电脑病毒怎么杀呀

如果怀疑系统存在病毒，建议您安装瑞星杀毒软件V16版本升级到最新病毒库后进行病毒扫描查杀，下载地址：http://pc.rising.com.cn/

建议您可以安装腾讯电脑管家杀毒软件，全面的查杀病毒程序，提供快速扫描、全盘扫描和自定义扫描三种扫描方式：快速扫描针对电脑病毒易感区进行快速扫描，快速直达“病根”；全盘扫描对用户电脑进行全方位查杀，病毒木马无处逃；自定义扫描让用户能根据自己的需求进行扫描，兼具人性化。两大云查杀引擎和趋势本地查杀引擎“三强联合”，超强查杀电脑中存在的顽固木马，能彻底清洁电脑环境，清除电脑病毒

希望可以帮到您了

把我下面的代码复制下来,另存为.bat为后缀的文件,也就是批处理文件啦,然后双击运行就可以了.如果不行的话,请在我的百度空间里留言.另外请在杀毒重启时把U盘那些移动存储设备拔掉.

@echo off
title 忆林子
color 0a
echo ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
echo.
echo 该病毒资料
echo.
echo 该病毒建立的包括的源文件如下:
echo.
echo 病毒文件全路径 大小(字节)
echo c:\WINDOWS\system32\54D427F8.EXE(这个数字是病毒随机生成的) 20,284
echo c:\WINDOWS\system32\A0A29414.DLL(这个数字是病毒随机生成的) 13,812
echo 其它所有分区:\autorun.inf 78
echo 其它所有分区:\auto.exe 20,284 20,284
echo.
echo 其中autorun.inf文件里的内容
echo.
echo [AutoRun]
echo open=auto.exe
echo shellexecute=auto.exe
echo shell\Auto\command=auto.exe
echo.
echo 注意：因为该病毒与系统进程绑定在一起，所以在杀毒时你的计算机将会被强制重启
echo 重启之后，请再运行一次本程序，该病毒方可清除完毕。
echo 请把该程序放在桌面上执行，并且在重启之后马上再次运行该程序。
echo.
echo ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
echo.
set /p tmp=以上是该病毒的信息，如果要清除该病毒，请回车键开始杀毒...

if not exist c:\tmp1.忆林子 (
reg query HKLM\SYSTEM\CurrentControlSet\Services\CF9EDF4C /v ImagePath >>c:\tmp1.忆林子
)
if not exist c:\tmp2.忆林子 (
reg query HKLM\SYSTEM\CurrentControlSet\Services\CF9EDF4C /v Description >>c:\tmp2.忆林子
)
reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v isFirstRun>>tmp.忆林子
for /f "tokens=1,2,3 skip=4 delims= " %%j in ('more tmp.忆林子') do set isFirstRun=%%l
if exist tmp.忆林子 del tmp.忆林子 /q
if /i "%isFirstRun%"=="1" goto :secondStep
net stop cf9edf4c>nul
for /L %%c in (1,1,10) do (
sc delete cf9edf4c>nul
)
rem 删除由病毒新建的项
reg delete "HKCU\SYSTEM" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows NT" /v ReportBootOk /f
reg delete "HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_CF9EDF4C" /f
reg delete "HKLM\SYSTEM\ControlSet001\Services\CF9EDF4C" /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CF9EDF4C" /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\CF9EDF4C" /f
reg delete "HKU\.DEFAULT\SYSTEM" /f
reg delete "HKU\S-1-5-18\SYSTEM" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v isFirstRun /d 1 /f
shutdown -r -t 0
exit

:secondStep
for /f "tokens=1,2,3 skip=1 delims= " %%j in ('more c:\tmp1.忆林子') do set test=%%l
set fileName1=%test:~-12%
echo %fileName1%

for /f "tokens=1,2,3 skip=1 delims= " %%j in ('more c:\tmp2.忆林子') do set fileName2=%%l.dll
echo %fileName2%

