你的电脑被讨厌的病毒感染了。Windows很慢,您的网络浏览器死机,您一直在努力摆脱奇怪的弹出窗口、警告和广告。这些都是恶意软件感染的迹象。您担心自己的文件、个人数据和应用程序。您尝试使用已安装的防病毒软件扫描您的计算机,但它没有报告任何内容或无法清除病毒感染(virus infection). 更糟糕的是,您没有安装防病毒软件,现在您无法安装任何防病毒软件,因为病毒会阻止其安装。这是一个艰难的处境,从病毒中清除您的计算机将是一个艰难而漫长的过程。为确保您成功,我们创建了一个图表,其中包含任何人都可以遵循的易于理解的流程。阅读它,按照我们的详细说明从您的计算机中删除该讨厌的病毒。让我们开始吧:
消除令人讨厌的病毒感染的过程(virus infection)
即使您因为严重的恶意软件感染(malware infection)而遇到问题,但这并不意味着您无法做任何事情来恢复您的数据和清理您的计算机。所涉及的步骤很多,如果操作不当,可能会导致您的个人数据丢失,但几乎任何注意我们指示的人都可以执行这些步骤。首先(First),让我们先分享一张图表,其中包含您需要经历的流程。
My PC has a nasty virus. Now what? How do I remove it?
Ciprian Rusen
如您所见,该过程分为四个优先领域(priority area):数据备份、消毒、恢复和防止进一步损坏。按照共享顺序获取优先领域(priority area),然后完成我们为您设计的步骤。然后,阅读本指南下方共享的详细说明。您将在本指南的正文中看到每个优先领域和每个步骤都有其对应的内容。(priority area)只需(Just)使用我们共享的数字即可进入正确的部分。
1. 优先级 1:数据备份
无论您是如何被感染或恶意软件有多讨厌,您应该做的第一件事就是备份您的数据。至此,我们正在考虑您不想丢失的文档、照片、视频和任何其他类型的敏感数据。您应该确保您拥有所有个人文件的副本,因为即使它们被病毒感染,您以后仍然可以清除它们。不要备份程序或任何其他类型的软件,您可以在清理计算机后随时重新安装。
1.1。备份您的数据
任何令人讨厌的病毒的共同特征之一是它们将自己设置为在Windows 启动(Windows startup)时运行。为了限制对您的计算机造成的损害,最好启动到安全模式(Safe Mode)。这意味着Windows不会加载任何第三方应用程序或驱动程序(party apps or drivers),其中也可能包含恶意软件。这就是为什么进入安全模式(Safe Mode)是在尝试清理计算机之前备份重要数据的最佳方法之一。
如果您不知道如何启动到安全模式(Mode),我们提供了一些涵盖此主题的指南:
- 在Windows 10中启动进入安全模式的(Boot Into Safe Mode)4种方法(Ways)
- 在Windows 8.1中启动进入安全模式的(Boot Into Safe Mode)5种方法(Ways)
- 什么是安全模式以及如何(Mode & How)在Windows 7中启动(Boot)进入安全模式(Safe Mode)
如果您可以进入安全模式(Safe Mode),请将所有重要文件复制到可移动驱动器,例如USB 记忆(USB memory)棒或外部硬盘驱动器,或者将文件刻录到DVD(DVDs)或其他光盘上。
备份所有重要内容后,请转到本指南的第 2 部分(section 2)。如果您无法启动到安全模式(Mode),请按照下一节中的步骤操作。
1 .2。创建实时光盘
如果您无法进入安全模式(Mode),我们建议您使用另一台计算机创建Live Disc,然后使用它来备份受感染的Windows 设备(Windows device)中的数据。Live Disc(Live Discs)的巨大优势是让您可以在系统的RAM 内存中运行完整的(RAM memory)操作系统(operating system),而不必将它们安装在硬盘上。另一个优点是您几乎可以将任何类型的可移动驱动器用于Live Disc(Live Discs)。您可以在 CD、DVD甚至USB 记忆(USB memory)棒上创建Live Disc 。
当涉及到您希望用于 Live Disc的(Disc)操作系统(operating system)时,一个简单的Google 或 Bing 搜索(Google or Bing search)将为您提供大量选择。我们建议您创建一个Ubuntu Live Disc,因为这个Linux 发行版(Linux distribution)提供了一个非常易于使用的用户界面。(user interface)您可以在此处找到有关如何创建和使用Ubuntu Live Disc(Ubuntu Live Discs)的说明:Ubuntu LiveCD 文档(Ubuntu LiveCD Documentation)。如果您想在USB 记忆棒上创建和使用(USB memory)Ubuntu,您可以在此处找到文档:如何在 Windows 上创建可启动的 USB 记忆棒(How to create a bootable USB stick on Windows)。
1.2. 从 Live Disc 启动
创建Live Disc后,使用它来启动受感染的计算机。正如我们之前简要提到的,从Live Disc启动您的计算机意味着其上的操作系统(operating system)将仅加载到您计算机的RAM 内存中(RAM memory),因此您计算机上的硬盘驱动器中的任何驱动程序、应用程序和恶意软件(apps and malware)都不会加载.
