I used to met them with my friends' PC but I could not do anything other than format their PC as most of the antivirus seem can't heal it after the PC affected but now it's with my PC and I don't want to format it again, I tried to kill it myself without any information of it for almost 2 days but I got nothing.
After research, I got some solutions that possible to try, thanks to:
- Panda Security
- FontThai blog
- Vietnamese blog: lecuong.info (I used google translator)
B1: Use IceSword simultaneously kill 3 Process: system.exe, Global.exe, svchost.exe
B2: Find and delete all the files have been analyzed at above
B3: Using Autoruns to check & remove all key viruses created in the registry
B4: Reboot computer.
B5: Download antivirus program (such bkav) to scan again! (If the computer has antivirus program is removed and then installed again!)
B6: Open Run -> CMD: type in sfc /scannow or sfc /scanonce and XP disk to correct the file failed.
B7: Reboot computer. (If necessary)
With solution B2/ B3/ please use batch file to do it: (kill-msdos.zip)
But I recommend you to use another batch file below...
As for sure, everyone will difficult for point B1/ so I, myself tried to enhance on lecuong.info batch to add following command to try ending all processes of the virus:
taskkill /F /IM system.exe /IM Global.exe /IM svchost.exe /T
But we will face delete also svchost.exe which is the windows system one so that in 1 minute the PC will shutdown but don't worry, we can proceed the rest before 1 minute.
Please press any key and accept YES by press Y to confirm delete all virus files and regedit entries as in the batch.
As I face the virus, seem the batch needs to enhance for more file paths to delete such as:
c:\windows\system32\regedit.exe and its regedit entries so here what I added more:
ATTRIB -R -H -S -A c:\windows\system32\regedit.exe
DEL /f c:\windows\system32\regedit.exe
REG DELETE "HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603" /v "001" /F
REG DELETE "HKEY_CLASSES_ROOT\MSCFile\Shell\Open\Command" /f
Now I don't see any process of this virus on my task manager any more.
(DOWNLOAD)
Here is the full batch file:
kill-msdos-full (computerexperience.co.cc).zip
Don't forget to continue point B5/ and B6/ also.
Please report any issue/success related to this solution.
Thanks for sharing.
ReplyDeleteLeCuong.info is my site. :)
how bad is this virus> we could do some exe remover of this virus..
ReplyDeletevisit my blog for sharing...
chaxmaster.blogspot.com
Hello brother your very perfect for winxp but windows server 2003 cannot delete that kind of this virus. so can you write that code for win server2003. I put your post in my web and try to share your web to my friend.
ReplyDeleteBarrister Global Services Network, one of premier provider of IT solutions, printer repair , Printer
ReplyDeleteService, managed print services, Barrister Global
Services. Printing services as printer repair and Managed Print Services are among the best services provided by barrister.
thank that you tell how to kill virus Global.
ReplyDeletebest regard
Hun Pheak
Your post is really giving unimaginable data.. I supported it and completely appreciated comprehension it. Continue sharing such fundamental posts.Oh staggering! I was mulling over whether this would be intelligible, so thank you for the input. We hadn't considered the arranging, however that is phenomenal!
ReplyDeleteBest custom essay writing services review