求杀死global.exe木马的方法啊，，受不了这病毒了，，，

Global.exe 是一种U盘病毒，病症表现为创建名为 Global.exe 进程的木马病毒综合体，使电脑速度明显下降，不能切换中英文输入。病毒资料病毒资料 U盘病毒病症：创建 Global.exe 进程! 木马病毒综合体 电脑速度明显下降，不能切换中英文输入。危险程度：高 病毒：是木马：是恶意软件：否建议：下载安装所有系统安全补丁一种病毒进程，现象是每隔30秒有个飘动的图片写的your computer is being attacked（翻译成中文为：您的计算机受到攻击），，还不停地发出噔噔的声音。因为是U盘传播，建议关闭自动播放并且开启杀软（360、金山等）的实时防护解决办法：复制以下代码到记事本，然后改名为 *.bat 双击运行即可！-------------------------------开始--------------------------------@echo off title Eyeson软件工作室 Global.exe病毒专杀工具color 0ataskkill /im Global.exe /t /f taskkill /im tskmgr.exe /t /fattrib -s -h -r c:\autorun.inf attrib -s -h -r C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.comattrib -s -h -r C:\WINDOWS\pchealth\Global.exe attrib -s -h -r C:\WINDOWS\system32\dllcache\Default.exe attrib -s -h -r C:\WINDOWS\pchealth\Global.exeattrib -s -h -r C:\WINDOWS\system\KEYBOARD.exeattrib -s -h -r C:\WINDOWS\Fonts\Fonts.exeattrib -r -s -h C:\MS-DOS.comattrib -r -s -h C:\WINDOWS\Cursors\Boom.vbsattrib -r -s -h C:\windows\fonts\tskmgr.exeattrib -r -s -h C:\windows\system32\dllcache\recycler.{645ff040-5081-101b-9f08-00aa002f954e}\global.exeattrib -r -s -h C:\windows\system32\dllcache\rndll32.exeattrib -r -s -h C:\windows\system32\drivers\drivers.cab.exedel c:\autorun.inf del C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.comdel C:\WINDOWS\pchealth\Global.exedel C:\WINDOWS\system32\dllcache\Default.exe del C:\WINDOWS\pchealth\Global.exedel C:\windows\fonts\tskmgr.exedel C:\WINDOWS\system\KEYBOARD.exedel C:\WINDOWS\Fonts\Fonts.exedel C:\MS-DOS.comdel C:\WINDOWS\Cursors\Boom.vbsdel C:\windows\system32\dllcache\recycler.{645ff040-5081-101b-9f08-00aa002f954e}\global.exedel C:\windows\system32\dllcache\rndll32.exedel C:\windows\system32\drivers\drivers.cab.exefor /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\autorun.inf attrib -s -h -r %%d:\autorun.inf for /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\autorun.inf del %%d:\autorun.inf /q for /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com attrib -s -h -r %%d:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com for /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\WINDOWS\pchealth\Global.exe attrib -s -h -r %%d:\WINDOWS\pchealth\Global.exefor /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\WINDOWS\system32\dllcache\Default.exe attrib -s -h -r %%d:\WINDOWS\system32\dllcache\Default.exe for /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\WINDOWS\system\KEYBOARD.exe attrib -s -h -r %%d:\WINDOWS\system\KEYBOARD.exefor /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\WINDOWS\Fonts\Fonts.exe attrib -s -h -r %%d:\WINDOWS\Fonts\Fonts.exefor /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\MS-DOS.com attrib -s -h -r %%d:\MS-DOS.comfor /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com del %%d:\WINDOWS\pchealth\helpctr\binaries\HelpHost.com /q for /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\WINDOWS\pchealth\Global.exe del %%d:\WINDOWS\pchealth\Global.exe /q for /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\WINDOWS\system32\dllcache\Default.exe del %%d:\WINDOWS\system32\dllcache\Default.exe /q for /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\WINDOWS\system\KEYBOARD.exe del %%d:\WINDOWS\system\KEYBOARD.exe /q for /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\WINDOWS\Fonts\Fonts.exe del %%d:\WINDOWS\Fonts\Fonts.exe /q for /D %%d in (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do if exist %%d:\MS-DOS.com del %%d:\MS-DOS.com /q 'clsset rg = createobject("wscript.shell")on error resume nextrg.regwrite "HKCR\.vbs\", "VBSFile"rg.regwrite "HKCU\Control Panel\Desktop\SCRNSAVE.EXE", ""rg.regwrite "HKCU\Control Panel\Desktop\ScreenSaveTimeOut", "30"rg.regwrite "HKCR\MSCFile\Shell\Open\Command\", ""rg.regwrite "HKCR\regfile\Shell\Open\Command\", ""rg.regwrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\", ""rg.regwrite "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\", ""rg.regwrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\", ""rg.regwrite "HKEY_CLASSES_ROOT\MSCFile\Shell\Open\Command\", ""rg.regwrite "HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff\0\DisplayName","Local Group Policy"rg.regwrite "HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff\0\FileSysPath",""rg.regwrite "HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff\0\GPO-ID","LocalGPO"rg.regwrite "HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff\0\GPOName","Local Group Policy" rg.regwrite "HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff\0\SOM-ID","Local" rg.regwrite "HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff\0\0\Parameters",""rg.regwrite "HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff\0\0\Script",""rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown\0\DisplayName", "Local Group Policy"rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown\0\FileSysPath", ""rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown\0\GPO-ID", "LocalGPO"rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown\0\GPOName", "Local Group Policy"rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown\0\SOM-ID", "Local"rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown\0\0\Parameters", ""rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown\0\0\Script", ""rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup\0\DisplayName", "Local Group Policy"rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup\0\FileSysPath", ""rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup\0\GPO-ID", "LocalGPO"rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup\0\GPOName", "Local Group Policy"rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup\0\SOM-ID", "Local"rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup\0\0\Parameters", ""rg.regwrite "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup\0\0\Script", ""clsset /p tmp=C盘该病毒清除完毕,如果其它盘符存在无法打开的现象,请按回车开始删除其他分区病毒。 cls -------------------------------结束--------------------------------