To completely remove malware from the data, you must start from scratch.

Author: du Zhiming

If you find that your system has malware, do not confuse it. We recommend that you back up data and format your hard disk from scratch. The result may be the most satisfactory.

I have met or heard many similar stories-many people are struggling hard to find the malware on their computers (often referred to as "rogue software" in China, the fight results are disappointing: like the fight between cats and mice, malware can never be wiped out. However, I believe that today's battle with malware should not have such a bumpy and tortuous story. I have a simple method to recommend.

When malware first appeared, it was annoying, but malware itself was harmless to users. Because the authors of these software account for the majority of teenagers. They write software to show their talents in software and security.

At that time, malware was mostly used as a prank: Constantly copying data on the host computer occupied computer resources; making some harmless program modifications on the computer; and displaying a joke on the screen; or even false alerts. Viruses and worms in malware accounts for only a small part.

Today, it can be said that 99% of malware is targeted at your money pockets. Today, if you find malware programs on your computer, even anti-virus software installed on your computer (or specialized anti-rogue software such as anti-kaka) prompts that it is just a simple advertisement, do not give these malware any chance to completely eliminate it.

Today, most malware programs steal your identity, confidential data, bank accounts, and passwords. This undoubtedly poses a serious threat to your assets. So far, no software can tell you in a timely manner, malware residing on your computer not only modifies your computer system, but also performs rogue behaviors (for example, whether your bank account has been transferred after being stolen ); no antivirus software is available to clean these malware programs from your network devices. Maybe you are not aware of it, and your terminal is in a very dangerous environment.
However, when you discover malware in your computer, do not delete it. This malware may remain in a sleep state, and simple deletion may trigger this sleeping malicious program. It is not a good idea to attack a snake. The best way is to eradicate it and remember to cut the grass to remove the root.

The primary method for root removal is to immediately unplug the network cable and disconnect the network connection so that the computer or server in the middle won't be able to access the Internet. This will prevent hackers from remotely controlling your machine through the Internet using malware and returning control of the machine to your hands.

Then back up the data. I believe that as a qualified IT O & M personnel and a qualified computer user, critical data will be backed up on a regular basis. This is undoubtedly a very simple thing. I personally suggest you back up your personal data to the same folder for convenience. Of course, do not forget to back up some parameters such as your email, browser favorites, and system configuration during Backup.

Sort out the application software. You need to check the installed application software, plug-ins and related components, especially the software that requires you to download again or back up the relevant software license number. If your computer is using a Windows operating system, sometimes I will back up the registry keys of HKLM and HKCU (you can find them in Registry Editor ), the information contained in these tools can be restored by using your system instead of being completely re-created. If your DHCP (Dynamic Host Configuration Protocol) is not the default value, note the parameters used.

If you do not have a system disk, you need to do more work. Go to the Windows Control Panel and hardware device management page, and download and restore separately. I will pay attention to network card and other product models, search for related drivers on the Internet, and download them to a USB flash drive or a mobile hard drive. (Because when you reinstall the software, you may need to download files including system and application software patches from the Internet to restore the previous configuration ). These tasks are equally important to devices such as video cards. If your system does not automatically identify these hardware configurations, this will save a lot of time when you reinstall the system.

Note that if the malware already exists in the memory, the above steps may cause the malware to infect your backup files. Some netizens may suggest you use some boot software (such as BART), so that the system can get a clean boot status. This is indeed a very constructive suggestion, but it is a bit of a pity-it may be harder to find specific information about the application software and hardware, such as license numbers or specific models, when using these software for guidance.

After you have done the above work and precautions, You Can format the hard disk and start again. Can your random system recover disk be found? If you still can find it, it is indeed your luck.

Start installation ......
After the system software is restored, do not worry about installing the required application software. Patching system software is the most important task. Only when this step is completed can other applications be installed.

You can recover data, or even your applications, because many applications have the ability to automatically search and automatically reload data. After these applications are installed, install the corresponding patches. Installing anti-rogue software tools is essential. Of course, if you are disappointed with the old tools, you can try a new tool.

You can do the restoration work in the unit or at home. Complete and system backup is a prerequisite no matter where you do this.

After the system is restored, it does not mean that your work has ended. Smart people should not fall twice in the same place, as in the war against malware-you need to spend more energy and time analyzing how you are infected. As far as my experience is concerned, there are two main ways to get infected: one is not timely patching the system and application software; the other is that you accidentally run programs containing malware.

Pre-defense is better than post-event defense. You need to complete some work:

Change your logon information. We often use computers to log on to online banking and some important WEB application systems (such as enterprise ERP and CRM ). You must enter the user name and password when logging on. If you have made a move, we recommend that you change the logon information. Although I know that you may have used some logon information for a long time, the changes may cause a lot of inconvenience. However, from the perspective of information security, it is better to change the login information.

For personal information, you need to monitor your credit card and bank deposit balance on a regular or irregular basis. It is best to use some credit supervision services, such as when the credit card amount launched by some banks exceeds a certain amount, the service will be sent to the cardholder via SMS. Once you find that your online bank account is abnormal, you must notify your bank or credit card supplier immediately. This indicates that your identity may be stolen and your interests will be lost. You may need to take further action-alarm.

Not a few years ago, the vast majority of rogue software is malicious. Do not simply leave it aside if you feel bored. Malware intrusion is a very serious issue for your data.

Simply follow the advice of the so-called security experts-scan and "clear" malware, and are optimistic that the removal of malware can be done. Such measures are far from enough. Back up data, format the hard disk, install the system, and solve the problem from the beginning.

I believe that the method to remove malware is correct, and simply dealing with this problem will undoubtedly cause serious harm.