1.3. 备份您的数据
Live Disc 中的操作系统(operating system)启动并运行后,使用它将受感染计算机上的所有重要数据复制到另一个外部驱动器,例如另一个USB 记忆(USB memory)棒或外部硬盘驱动器。
2. 优先级 2:消毒
现在是时候清理我们的计算机上的那个讨厌的病毒了。这是你必须做的:
2.1创建(Create)防病毒恢复驱动器(recovery drive)
由于感染非常严重,以至于您无法在其上安装防病毒软件或者您现有的防病毒软件无法处理它,您将不得不使用更复杂的解决方案:您需要创建一个防病毒rescue/recovery drive。
防病毒救援(Antivirus rescue)驱动器与Live Disc(Live Discs)类似,但它们不是保存操作系统(operating system),而是旨在为您提供防病毒软件(antivirus software)。防病毒救援磁盘(antivirus rescue disk)将允许您从它启动计算机,然后在您的计算机上运行各种防病毒扫描。
安全市场(security market)上的大多数知名品牌,如Bitdefender、ESET或卡巴斯基(Kaspersky) 都提供防病毒救援(offer antivirus rescue)驱动器。它们通常以ISO文件的形式提供,您可以将其刻录到CD 或 DVD(CD or DVD)上,也可以使用它们来创建救援USB 记忆(USB memory)棒。
2.2. 从防病毒恢复驱动器(recovery drive)启动受感染的 PC
启动(Booting)并运行防病毒救援磁盘(antivirus rescue disk)意味着将加载您计算机上的操作系统(operating system),但不会加载其中的恶意软件。但是,防病毒救援磁盘(antivirus rescue disk)将能够查看、扫描和清理在受感染计算机上找到的所有硬盘驱动器。
2.3. 使用防病毒恢复驱动器(recovery drive)清理受感染的 PC
从防病毒救援磁盘(antivirus rescue disk)启动计算机后,使用它对安装在其上的所有硬盘驱动器进行全面深入的扫描。确保将扫描配置为尽可能深入。如果可以,请将防病毒软件设置为打开档案,将其设置为扫描 rootkit,将其设置为扫描PUP(PUPs)(可能是不需要的程序)并将其设置为使用“高级启发式”。发现恶意软件时,请始终选择清理受感染的文件,或者如果无法清理,则删除受感染的文件。这是确保您的计算机摆脱恶意软件的最安全方法。
如果防病毒软件报告您的计算机现在是干净的,请转到本指南的第 3 部分(section 3)。如果您的计算机仍然受到感染并且防病毒软件无法清除所有恶意软件,请重复第 2 部分(section 2)中的步骤,但使用不同的防病毒软件。如果这也不起作用,请转到本指南的第 3 节(section 3)。
3. 优先级 3:恢复
如果恶意软件清理(malware cleanup)工作有效,请按照本节中的步骤 3.1 和 3.2 进行操作。如果没有,请按照本节中的步骤 3.3 到 3.7 进行操作。
3.1。启动到 Windows
如果您之前使用的应急磁盘(rescue disk)中的防病毒软件设法清理了受感染的计算机,那么现在该检查Windows是否没有永久损坏并且它仍然可以工作。重新启动计算机并尝试正常启动。如果Windows工作正常,请转到步骤 3.2。如果它不能正常工作,请转到步骤 3.3。
3.2. 验证您的数据和应用程序
如果您正在阅读此步骤,则意味着您设法使用防病毒救援磁盘(antivirus rescue disk)对计算机进行了消毒,并且您的Windows可以正常工作。如果是这样,您还应该检查您安装的所有应用程序是否仍然正常运行,并且您的数据是否仍然处于良好状态。
即使操作系统(operating system)干净且正常工作,也不一定意味着您的应用程序或个人数据未受损。恶意软件感染(malware infection)可能已从您安装的程序中破坏了重要文件。如果是这种情况,您将不得不重新安装这些应用程序。
3.3. 重新安装 Windows
如果使用防病毒救援驱动器(antivirus rescue drive)不起作用并且您的计算机仍然受到感染,那么您将处于非常艰难的境地,您唯一的解决方案是格式化安装 Windows 的分区并(Windows)重新安装Windows。如果您的计算机有恢复分区(recovery partition),或者您使用的是Windows 8.1或Windows 10,您可以将其重置为出厂默认设置。如果没有,您将不得不使用安装DVD或 USB记忆棒(memory stick)从头开始安装Windows。
