Nowadays, the use of computers in our lives is a common phenomenon, life is already a part of most people's lives, work, life, learning to use the computer, but the computer in our life is increasingly important at the same time, for us, the risk is constantly increasing, the computer with our use of it at the same time, Constantly record our privacy information, many viruses on the internet if the damage to our computer, not only damaged our computer, together with these privacy information will also be attacked, which can be imagined. Therefore, we must attach importance to the protection of the computer against the network virus.
Protect against network viruses-Registry is important
At present, a number of popular network viruses once started, will automatically in the computer system registry Startup items left with the repair option, pending the system reboot after the virus can be restored to the state before the change. In order to "deny" network virus restart, we can start with some details to manually remove the virus legacy options in the registry to ensure that the computer system is no longer vulnerable to virus attacks.
Prevention of network virus tip 1: Block startup via web page
Many computer systems infected with the network virus, may be in
Hkey_current_usersoftwaremicrosoftwindowscurrentversionrunonce
Hkey_current_usersoftwaremicrosoftwindowscurrentversionrun
Hkey_current_usersoftwaremicrosoftwindowscurrentversionrunservices, and so on, in the key value below the registry branch, There is something like. html or. htm, in fact, this kind of startup key value is the main function of the computer system after the start of a successful, automatic access to include network virus specific sites, if we do not put these key values in a timely manner, it will easily lead to network virus relapse.
To this end, we use the antivirus program to clear the computer system virus, we also need to open the System Registry editing window in time, and in the window to view the above several registry branch options to see if these branches below the boot key value contains. html Or. htm suffix, once found we have to select the key value, and then click the Edit/delete command, the selected target key values are deleted, and finally press F5 function key to refresh the system registry.
Of course, there are also some viruses in the boot key values below the several registry branches that are left with the boot key value of the. vbs format, we also have to delete them when we find such a startup key value.
Prevent network virus Tip 2: Stop booting through the back door
In order to avoid the user's manual "encirclement and suppression", many network viruses will be in the system registry startup items in some camouflage covert operation, unfamiliar system users are often afraid to remove these startup key values, so that the virus program can achieve the purpose of restarting.
For example, some viruses create a startup key value named "System32" under several registry branches, and set the numeric value of that key to "regedit-s d:windows." It seems that many users will think that the startup key value is automatically generated by the computer system, And dare not remove it at will, but the "-S" parameter is actually the system registry back door parameters, the function is used to import the registry, and can be in the Windows System installation directory automatically generated VBS file, through these files virus can achieve the purpose of automatic start. So, when we see the "Regedit-s d:windows" key value in the boot entry in several of the registry branches above, you must remove it without mercy.
Prevention of network virus tip 3: Preventing startup through files
In addition to checking the registry startup key value, we also have to check the system's "Win.ini" file, because the network virus will automatically generate some legacy items in this file, if the file does not delete the illegal startup items, the network virus will be a comeback.
Generally speaking, the "Win.ini" file is often located in the system's Windows installation directory, we can go to the System's Explorer window and locate and open the file in the file editing area, and then check the "run=", "load=" And the following options include some dubious content, if found, must be timely to "=" clean up the contents of the content; Of course, before you delete it is best to look at the specific file name and path, complete the delete operation, and then go to the System folder window to delete the corresponding virus files.
Of course, the security of the computer is more in our daily maintenance.