followed by the corresponding host name.
# The IP address and the host name shocould be separated by at least one
# Space.
#
# Additionally, comments (such as these) may be inserted on individual
# Lines or following the machine name denoted by a' # 'symbol.
#
# For example:
#
#102.54.94.97 rhino.acme.com # source server
#38.25.63.10 x.acme.com # X client host

127.0.0.1 localhost

127.0.0.1 www.google.com
127.0.0.1 www.symantec.com
127.0.0.1 securityresponse.tetec.com
127.0.0.1 symantec.com
127.0.0.1 www.sophos.com
127.0.0.1 sophos.com
127.0.0.1 www.mcafee.com
127.0.0.1 mcafee.com
127.0.0.1 liveupdate.tetecliveupdate.com
127.0.0.1 www.viruslist.com
127.0.0.1 viruslist.com
127.0.0.1 viruslist.com
127.0.0.1 f-secure.com
127.0.0.1 www.f-secure.com
127.0.0.1 kaspersky.com
127.0.0.1 kaspersky-labs.com
127.0.0.1 www.avp.com
127.0.0.1 www.kaspersky.com
127.0.0.1 avp.com
127.0.0.1 www.networkassociates.com
127.0.0.1 networkassociates.com
127.0.0.1 www.ca.com
127.0.0.1 ca.com
127.0.0.1 mast.mcafee.com
127.0.0.1 my-etrust.com
127.0.0.1 www.my-etrust.com
127.0.0.1 download.mcafee.com
127.0.0.1 dispatch.mcafee.com
127.0.0.1 secure.nai.com
127.0.0.1 nai.com
127.0.0.1 www.nai.com
127.0.0.1 update.symantec.com
127.0.0.1 updates.tetec.com
127.0.0.1 us.mcafee.com
127.0.0.1 liveupdate.symantec.com
127.0.0.1 customer.symantec.com
127.0.0.1 rads.mcafee.com
127.0.0.1 trendmicro.com
127.0.0.1 www.trendmicro.com
127.0.0.1 www.grisoft.com
127.0.0.1 www.microsoft.com
127.0.0.1 www.virustotal.com
127.0.0.1 virustotal.com