for %%d in (%fileName1%,%fileName2%) do (
taskkill /im %%d /f>nul
taskkill /fi "modules eq %%d" /f>nul
)
if exist c:\temp1.忆林子 del c:\temp1.忆林子 /q
if exist c:\temp2.忆林子 del c:\temp2.忆林子 /q
for %%d in (%fileName1%,%fileName2%) do (
if exist "%systemroot%\system32\%%d" (
attrib -s -h -r "%systemroot%\system32\%%d"
del "%systemroot%\system32\%%d" /q
)
)
del c:\WINDOWS\Prefetch\*.* /q
rd "%userprofile%\Local Settings\temp" /s /q
rem 添加病毒删除的项
echo Windows Registry Editor Version 5.00>>tmp.忆林子.reg
echo.>>tmp.忆林子.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ERSvc]>>tmp.忆林子.reg
echo "DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00>>tmp.忆林子.reg
echo "Description"="服务和应用程序在非标准环境下运行时允许错误报告。">>tmp.忆林子.reg
echo "DisplayName"="Error Reporting Service">>tmp.忆林子.reg
echo "ErrorControl"=dword:00000000>>tmp.忆林子.reg
echo "ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\>>tmp.忆林子.reg
echo 74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\>>tmp.忆林子.reg
echo 00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\>>tmp.忆林子.reg
echo 6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00>>tmp.忆林子.reg
echo "ObjectName"="LocalSystem">>tmp.忆林子.reg
echo "Start"=dword:00000002>>tmp.忆林子.reg
echo "Type"=dword:00000020>>tmp.忆林子.reg
echo.>>tmp.忆林子.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ERSvc\Parameters]>>tmp.忆林子.reg
echo "ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\>>tmp.忆林子.reg
echo 00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\>>tmp.忆林子.reg
echo 65,00,72,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00>>tmp.忆林子.reg
echo.>>tmp.忆林子.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ERSvc\Security]>>tmp.忆林子.reg
echo "Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\>>tmp.忆林子.reg
echo 00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\>>tmp.忆林子.reg
echo 00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\>>tmp.忆林子.reg
echo 05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\>>tmp.忆林子.reg
echo 20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\>>tmp.忆林子.reg
echo 00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\>>tmp.忆林子.reg
echo 00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00>>tmp.忆林子.reg
echo.>>tmp.忆林子.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ERSvc\Enum]>>tmp.忆林子.reg
echo "0"="Root\\LEGACY_ERSVC\\0000">>tmp.忆林子.reg
echo "Count"=dword:00000001>>tmp.忆林子.reg
echo "NextInstance"=dword:00000001>>tmp.忆林子.reg
reg import tmp.忆林子.reg
for %%d in (c:\tmp1.忆林子,c:\tmp2.忆林子,tmp.忆林子,tmp.忆林子.reg) do (
if exist %%d del %%d /q
)
rem 改回被病毒修改的注册表项
reg add "HKLM\SOFTWARE\Microsoft\PCHealth\ErrorReporting" /v DoReport /d 1 /f
reg add "HKLM\SOFTWARE\Microsoft\PCHealth\ErrorReporting" /v ShowUI /d 1 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL" /v CheckedValue /d 1 /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v isFirstRun /f
for %%d in (c:\tmp1.忆林子,c:\tmp2.忆林子,tmp.忆林子,tmp.忆林子.reg) do (
if exist %%d del %%d /q
)

rem 删除病毒在注册表中添加的关联
if exist test.忆林子 del test.忆林子
reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options">test.忆林子
for /f "tokens=* delims= skip=4" %%j in (test.忆林子) do (
reg delete "%%j" /v debugger /f
cls
if exist test.忆林子 del test.忆林子
echo ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
echo.
echo 正在清除由病毒添加的注册表项,请稍候...
echo.
echo ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
)
if exist test.忆林子 del test.忆林子
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft^\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path" /v Debugger /d "ntsd -d" /f
cls
for %%f in (auto.exe,autorun.inf) do (
for /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do (
if exist %%d:\%%f attrib -s -h -r %%d:\%%f
if exist %%d:\%%f del %%d:\%%f /q
)
)
cls
echo ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
echo.
echo 病毒清除完毕，按回车键开始解决分区无法双击打开的问题.
echo 注意：因为删除了第个分区根目录下的autorun.inf文件，所以要
echo 对你的分区进行磁盘检查才能双击打开，或者你也可以重启。
echo 在磁盘检查时你的一些应用程序像QQ可能会被强制退出。如果不想
echo 现在检查的话，请关闭该批处理。下次重启你的分区即可双击打开。
echo.
echo ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
set /p test=
for /D %%d in (d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do (
if exist %%d:\ chkdsk %%d: /f /x
)
cls
echo ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
echo.
set /p tmp= 操作结束,按回车键退出该程序。
exit

参考资料：百度一下

病毒查杀可以这样,先下载360系统急救箱保存到D盘,重启按F8进入带网络连接的安全模式,使用360系统急救箱进行查杀 这样就查杀的比较彻底了,然后启动360杀毒 360安全卫士的木马云查杀功能查杀清除残留就可以了.

进入安全模式，安装一个杀毒软件进行杀毒~！