- 主题
- 0
- 积分
- 0
- 贝壳
- 0 个
- 注册时间
- 2007-3-9
- 最后登录
- 2007-3-9
|
这是什么病毒
Win32.Pinfi是一种具有多个变种的病毒,它感染本地及共享网络上的Windows可执行文件。
第一次运行时,病毒会创建一个临时文件,而文件名则是随机的,比如:
C:\WINDOWS\TEMP\epe71F0.TMP
这是一个动态链接库文件,它包含了病毒的主要功能。而病毒会把本地的动态链接库文件贮存在注册表中:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\PINF
运行时,病毒会附加在Explorer.exe文件上以便驻留内存。
病毒会感染本地及它可以访问的网络驱动器上的*.EXE 和 *.SCR(屏保文件)文件。
关于解决方法嘛,来段英文的
For Windows 95/98/ME Systems:
Download the ERD (Emergency Rescue Disk) from the Trend Micro site.
Turn off the infected computer. DO NOT reset or reboot because some viruses may remain intact in the computer's memory.
Insert Disk 1 - "Emergency Boot Disk?into your A: drive and turn on the computer.
Follow the on-screen prompts.
When the scan is complete, remove the disk from your floppy drive and restart your computer.
For Windows NT/2K/XP Systems:
Close all running applications.
Open the Trend Micro product you are using or go to HouseCall, Trend Micro's free online virus scanner.
The EXPLORER process is infected and needs to be terminated before cleaning can be done. To do so, follow these instructions:
Open Task Manager by pressing CTRL+SHIFT+ESC.
Click the Processes tab and click EXPLORER.EXE. Click the End Process button.
(The Windows Startbar and desktop should disappear.)
Press ALT+TAB a few times until the window where the Trend Micro product or Housecall is selected. Scan your system with Trend Micro antivirus and clean all files detected as PE_PARITE.A and PE_PARITE.B.
Restart your system. Press CTRL+ALT+DEL then click Shutdown. When prompted, restart your system
更多的关于W32.PINFI的你可以自己去搜索一下啊
|
|
