Release sxs2.exe virus bat exclusive

The sxs2.exevirus changed the system time to April 1, 1980, and the business was stopped immediately. The computer was planted by connecting the sxs2.exe program with autorun.
Copy the following text to the text file and save it as "Clear sxs2.bat". Double-click it to run.

Copy codeThe Code is as follows: @ echo off
Color 1a
Echo.
Echo welcome
Echo.
Echo the main program is responsible for the sxs2.exe virus, the main symptoms is "the time was changed to, boot prompt time error
Echo cannot view hidden files, Kaspersky prompts activation error, disk needs to be right-clicked to open ", etc.
Echo.
If the echo time is incorrect, manually modify it after the program runs successfully. This program is not responsible for this.
Echo.
Echo.
Echo ---------------------------- by computer clinic -----------------
Echo.
Echo.
Echo and press Ctrl C to exit the program
Pause
Echo.
Echo --------------------------------- start now ------------------
Echo.
@ Echo off
Echo is about to terminate the sxs2.exe Process
Echo and press Ctrl C to exit the program
Echo.
Echo: if this program prompts "error: No process found" sxs2.exe "", the virus has stopped running.
Echo.
Pause
Taskkill/f/im sxs2.exe
Taskkill/f/im sxs2.exe
Echo.
Echo starts to delete the sxs2.exe component under the C to K directory
Echo.
The Desktop may disappear and the opened folder may be closed in the middle of echo, so don't worry too much.
Echo.
Echo and press Ctrl C to exit the program
Echo.
Pause
Md c: \ hold
Echo.
Copy % SYSTEMROOT % \ system32 \ autorun.exe c: \ hold
Taskkill/f/im EXPLORER. EXE
Echo.
Del/f/a % SYSTEMROOT % \ system32 \ autorun .*
Del/f/a c: \ autorun .*
Del/f/a c: \ desktop. ini
Del/f/a c: \ folder. htt
Del/f/a c: \ sxs2.exe
Echo.
Copy c: \ hold \ autorun.exe % SYSTEMROOT % \ system32 \ autorun.exe
Echo.
Rd/s/q c: \ hold
Echo.
Del/f/a D: \ autorun .*
Del/f/a D: \ desktop. ini
Del/f/a D: \ folder. htt
Del/f/a D: \ sxs2.exe
Echo.
Del/f/a E: \ autorun .*
Del/f/a E: \ desktop. ini
Del/f/a E: \ folder. htt
Del/f/a E: \ sxs2.exe
Echo.
Del/f/a F: \ autorun .*
Del/f/a F: \ desktop. ini
Del/f/a F: \ folder. htt
Del/f/a F: \ sxs2.exe
Echo.
Del/f/a G: \ autorun .*
Del/f/a G: \ desktop. ini
Del/f/a G: \ folder. htt
Del/f/a G: \ sxs2.exe
Echo.
Del/f/a H: \ autorun .*
Del/f/a H: \ desktop. ini
Del/f/a H: \ folder. htt
Del/f/a H: \ sxs2.exe
Echo.
Del/f/a I: \ autorun .*
Del/f/a I: \ desktop. ini
Del/f/a I: \ folder. htt
Del/f/a I: \ sxs2.exe
Echo.
Del/f/a J: \ autorun .*
Del/f/a J: \ desktop. ini
Del/f/a J: \ folder. htt
Del/f/a J: \ sxs2.exe
Echo.
Del/f/a K: \ autorun .*
Del/f/a K: \ desktop. ini
Del/f/a K: \ folder. htt
Del/f/a K: \ sxs2.exe
Echo.
Start C: \ WINDOWS \ EXPLORER. EXE
The components from echo C to K-drive root directory have been deleted.
Echo.
Echo is now ready to solve the problem of opening the "show all files and folders" option and double-clicking the drive letter in a new window.
Echo and press Ctrl C to exit the program
Echo.
Pause
Reg delete HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Advanced \ Folder \ Hidden \ SHOWALL/v checkedValue/f
Reg add HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Advanced \ Folder \ Hidden \ SHOWALL/v checkedValue/t REG_DWORD/d 00000001
Reg delete HKCR \ Drive \ shell/ve/f
Reg add HKCR \ Drive \ shell/ve/t REG_SZ/d none
Echo.
Echo starts deleting the startup item in the Registry
Echo.
Echo if the program prompts "error: the system cannot find the specified registry key or value", the startup entry of the virus has been deleted.
Echo or a new variant has appeared. Remove it on the "System Configuration Utility" page.
Echo.
Echo and press Ctrl C to exit the program
Echo.
Pause
Reg delete HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run/v sxs2/f
Reg delete HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run/v sxs2.exe/f
Echo.
Echo now opens the "System Configuration Utility". Please check whether there are any other startup items. If so, remove them by yourself.
Echo.
Echo and press Ctrl C to exit the program
Pause
Start msconfig
Echo.
Echo.
Echo cleaning is complete. To ensure successful removal, log out of the machine.
Echo.
For more information about echo, please go to the "Computer clinic" in colorland. Thank you for using it.
Echo.
Pause