如果您需要帮助,我们有一些指南可以帮助您完成这些程序:
- 如何下载 Windows 10(Download Windows 10)并创建自己的安装媒体(Media)
- 如何使用(Using)零售媒体或(Media Or)ISO 映像(ISO Image)安装Windows 10
- 如何在您的计算机上安装(Your Computer)Windows 8.1 RTM
- 如何从头(Scratch)开始设置系统?最佳安装顺序(Installation Order)
3.4. 安装一个好的防病毒软件
您刚刚重新安装了 Windows,这意味着至少您的系统分区(system partition)没有恶意软件。但是,如果您的计算机上有多个分区或多个硬盘驱动器怎么办。或者,如果病毒已经在您的本地网络中传播并且可以再次感染您的 PC,该怎么办?
您现在需要做的是让自己获得一个非常好的安全解决方案(security solution)。去网上下载安装好的安全套件(security suite)。您还不必购买,因为大多数安全供应商都提供其软件的试用版。如果您不知道要获得哪个安全套件(security suite),请查看我们的安全评论并选择一个至少有 3 分的判定。我们建议您使用Bitdefender Total Security、Kaspersky Total Security 或 ESET Smart Security(Kaspersky Total Security or ESET Smart Security)之类的东西。
3.5. 扫描您的计算机
在计算机上运行防病毒软件后,请确保它更新其病毒定义,然后使用最安全的选项运行完整的系统扫描。确保将扫描配置为尽可能深入:将防病毒设置为打开档案,将其设置为扫描 rootkit,将其设置为扫描PUP(PUPs)(可能是不需要的程序)并将其设置为使用“高级启发式” .
让防病毒软件发挥作用,同时给自己喝杯茶或咖啡(tea or coffee)。完整的全面系统(comprehensive system)扫描可能需要一段时间。预计至少等待 20 - 30 分钟,如果不是一两个小时。
3.6 . 恢复您的数据
您已经完成了Windows的全新安装,并且安装了良好的防病毒解决方案(antivirus solution)。您还对计算机上的所有内容进行了全面全面的病毒扫描(virus scan)。您现在应该能够恢复丢失的数据。插入您进行备份的USB 记忆(USB memory)棒、外部硬盘驱动器或 CD(drive or CDs)和DVD ,并使用防病毒软件对其进行扫描。(DVDs)确保(Make)清理可能仍驻留在已恢复文件中的每个受感染文件。
3.7. 重新安装您的应用程序
取回所有数据后,您应该继续重新安装所需的应用程序并设置Windows以按照您喜欢的方式工作。完成后,从本指南转到下一部分。
4.优先级 4(Priority 4):防止进一步损坏
现在我们已经删除了恶意软件感染(malware infection),我们应该采取一些措施来防止进一步的损害发生。这是您接下来要做的事情:
4.1。使用其他防病毒软件扫描您的计算机,以获得第二意见
到目前为止,您已经设法使用防病毒应急磁盘(antivirus rescue disk)清理了计算机,或者您已经重新安装了Windows。您应该使用另一种防病毒软件进行另一次完整的系统扫描。就像(Just)你去看医生时不确定他或她有多好,所以你从另一位医生那里得到了第二意见,不同供应商的防病毒软件可能会检测到前一个没有检测到的东西。您之前运行的防病毒扫描可能会清理您的计算机,但没有完美的防病毒软件。即使是最好的也可能会错过一些恶意软件。
但是有一个小问题:您的计算机上已经安装了防病毒软件。因为同时运行两个防病毒应用程序可能会导致您的 PC 出现故障,我们建议您使用在线防病毒软件(online antivirus)来获得第二意见。有许多提供此类解决方案的安全供应商。以下是此类服务的几个直接链接:Bitdefender QuickScan、ESET Online Scanner、Kaspersky Security Scan。这是我们前段时间进行的比较:测试比较(Comparison)- 什么是最好的免费在线防病毒扫描程序(Best Free Online Antivirus Scanner)?
