我是瑞星的正版用户。今天,瑞星提示我一个名叫svhda.exe文件在改写注册表,我当然不会让它改写。用瑞星去查毒,结果一会儿瑞星就自行退出了。在纯dos下查毒也不行,看来是碰到硬货了。
上网用svhda.exe查了一下,百度没有查到,用google查,有22项,其中包括百度的“百度知道_反病毒_待解决问题”中的一页中文的,看来,前沿的技术性的东西还是google行。估计是这个病毒目前主要是在国外流行,中国还没有流行起来吧。
最后是根据这个国外论坛的方法解决这个病毒的:http://forums.techguy.org/security/470410-annoying-virus-please-help.html
真正解决问题的是一个叫作:Ewido Security Suite的软件。
使用说明如上面论坛的:
27-May-2006 11:40 AM
Cheeseball81
Moderator Posts: 44,883
Join Date: Mar 2004
Location: New York
Experience: Nerd
* Click here to download the trial version of Ewido Security Suite.
· Install Ewido.
· During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
· Launch ewido.
· It will prompt you to update click the OK button and it will go to the main screen.
· On the left side of the main screen click update.
· Click on Start and let it update.
· DO NOT run a scan yet.
Restart your computer into Safe Mode now.
(Start tapping the F8 key at Startup, before the Windows logo screen).
Perform the following steps in Safe Mode:
* Run Ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK.
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop.
Reboot.
|
|
使用截图如下:
另外,其中还介绍一个叫作Hijack This的软件,英文不大懂,好像是一个查看、删除常驻内存进程的工具。论坛中的作用就是用它,在上面那个Ewido执行前和后来查看比较内存中的进程的。正如下面所说,它查出来的东西不一定是病毒,有些是系统的和用户定制的。
使用说明如下:
26-May-2006 03:41 PM
Cheeseball81
Moderator Posts: 44,883
Join Date: Mar 2004
Location: New York
Experience: Nerd
Hi and welcome
* Click here to download HJTsetup.exe.
Save HJTsetup.exe to your desktop.
Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
__________________
Peter: Oh my god Brian, there's a message in my Alpha-Bits. It says, 'Oooooo.'
Brian: Peter, those are Cheerios.
Member of ASAP
Microsoft MVP/Windows - Security
If we've helped, please donate to TSG.
|
|
使用截图如下:
如图如示,瑞星在普通状态下不能杀的病毒Backdoor.Gpigeon.2006.akw病毒需要在安全模式下查毒删除,我是在百度的贴吧搜索到这个解决的办法的。
图一:在普通模式下不能删除这个病毒:
图二:在安全模式下搞定:
