Experts talk about how to combat the avterminator Virus"

The avterminator has been playing for more than a month. Many friends already know that the avterminator of Kingsoft can resume the anti-virus software function, and then upgrade the anti-virus software to solve many problems. No matter whether the Internet users are drug overlord users or not, it is our greatest pleasure that the drug overlord program can solve problems for the Internet users.

Now we have observed a new trend: the number of avterminator viruses is updated quickly, but each has its own personality. A virus does not invade many machines in a large area, but spreads in a small scope. However, because of the large number of these populations, it is still a great headache for Internet users. It also brings challenges to antivirus software vendors-it is more difficult to collect all samples of avterminator.

Another trend: the avterminator virus is actually a trojan download tool. Since it is a download tool, you can download the trojan and update yourself. We found that the avterminator virus is updated quickly. Once the author finds that the program itself or the downloaded Trojan can be found by the antivirus software, the updated program will be released. The number of antivirus vendors is far smaller than that of virus studios; the number of virus writers is far greater than that of antivirus software; similarly, there are far more people who spread viruses than those who sell antivirus software.

This method is too much like the "sparrow war" of the Eighth Route Army in the War of Resistance-a small battle is everywhere. Now the virus disseminators use this method to fight anti-virus software.

How can we fight back?

A more complete sample collection system is very important. Our cleaning experts 2.0 have integrated the sample collection function. Netizens only need to submit unknown add-ons to complete the sample reporting process.

What Should netizens do? Because there will always be Internet users hit by viruses that leak the internet.

We have discussed a lot about the anti-virus method. The exclusive killing tool restores the anti-virus software function and then uses the anti-virus software to solve the virus. Delete the new virus as prompted by the automatic analysis system. Internet users need to pay more attention to the upgrade of anti-virus software.

Because these viruses are transmitted by activating the automatic playback function, many users may encounter an unpredictable virus, which may cause reinstallation and poor operation habits. They always double-click the icon to find the target program or document. In this way, you will feel that it is a virus and cannot be formatted. Is it necessary for me to use a low-level hard disk.

We should start from blocking automatic playback to control the spread of viruses. Automatic playback also has two scenarios: one is to configure autorun. inf under the root directory of each disk or mobile hard disk, storage card, and USB flash drive; the other is to modify the registry key. We use different methods for processing.

First, what we say is the most simple and easy to use. Use the Group Policy Editor to disable automatic playback.

Step: Run gpedit. msc, open the Group Policy Editor, browse to Computer Configuration → manage template → system, double-click to disable automatic playback, select all drives, OK, and restart the computer.

This method is not suitable for Winxp Hom, because Uncle Bill is too stingy and the Group Policy Editor is detained in xp home. In this case, Kingsoft drug overlord can be used to solve the problem. Step: double-click the red shield in the lower-right corner, click the tool menu> comprehensive Settings> other settings, select "Disable disk or USB flash drive automatic operation function", and restart after confirmation. This method can be used in both versions of WINXP. We recommend that you use this method for all drug overlord users.

The above operations make the autorun. inf configuration on the local disk, USB flash disk, mobile hard disk, and memory card completely invalid. It is strongly recommended that all new OS users immediately disable the automatic playback function and then access other partitions or mobile storage devices.

Second, some viruses directly modify the registry so that the above operations cannot be solved. You need to manually modify the corresponding keys of the Registry to fix the problem.

Hkey_current_usersoftwaremicrosoftwindowscurrentversionpolicermountpoints2

The right-click menu is defined here to delete the child keys related to the virus program reference.

HKEY_CLASSES_ROOTDriveshell

Delete the registration key related to the virus.
You can also find these virus programs based on the paths of the virus files referenced in the preceding two keys and submit them to the antivirus software vendor.