Anti-virus should be replaced with the registry to prevent virus re-generation

Surfing on the internet is often unavoidable. After a professional antivirus program is used to clear these virus programs and restart the computer system, we sometimes find that the previous virus that has been cleared is making a comeback. What is the problem?
Once started, many popular network viruses will automatically leave repair options in the Registry Startup item of the computer system, after the system restarts, these viruses can be restored to the state before modification. In order to "reject" the restart of the network virus, we can proceed from some details to manually delete the virus legacy options in the Registry in a timely manner to ensure that the computer system is no longer under virus attacks.
Prevents web-based startup
In fact, this type of boot key value is mainly used to automatically access a website containing a network virus after the computer system starts successfully. If we do not delete these boot key values in time, it is easy to cause the network virus to attack again.
If you find such a suffix, You must select the key value and then click "edit"/"delete" to delete the selected key value, press F5 to refresh the system registry.
Of course, there are also some viruses that will be left in the startup key values under the above several Registry branches. in vbs format, we also need to delete these startup key values.
Prevents webshell startup
To avoid manual "encirclement and suppression", many network viruses perform some disguised and hidden operations in the startup items of the system registry. users who are not familiar with the system often do not dare to clear these startup key values at will, in this way, the virus program can be restarted.
For example, some viruses will create a startup key value named "system32" under the above several Registry branches, and set the value of this key value to "regedit-s D: windows "(1); many users think that the boot key value is automatically generated by the computer system, and do not dare to delete it at will, it is unknown that the "-s" parameter is actually a backdoor parameter of the system registry. this parameter is used to import the registry and automatically generate vbs files in the installation directory of the Windows system, these file viruses can be used to enable automatic startup. Therefore, when we see a backdoor parameter key value such as "regedit-s D: Windows" in the startup items of the above registry branches, We must delete it without mercy.
Prevents startup through files
In addition to checking the Registry Startup key value, we also need. ini file, because the network virus will also automatically generate some legacy projects in this file, if you do not delete the illegal startup project in this file, network viruses will also make a comeback.
In general, "Win. ini files are often located in the Windows Installation Directory of the system. We can go to the system resource manager window and find and open the file in this window, in the file editing area, check whether "run =", "load =", and other options contain unknown content. If any, you must promptly clear the content after "=". Of course, you 'd better check the specific file name and path before deleting the file. After deleting the file, go to the system's "system" folder and delete the corresponding virus file.
After paying attention to the above details, it is not that easy to restart many network viruses in the future!