When you see this topic will certainly feel the manual anti-virus really very simple? The author wrote this article is to let all the rookie in the face of the virus can easily kill it, rather than reload the system, or in the reload N system after the helpless choice format, the result is still unable to expel nasty virus out of your poor computer. Today we have a manual cleanup of the "AV Terminator", one of the more serious viruses this year, to show you how to manually clean up this non-infected exe. File type of virus (this is described in the way to clean up the source of the virus after the use of special kill tools can still be used to clean infected EXE-type virus).
The first step: the Enemy, invincible
To overcome the AV terminator, we first need to understand our situation and its characteristics and weaknesses. Let's begin by understanding the features of the following AV Terminator execution:
1. Files that generate random file names in multiple folders
An older version of AV terminator can view 2 random names in Task Manager, and the new variant file name format has changed, and I've encountered 2 of them at the moment.
One is random 8-letter + digital. EXE and random 8-letter + number. dll, and the other is 6 random letters of EXE files and INF files. No matter how many variants they save, the paths are probably the following:
C:\windows
C:\windows\help
C:\Windows\Temp
C:\windows\system32
C:\Windows\System32\drivers
C:\Program Files\
C:\Program Files\Common Files\microsoft shared\
C:\Program Files\Common Files\microsoft shared\MSInfo
C:\Program Files\Internet Explorer
and IE cache, etc.
This is my personal summary, along with the mutation of the virus. Get the other one. I only provide references here.
2. Infected disk and USB drive
When you have an AV terminator in your system, you will find that when you right-click on the disk will appear a "auto" that is the meaning of automatic operation, at this time your computer has been poisoned, and if you attempt to insert a mobile hard disk, u disk, or burn a disc to save important information, will be infected. This also causes the virus to continue after many users reload the system or even format the disk.
When you reload the system, there will be a double click to open the hard drive to find software or drivers, this time the parasitic in your disk root directory of the Autorun.inf file will play a function of the virus back to the dead. This is definitely not a sensational Oh!