4.2. 更改密码
最后,此时一切都应该没问题。您的计算机是干净的,您的文件是干净的,您的数据是安全的。没有留下任何病毒(virus left)的痕迹。但是,你还不安全。许多病毒不会停止改变、删除或只是让你的生活变得悲惨。许多病毒还会做其他令人讨厌的事情,例如窃取您的密码以及将个人信息泄露给Internet上的黑客控制的服务器。因此,作为最后一步,我们强烈建议您更改感染此恶意软件时使用的所有密码。更改您的本地密码,即您的Microsoft 帐户的密码(Microsoft account)以及您用于应用程序和最常用在线服务的密码。这是确保可能被病毒窃取的数据不会落入不受欢迎的人手中并确保您免受进一步损害的唯一方法。
结论
正如您从本指南中看到的那样,处理令人讨厌的病毒和对系统进行消毒并非易事。它涉及许多步骤和相当多的时间和精力(time and attention)。我们认为,我们的指南将帮助大多数发现自己陷入困境,不得不处理令人讨厌的恶意软件感染(malware infection)的人。仔细阅读我们的指南,查看它,应用它,让我们知道它的效果如何。有什么我们错过的吗?您(Are)还希望我们添加任何其他预防措施吗?使用下面的评论表让我们知道。
My PC has a nasty virus. Now what? How do I remove it?
Y our сomputеr got infected by a nasty virus. Windows іs slow, your web browser freezes and you are constantly fighting to get rid of strange popups, warnings and advertisements. These are all signs of a malware infection. You are worried about your files, your pеrsonal data аnd your apps. You tried to scan your computer with the antivirus you have installed but it doesn't report anything or it juѕt can't clean the virυs іnfection. Even worse, you did not have an antivirus installed and now you can't install any antivirυs because the virus blocks its instаllation. That's a tough situation to find yourself in, and cleaning your comрuter from νiruses is going to be a hard and lengthy process. To make sure you succeеd, we created a diagram with an easy-to-understand process that anyone can follow. Read it, follow our detailеd instructions and remove that nastу virus from your cоmputer. Let's get startеd:
The process for removing a nasty virus infection
Even if you're having problems because of a nasty malware infection, that doesn't mean you cannot do anything to recover your data and clean your computer. The steps involved are many and, if not done correctly, can lead to losing your personal data, but they can be performed by just about anyone who pays attention to our instructions. First, let's start by sharing a diagram with the flow of the process that you need to go through.
My PC has a nasty virus. Now what? How do I remove it?
Ciprian Rusen
As you can see, the process is split into four priority areas: data backup, disinfection, recovery and the prevention of further damage. Take the priority areas in the order they are shared and go through the steps we designed for you. Then, read the detailed instructions shared below in this guide. You will see that each priority area and each step has its equivalent in the body of this guide. Just use the numbers we shared to go the correct section.
1. Priority 1: Data backup
Regardless of how you got infected or how nasty the malware is, the first thing you should do is backup your data. By that, we're thinking at your documents, photos, videos and any other kind of sensitive data that you don't want to lose. You should make sure that you have a copy of all your personal files because, even if they are infected by the virus, you might still be able to clean them later. Don't backup programs or any other kind of software that you can reinstall anytime, after you've cleaned your computer.
1.1. Backup your data
One of the common traits of any nasty virus is the fact that they set themselves to run at the Windows startup. In order to limit the damage done to your computer, it is best to boot into Safe Mode. This means that Windows will not load any third party apps or drivers, and that may include malware too. That's why going into Safe Mode is one of the best ways to backup your important data before trying to clean your computer.
