1.进入安全模式
2.恢复隐藏文件:(注:建个记事本,将下面代码复制进去,然后将后缀名改为.reg,导入注册表)Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/Advanced/Folder/Hidden
/SHOWALL] "RegPath"="Software//Microsoft//Windows//CurrentVersion//Explorer//Advanced" "Text"="@shell32.dll,-30500" "Type"="radio" "CheckedValue"=dword:00000001 "ValueName"="Hidden" "DefaultValue"=dword:00000002 "HKeyRoot"=dword:80000001 "HelpID"="shell.hlp#51105"
3.(注意:打开盘时,按右键打开)手动清理 系统盘,搜索: spoclsv.exe (图标也是熊猫烧香)查到
之后,删除,然后右键打开其它盘,删除setup.exe (图标也是熊猫烧香), autorun.inf
4. 删除病毒创建的启动项:
[HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run]"svcshare"="%System%/drivers/spoclsv.exe"
