Reject repeated virus infections

The disk partition cannot be opened by double-clicking;

Insert a USB flash drive to cause viruses;

After the virus is installed, the system is completely reinstalled (that is, reinstalling the system disk after formatting or restoring the ghost), but the virus is still rampant. This article will teach you the causes of these phenomena, the corresponding defensive strategies and solutions.

First, let's talk about how a disk cannot be opened by double-clicking it.

Let's create an experiment and place an executable file in the root directory of a partition. In this example, we use the software for typing. Open notepad and enter

[Autorun]

Openworkflow typing software .exe open = enter the file name of your Executable File

Save it as the Autorun. inf file and put it in the root directory of the partition.

Next, restart the computer and double-click the partition. The partition was originally intended to enter, but your executable file was executed. Right-click the drive letter and you will see an automatic playback. If the executable file is a virus, the consequence will be.

This means that the disk partition cannot be opened by double-clicking. inserting a USB flash drive causes virus infection.

We can see that the Autorun. inf file is the loading path of such viruses.

Some netizens may ask "I cannot see this virus" because the virus author assigned a hidden attribute to the file.

Then the netizen will ask "I have also selected to show all files". The virus author modified the options for displaying hidden files in the Registry to achieve the purpose of hiding, this prevents you from displaying hidden files even if you select to display all files. Here, the author provides related fixes to show hidden file registry repair files for download. Click to download. After you download and run the file, you can see the hidden Autorun. inf file.

Now that we know the principle, we can prevent such viruses.

Preferred method: Group Policy Method

Procedure: Start → run → enter gpedit. msc → OK → Computer Configuration → manage template → disable automatic playback → enable → All Drives → OK 1

In this way, you will not be afraid of virus loading through the Autorun. inf automatic playback function.

Method 2

Create a folder named Autorun. inf under the root directory of each partition (USB flash drive), which is a folder rather than a file.

The disadvantage of this solution is that it is easy to be deleted by viruses. So we can use the file name feature to create a folder that is not easy to delete in the Autorun. inf folder.

Start-Program-attachment-command prompt enter "md x: autorun. inf normal immune file..." in double quotation marks, replace x with the drive letter of the corresponding partition.

Here, I have prepared a batch file and click to download it. You only need to decompress the package and run it to directly complete the above steps. If you need to immune the USB flash drive, insert the USB flash drive before running.

When the virus is installed, the system is completely reinstalled, but the virus is still rampant. What is the reason?

Possible causes:

First case

As mentioned above, although you have completely reinstalled the system, the Autorun. the inf-type virus has not been cleared, so you double-click it to enter another partition, resulting in a new virus infection.

Solution: Do not enter other partitions after the system is completely reinstalled, right-click my computer, select search, select all files and folders, select more advanced options, select search hidden files and folders, and enter Autorun in the file name. inf → then press search → then open any Autorun in the root directory of the partition. inf and records the file name of open‑xxx.exe → return to the search window → Delete All Autorun. inf file.

Connect to the file named xxx.exe (the file name varies according to the actual situation) to delete all the files in the root directory of the partition. The author also performed batch deletion of Autorun. inf. After decompression, the Autorun. inf file can be deleted in batches. Click to download

Next, use the immune method mentioned above to prevent your system.

Case 2

That is, your virus will infect executable files and webpage files. Many netizens like to put the installation programs of commonly used software on the hard disk to facilitate the installation and use of the system after reinstalling or when necessary.

After the system is completely reinstalled, install or directly use common software (such as anti-virus software, such as QQ). Because the installation program (executable program) has been infected, the virus is re-activated.

Prevention Method: to prevent the installation program from virus infection, compress and package it with compressed files. This prevents these programs from virus infection and saves disk space.

Solution: do not install or run any programs on the original hard disk after the system is completely reinstalled, you can use a CD or USB flash drive to copy the anti-virus software installation program from someone else's computer → install anti-virus software and upgrade it to the latest virus database → then use the anti-virus software to scan for the virus. Remember, you need to clear the virus instead of deleting the virus. Virus removal removes viruses from normal programs, and deletes your programs.

Case 3

After the system is completely reinstalled, because your system has not been installed with a security patch, it will be automatically infected with worms.

Defense methods: 1. install and Upgrade anti-virus software and enable real-time monitoring before connecting to the Internet (Upgrade anti-virus software with an offline update package) 2. use 360 security guard to patch your system and then access the Internet safely.