Computer antivirus record, antivirus record
Some days ago, a classmate's computer was infected with a fierce virus and looked at me. The scene was very tragic: in the lower-right corner of the screen, undesirable advertisements, System icon changes, many programs are displayed on the computer, the CPU usage is 100%, and the mouse and keyboard are almost unusable.
The anti-virus process takes a long time, from ten o'clock A.M. to five o'clock P.M. Some people have said that it takes so long to reinstall the system. Common viruses are acceptable. However, this employee has an infected virus, except for the C drive, which is also infected with viruses, unless it is fully formatted, otherwise, the virus persists after the system is reinstalled.
1. Disconnect the network
Ii. Entering the General Security Mode
3. virus detection and removal by the way, understanding the cause
4. Go to the network security mode to scan for viruses
5. Check startup items and uninstall some residual Software
1. Disconnect the network
Once a computer is detected with a virus, if it is not infected with a USB flash drive, the virus must be transmitted over the network (a computer that is not connected to the Internet will not be infected with a virus ), my experience is to immediately disconnect the network and unplug the network cable to prevent further virus infection. In addition, some viruses implant a specific file transmission software, which will send your file information to intruders through the network. Therefore, the network must be disconnected, so do not worry that many anti-virus software can be used for offline anti-virus.
Ii. Entering the General Security Mode
After the network is disconnected, it is about to start anti-virus. In the original system, anti-virus cannot be done. One is because the virus has intruded into the system (one side is killed and one side is infected), and the other is because it was previously said, the cpu usage of this computer is 100%, and anti-virus software cannot run properly.
It is a good idea to enter the security mode. The security mode only loads the core processes of the system and some hardware-driven processes. Viruses do not only need to intrude into infected files, but are in this situation. The reason for this is that the common security mode cannot be connected to the Internet. The offline anti-virus mode is also used for security reasons. In case of a powerful virus, it will be troublesome, therefore, we choose to enter the common security mode (that is, the common security mode, to distinguish it from the latter ).
Restart your computer, press F8 at startup to enter the selection page, and select safe mode as the upper and lower keys. I encountered a special situation, that is, this classmate's computer. This computer is a desktop of the Asus motherboard. When I started the system, press F8 to enter the Asus motherboard setting interface (ah, I really don't understand. It won't be a shame if I set it to F7. I tried it for a long time and finally learned a method after searching for information on the Internet: press F8 to enter the setting interface, and then press ESC. Then, immediately vomit blood and press F8 to enter the selection interface. Select safe mode.
3. virus detection and removal by the way, understanding the cause
After entering the security mode, you can start anti-virus software. Start anti-virus software. You can use anti-virus software from the public. There is no special recommendation. After you start scanning and killing, you can do other things. I waited for more than two hours to finish the investigation and found about 582 viruses (truly powerful ), then I started anti-virus, and it was a long wait. This time I did not choose to do anything else, but to see what viruses are there.
I found a lot of embedded video conversion software, which made me very strange. Later I checked the information and found out that these software were virus implanted into the computer to achieve 100% CPU usage, video software usually occupies a lot of CPU, and viruses use this to occupy CPU resources, so that the host cannot run programs and intrude into computer files.
As expected, there are also a lot of software specifically used to transmit files, such as Flying Pigeon books. Fortunately, even if the network is disconnected, otherwise the file has been passed into the hands of intruders.
In addition, virus pages intrude into a lot of file information, and thus have to kill these files, sacrifice individuals, and ensure global protection.
4. Go to the network security mode to scan for viruses
After I first scanned and killed the virus, I checked it again. After a few minutes, I found that the virus still exists, because most of the viruses are still eliminated, so I think we can perform online scanning and removal now, which is more comprehensive, but it is still in the security mode. This is the security mode with the network function, and then scan and kill again. During this period, in order to completely kill the virus, in addition to anti-virus software, I also used a first-aid kit (360 or Kingsoft). The first-aid kit cannot be used as anti-virus software and may cause damage to the system, it is recommended that you do not use it if the virus is not poisoned.
After scanning and killing, check again and finally there is no virus. You can enter the normal system.
5. Check startup items and uninstall some residual Software
After entering the system, if you find that the software installed by the previous virus is still there, do not be nervous. This is what remains. If the software is not identified as a virus, uninstall it.
In addition, due to this deep poisoning, I checked the startup Item and service for safety, win + R, and then input msconfig to view it. I keep the Microsoft Service and the startup items I am familiar. However, there are still no mistakes. If some software has problems, you can set them as startup items and services in the same way, such as input methods.
All right, computer antivirus record is here. I just want to talk about my own experiences. It's not a matter of fact, or even some of them are wrong. But don't worry about the details.