Using linux to manually kill a small experience-manually clear the dnsq. dll Virus

Rely on linux to manually kill a small experience-manually clear the dnsq. dll virus-general Linux technology-Linux technology and application information. The following is a detailed description. Recently, a virus has been detected on the machine in the lab. The main manifestation of the virus is that cmd command lines are often popped up during use of xp, and sometimes the IE connection page is automatically opened; 360 the security guard and Kaspersky are disabled. The kill tool restarts the computer as soon as it is dispatched. The task manager displays two users (Note: The paths lsass.exeand smss.exe that are not supported by systemstores cannot end. Search for "dnsq" on the Internet. dll "or" virus "is immediately forced to close the browser ...... the virus author xxx is in great trouble. after more than two hours of research, we found the clearing method. the author's capabilities are still limited. Where can I find the virus that can be manually killed?

First of all, there are many variants of the virus that will generate many virus programs. Therefore, the method I will introduce next may only be a reference. in addition, I can see from my article that I have used linux to prevent viruses. If your computer only has xp installed (this is also the vast majority of cases ), sorry, this article may not help you. however, after reading this article, you may find that even if you don't usually use linux, linux can be used for you. It's okay to kill viruses? In addition, if you are not familiar with linux commands, you can check the relevant information, which is not difficult.

Virus feature File
First, autorun is generated under the root directory of each infected windows partition. ini and pagefile. pif file; there will also be a 032759.logunder c: \ (this file name is generally a number + log suffix, not necessarily 032759); There is a dnsq under c: \ windows \ system32. dll; four files are generated under c: \ windows \ system32 \ com \:. For example, in c: \ windows \ system32 \, the directory. exe, lsass.exe, and smss.exe are also infected; in c: \ Documents and Settings \ All Users \ Start \ generate disgusting ~. Exe program (this disgusting name is probably a childhood shadow). These are the programs that the virus runtime depends on or are infected.

Benefits of clearing Windows partition viruses using Linux
Whether the two programs are deleted. If yes, they are automatically generated. therefore, manually killing it in windows can only be an endless solution, and the spring breeze is born again. however, kill in linux is different. Because you use linux to read windows partitions, in fact windows is not guided, and the virus does not trigger. For you, you only need to delete several files in the windows partition, but which virus programs cannot run at all (who makes most virus makers write only a few windows viruses ?). Therefore, in linux, virus can only be manually killed. As long as you clean the virus, it will not work.

Manually clear
The files, such as logs,. dll,. log, and. pgf are all found and deleted if the name is suspicious.

However, remember that if c: \ windows \ system32 \'s cmd.exe, lsass.exe, and smss.exe are deleted, your windwos may fail to boot normally. therefore, my solution is to delete the three programs and copy the three clean programs from the students' machine and put them back to c: \ windows \ system32. in this way, the virus detection and removal work is basically completed.

Last
If you are not at ease with this method, you can move the file to be deleted to the linux partition (equivalent to cutting + pasting) and start windows. If any deletion error is found, you can also go back to linux and put the corresponding files back to their original locations.

Also, because the virus is manually exclusive and has many variants, you may not have all the virus files mentioned above, or you may not have mentioned them here. in short, manual virus detection requires patience and care. Be good at discovering suspicious programs and try more. when I was killing the virus, I switched back and forth between linux and windows over 10 times and 20 times. however, the pleasure after successful detection and removal is amazing and worth a try.