前几天,我的一个notebook突然 染了病毒。刚开始时,是上网后就有网页几十页自动跳出,后来竟然log in 后就自动有文件跳出,要我买它的去毒软件。这次中毒比过去的都厉害。它把notebook 的system restore function 都inactivated。
1) 下载去毒软件,malwarebytes anti-malware at www.download.com
装载并清理病毒。反复做了3次。 Restart the computer and press F8 to enter Safe mode。Clean up the computer system again。
2) 下载去毒软件,Combofix。
装载并清理病毒。 同时自动修复了system restore。
3) Set up system restore point。
系统恢复了正常。
I should stop here. But I did not. Then my new nightmare came. Since malwarebytes software scan still detected 4-8 trojans or backdoor worms, I download Super Anti-spyware software from www.download.com. Install and run the software. It detected 37 more viruses or malwares. After deletion, the computer suddenly crashed. Now the computer acted very funny. It turned on and off by itself. But it was stable under Safe mode.
After several hours of trying with different anti-spyware softwares, the system was still unstable. So as a last resort, I used system restore, but it crashed during the system restore. Finally, I searched the net and found out that it was possible to use system restore under safe mode with command line setup. Using the one-line instruction from Microsoft support site, I was able to restore the system to the state before using the Super-anti-spyware software. Thank God, it was done.
My suspicion is that there might be some hidden incompatibilities between different anti-spyware softwares. Deletion caused instability of the window system.
后记:
虽然没有popup,但系统仍然很慢。 download microsoft malicious software removal kit。 Removed 8 infected files after full scan. Then download window defender. After full scan, it found another trojan vundo. After removal, now the system seems quite fast as before.
后后记:
本以为everything is fine after all these troubles. However, last Thursday, the notebook suddenly showed up a lot of winlogon.exe errors. After cleaning up with Window Defender, the computer could not log on or immediately shut down after logged on for a couple of seconds.
1) Tried to start in safe mode and still got the same results.
2) Tried repair windows by reinstalling the windows using the reinstall CD. It did not work .
3) Tried to repair windows using window recovery console. Could not get in because the password could not be set.
4) Tried to reinstall the windows using original folders. Worked but still have virus infection. However, with this option, one still can copy original data files or folders.
5) Tried to reformat the C drive before reinstall the windows. This time worked.
6) Purchased CA anti-virus plus anti-spyware software package. Install them in this and two other computers. For the two other computers, both spywares and viruses were found. Some of the viruses were actually attached to some of the free anti-virus softwares. I purchased CA anti-virus plus software package because I have used the corporate version of the software and liked it because it is fast and transparent. Previously I have used Symantec software which slowed my computer quite bit.
Now everything is back to normal.