If you don't know how to boot into Safe Mode, we have a few guides that cover this subject:
If you can enter Safe Mode, copy all your essential files to a removable drive, like a USB memory stick or an external hard drive, or burn your files on DVDs or other optical disks.
Once you've backed up everything that's important, move to section 2 in this guide. If you cannot boot into Safe Mode, follow the steps from the next section.
1 .2. Create a Live Disc
If you cannot enter into Safe Mode, we recommend that you use another computer to create a Live Disc and then use it to backup the data from your infected Windows device. Live Discs have the great advantage of letting you run a complete operating system in the RAM memory of your system, instead of having to install them on a hard drive. Another advantage is the fact that you can use almost any kind of removable drives for Live Discs. You can create a Live Disc on a CD, on a DVD or even on a USB memory stick.
A simple Google or Bing search will give you plenty of options when it comes to the operating system you'd like to use for your Live Disc. We recommend that you create an Ubuntu Live Disc, as this Linux distribution offers a user interface that's very easy to use. You can find instructions on how to create and use Ubuntu Live Discs here: Ubuntu LiveCD Documentation. If you want to create and use Ubuntu on a USB memory stick, you can find the documentation here: How to create a bootable USB stick on Windows.
1.2. Boot from the Live Disc
Once you've created a Live Disc, use it to boot your infected computer from it. As we briefly mentioned earlier, starting your computer from a Live Disc means that the operating system on it will load only in your computer's RAM memory, so none of the drivers, apps and malware from the hard drive(s) on your computer will load.
1.3. Backup your data
Once the operating system from your Live Disc is up and running, use it to copy all the important data you have on your infected computer to another external drive, like another USB memory stick or an external hard drive.
2. Priority 2: Disinfection
Now it is time to clean our computer of that nasty virus. Here's what you have to do:
2.1 Create an antivirus recovery drive
Because the infection is so bad that you cannot install an antivirus on it or your existing antivirus is not able to deal with it, you will have to use a more complex solution: you need to create an antivirus rescue/recovery drive.
Antivirus rescue drives are similar to Live Discs, but instead of holding an operating system, they are designed to provide you with antivirus software. An antivirus rescue disk will allow you to boot your computer from it and then run all kinds of antivirus scans on your computer.
Most of the big names on the security market like Bitdefender , ESET or Kaspersky offer antivirus rescue drives. They are usually delivered as ISO files that you can either burn on a CD or DVD, or you can use them to create a rescue USB memory stick.
2.2. Boot the infected PC from the antivirus recovery drive
Booting and running an antivirus rescue disk means that the operating system from your computer will be loaded but not the malware on it. However, the antivirus rescue disk will be able to see, scan and clean all the hard drives found on your infected computer.
2.3. Clean the infected PC using the antivirus recovery drive
Once you've booted your computer from the antivirus rescue disk, use it to run a full in-depth scan of all the hard drives you have installed on it. Make sure that you configure the scan to be as in-depth as possible. If you can, set the antivirus to open archives, set it to scan for rootkits, set it to scan for PUPs (possibly unwanted programs) and set it to use "advanced heuristics". When malware is found, always choose to either clean the infected files or, if cleaning is not possible, delete the infected files. This is the safest way of making sure your computer will be rid of malware.
If the antivirus reports that your computer is now clean, then move to section 3 in this guide. If your computer is still infected and the antivirus couldn't clean all the malware, repeat the steps in section 2 but using a different antivirus. If that doesn't work either, then move to section 3 in this guide.
3. Priority 3: Recovery
If the malware cleanup worked, follow steps 3.1 and 3.2 in this section. If it didn't, follow steps 3.3 to 3.7 in this section.
3.1. Boot into Windows
If the antivirus from the rescue disk you used earlier managed to clean your infected computer, now it's time to check if Windows was not permanently damaged and it still works. Restart your computer and try to boot normally. If Windows works normally, go to step 3.2. If it doesn't work well, go to step 3.3.
3.2. Verify your data and apps
If you are reading this step then it means that you managed to disinfect your computer by using an antivirus rescue disk and your Windows works normally. If so, you should also check if all the apps you have installed still behave as they should and that your data is still in a good condition.
