Accidentally infected with bloodhound. nsanti

An unverified webpage was opened accidentally. After the webpage was opened, Norton started to issue an alarm, prompting bloodhound. nsanti virus, I thought that since Norton was able to discover it, it would be okay to handle it. After a while, I found that the machine was abnormal, So I disconnected the network and restarted it to see what was going on.

After the restart, the local task manager first looks at it, and then finds an lsass.exe process. A closer look shows that the path is C: \ WINDOWS \ SYSTEM \ Program. The creation time of these two files is exactly when I was infected with the virus, and then C: check the \ windows \ system32directory file. A few files are written in the same time with the names of a1_1cmd.exe, and delete them all without saying anything. Now we can see that the fake lsass.exe cannot be killed, and the system regards it as its own. You can switch to the security mode to get everything done.

Crash, and even if the process is killed, it will also restart. It's a dark ghost and I haven't figured out how to solve it for a long time. I searched Baidu and found someone recommended the icesword software. I looked at it as a green software. I used it next time. It was really not covered. It was awesome.Program. The abnormal iee.exe process was found at first run, and it was actually in a "synchronization" (the English word is like sync... I can't remember anything.) I also found that the destination address is a guy from Chengdu, Sichuan. Now kill this abnormal process in icesword, ah, the world is finally quiet ....

All in all, we strongly recommend icesword! Very good little green program!