The virus is invisible and finds out the culprit.

Virus camouflage is generally concealed. For example, a common USB flash drive virus is actually a root directory hidden EXE file that works with the Registry to achieve repeated infections. Since viruses are invisible, they also set up Operation barriers that prohibit users from seeing themselves (some low-level viruses do not have these restrictions ). In this case, how can we quickly find out the culprit of such viruses?

We know that when we clean up some viruses, we are used to using the show hidden file function in the folder option to view the System File status. Unfortunately, the virus is in front of us, they have done a good job of protection in advance during the runtime, and disable this function of the system. No matter how we set it, we cannot see the hidden files in the system, and thus cannot completely clear the virus.

The breakthrough of the entire problem lies in how to view these virus files. I have summarized some experiences and hope to help the majority of users.

If it is determined to be an AUTO-like virus, you can use the attrib command to first display autorun. inf file, enter attrib-s-h-a-r d: autorun. inf, then you can see the file on disk D, open it with notepad, find the exe file it directs, and use the following command to display the file and delete it under CMD, go to the Registry, search for the keyword of the file name, and delete all the keywords. Other partition operations are similar.

 

If this type of virus is not encountered, we can use conventional tools, such as WinRAR and TC, because such tools can directly view hidden files and then use the above method. Of course, for viruses that are closely related to the system itself, WinRAR and so on cannot be fully viewed. If there is no proper tool around, let us know a little trick, view the process name in the task manager. Generally, the file name is consistent with the process name. Once you know the name, it is easy to operate in CMD.