Even if the operating system is clean and working, that doesn't necessarily mean that your apps or personal data were left undamaged. The malware infection could have destroyed essential files from your installed programs. If that's the case, you will have to reinstall those apps.
3.3. Reinstall Windows
If using an antivirus rescue drive didn't work and your computer is still infected, you are in a very tough spot and your only solution is to format the partition on which Windows is installed and reinstall Windows. If your computer has a recovery partition or if you're using Windows 8.1 or Windows 10, you can reset it to factory defaults. If not, you will have to install Windows from scratch, using an install DVD or a USB memory stick.
We have a few guides that can help you with these procedures, in case you need help:
3.4. Install a good antivirus
You just reinstalled Windows and that means that at least your system partition is clean from malware. But what if you have multiple partitions or more than one hard drive on your computer. Or what if the virus has spread in your local network and it can infect your PC again?
What you need to do now is to get yourself a really good security solution. Go online to download and install a good security suite. You don't have to buy one yet, as most security vendors offer trial versions of their software. If you don't know which security suite to get, check our Security reviews and choose one with a verdict of at least 3. We recommend that you go with something like Bitdefender Total Security , Kaspersky Total Security or ESET Smart Security.
3.5. Scan your computer
Once you have an antivirus running on your computer, make sure it updates its virus definitions and then run a full system scan, using the most secure options. Make sure that you configure the scan to be as in-depth as possible: set the antivirus to open archives, set it to scan for rootkits, set it to scan for PUPs (possibly unwanted programs) and set it to use "advanced heuristics".
Let the antivirus do its job and, in the meantime, get yourself a cup of tea or coffee. A full comprehensive system scan will probably take a while. Expect to wait at least 20 - 30 minutes, if not an hour or two.
3.6 . Recover your data
You have made a clean installation of Windows and you installed a good antivirus solution. You also made a full and comprehensive virus scan of everything on your computer. You should now be able to recover the data you lost. Plug in the USB memory stick, external hard drive or CDs and DVDs on which you made your backup and scan them with your antivirus. Make sure to clean each and every infected file that may still reside in your recovered files.
3.7. Reinstall your apps
Once you've got all your data back, you should go ahead and reinstall the apps you need and set up Windows to work the way you like it. When done, move to the next section from this guide.
4. Priority 4: Prevent further damage
Now that we have the malware infection removed, we should take some steps that prevent further damage from taking place. Here's what you have to do next:
4.1. Scan your computer with a another antivirus, for a second opinion
By now, you have either managed to clean your computer by using an antivirus rescue disk or you've reinstalled Windows. You should make another full system scan with another antivirus. Just like when you go to a doctor and you're not sure how good he or she is so you get a second opinion from another doctor, antiviruses from different vendors may detect things that the previous one did not. The antivirus scans you ran previously probably cleaned your computer, but there's no such thing as a perfect antivirus. Even the best can miss some malware.
But there's a small problem: you already have an antivirus installed on your computer. Because having two antivirus applications running at the same time is something that may cause your PC to malfunction, we recommend that you use an online antivirus for getting this second opinion. There are plenty of security vendors that offer such solutions. Here are a couple of direct links to such services: Bitdefender QuickScan , ESET Online Scanner , Kaspersky Security Scan. And here's a comparison we ran some time ago: Test Comparison - What is the Best Free Online Antivirus Scanner?.
4.2. Change your passwords
Finally, everything should be OK at this point. Your computer is clean, your files are clean and your data is safe. There is no trace of any virus left. However, you're not safe yet. Lots of viruses don't stop at altering, deleting or simply making your life miserable. Many viruses do other nasty things, like stealing your passwords and leaking personal information to hacker controlled servers on the Internet. That's why, as a final step, we strongly recommend that you change all the passwords you used while having this malware infection. Change your local passwords, the password for your Microsoft account and the passwords you used for your apps and most frequently used online services. This is the only way to make sure that the data possibly stolen by the virus doesn't get into unwanted hands and that you are safe from further damage.
Conclusion
As you can see from this guide, dealing with nasty viruses and disinfecting your system is no easy task to perform. It involved many steps and quite a bit of time and attention. We think that our guide will help most people which find themselves in a tough spot, having to deal with a nasty malware infection. Go through our guide, review it, apply it and let us know how well it works. Is there anything we missed? Are there any other precautions you would like us to add? Let us know using the comments form below.