Modify registry to deal with viruses, Trojans, backdoor and hacker programs _ registration Form

In the network to our work to learn to bring great convenience at the same time, viruses, Trojans, backdoor and hacker programs also seriously affect the security of information. One common feature of these programs infecting computers is the writing of information in the registry to achieve such purposes as automatic operation, destruction, and propagation. The following is the author collected online, by modifying the registry to deal with viruses, Trojans, backdoor and hacker programs to ensure the safety of personal computers.

1. Prevention of Acid Battery v1.0 Trojan damage

Under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices if the "Explorer" key value is found in the right window, the Yai Trojan is shown. Delete it.

2. Prevent the destruction of Yai Trojan

If the "Batterieanzeige" key value is found in the right window under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices, Then the description of the Yai Trojan, will it be deleted.

3. Prevent Eclipse 2000 Trojan damage

Under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices, if the "BYBT" key value is found in the right window, it is deleted. Then remove the right key value "Cksys" under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices and restart the computer.

4. Prevention of BO2000 damage

If the "Umgr32.exe" key value is found in the right window under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices, The description is BO2000, and it is deleted.

5. Prevent the destruction of love worms

If the "MSKernel32" key value is found in the right-hand window under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, delete it.

6. The "Interner option" in the "tools" bar of the IE menu is prohibited.

The name of the C:\Windows\System under the name Inetcpl.cpl renamed to Inetcpl.old or other names will appear prohibited use of the situation to change the names back, you can resume use.

7. Prevention of backdoor damage

If the "Notepad" key value is found in the right window under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, delete it.

8. Prevention of WinNuke damage

Under HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\VXD\MSTCP, create or modify the string "Bsdurgent" in the right-hand window, and set its value to 0.

9. Prevention of Keyboardghost damage

In hkey_local_machine\software\microsoft\windows\currentversion\ RunServices If you find KG.EXE this key value, delete it, and find KG.exe files and kg.dat files, delete them all

10. Find Netspy Hacker Program

Under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, look for the key "Netspy" in the right window, if it exists, it means that the Netspy hacker program is already installed, To remove it.

11. Clean up the message of the words left after visiting the "Network Neighborhood"

Under Heky_current_user/network/recent, delete the following primary key.

12. Cancel the automatic dialing when landing

Modify the "AutoLogon" in the right window under Hkey_local_machine/software/microsoft/windows/currentversion/network/realmodenet to 01 00 00 00 00 ".

13. Select Users when you cancel the login

All users have been deleted, but also to select the user when logging on, we want to cancel the user to choose when logging on, we will be under Hkey_local_machine\network\logon, in the right window, modify the "Userprofiles" value is "0".

14. Hide the name of the computer user login

Under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Winlogon, create a new string "DontDisplayLastUserName" in the right window. Set the value to "1".