Virus-killer System

Today, cleaning experts are used to handle a computer with High severity, which can greatly reduce the chance of system reinstallation.

Symptom:

Windows XP Pro. after entering the logon password, the desktop cannot be displayed.

Troubleshooting:

1. Start the system normally. after entering the logon password, press ctrl + alt + del to call the task manager and create a new task under the File menu. Enter c: windowssystem32dllcachepolicer.exe to enter the desktop. (Currently, Trojans are not intended to damage the system. Generally, files with the same name backed up in the dllcache file can be restored when the cmd.exe file in the c: Windows directory is damaged or deleted .)

2. After logging on, you will find that the original right-click menu has been modified. For example, if you right-click my computer and create shortcuts, most of the management functions are unavailable. Run several common repair tools, all of which were deleted by the virus after double-clicking. the antivirus software on the computer has been damaged.

3. Fixing the Registry in a virus-infected system usually fails. Manual modification is certainly free of virus programs.

4. restart the system, boot with a WINPE disc, enable Registry Editor, and manually modify regular add-ons (up to 10 ), delete the modified items of image hijacking (almost all security-related tool software is hijacked ).

5. restart Windows XP boot on the hard disk and run the sreng on the USB flash drive (with a repair tool disk) after the reboot. Execute drive killing 7.4. Fortunately, this is okay and can run normally. Soon I found a bunch of problems, prompting about 10 or more exceptions, such as avterminator, 8749, and damaged security mode. Then run the special virus tool to scan for other viruses. Of course, this virus database is very small and can only kill more than 10 auto viruses and avterminator variants.

6. Run kavdx at the same time and soon find that a large number of exe files are infected. It took about 30 minutes to complete the scan and nearly 300 viruses were detected. Because kavdx can only clear viruses and cannot repair the Registry Keys Modified by viruses, it is intended to be solved by cleaning experts.

While kavdx and kavdx can be executed, the cleaning expert on the USB flash disk fails. Obviously, viruses in the memory are still interfering with the execution of cleaning experts.

7. after the drive killing and kavdx scanning are completed, try to COPY the latest antivirus 2008 installation package to the hard disk for installation, in this example, the system is successfully installed and upgraded after drive removal and kavdx preprocessing)

8. after restarting the computer, try to start the cleaning expert successfully (I think this is still due to the repair feature of the drive flash). Surprisingly, cleaning experts found more than 20 malware features on this computer, which is a virus concentration camp. At the same time, it was observed that the real-time monitoring of the drug overlord was constantly trying to clear an onlinegame Trojan. Soon after the trojan was cleared, the virus appeared again. Apparently, there are Trojans running on the computer. When nearly 20 malware from cleaning experts are cleared, they will not restart the computer.

9. using the online security diagnosis function of cleaning experts, several unknown items are found during comprehensive detection. FIX software add-ons that are judged to be abnormal by identifying file properties. In the troubleshooting expert Baobao box, use the system repair plug-in to detect exceptions such as IE search items and LSP. After selecting the plug-in, click repair and restart as prompted by the cleaning expert.

10. restart the computer and use the cleaning expert to check again. This time, only the characteristics of the three malware are found, and all of them are selected. After cleaning, the system prompts that you need to restart and clear the software again. Restart the computer as prompted. Check the malware repeatedly and the online diagnostic add-on. No exception is found. In this case, the real-time monitoring of the drug overlord does not report any new Trojans.

So far, the repair process is over, and a computer that looks like a crash is fixed.

Some may say that reinstalling a computer is faster than repairing it.

I am afraid it may take several hours to completely restore the system settings and documents. If this is not the case, some data will still be lost. reinstalling the system is annoying.