Today, a remote connection helps a friend who does not know much about the computer to clear the virus. A bunch of runauto .. directories are displayed, and c: \ windows \ dllhost.exe is in the process.
Many methods for manual cleanup are required to install iceswords or to secure mode. However, remote control is inconvenient (the network is also slow ). Failed.
Later, I found a method of violent violence. It was very simple to open two command line windows and execute them respectively:
In the first cmd window, run: For/L % A in (, 2) Do taskkill/f/IM dllhost.exe
In the second cmd window, run: For/L % A in (, 2) Do attrib-H-S-r c: \ Windows \ dllhost.exe & del c: \ windows \ dllhost.exe
At the beginning, you will see an error that the file cannot be deleted. After a few seconds, you can find that the task has been successfully deleted, as the taskkill report cannot find the process, and the attrib and del reports cannot find the file. Use Ctrl + C to stop the two endless loops.
The principle is very simple. Both of them are endless loops (from 1 to 2, but the step size is 0). One is kill and the other is deleted. There will always be a time point where del can be killed before the process is rebuilt.
At present, all three of my friends are successfully cleared. Of course, you should remember to delete setuprs1.if, and hijack and delete the ifeo of cmd.exe and regedit.exe in the registration table.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
