Modify the Registry to deal with viruses, Trojans, backdoors, and hacker programs

Source: Internet
Author: User


While the network brings great convenience to our work and study, viruses, Trojans, backdoors, and hackers Program It also seriously affects information security. One common characteristic of computer infection is that these programs write information in the Registry to achieve such purposes as automatic operation, destruction, and dissemination. The following are collected by the author on the Internet. By modifying the registry, we can deal with viruses, Trojans, backdoors, and hacker programs to ensure the security of personal computers.

1. prevent the destruction of Acid Battery V1.0 Trojans

If the "Explorer" key value is found in the right window under HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ runservices, it indicates that the Yai Trojan is in use and deleted.

2. prevent the destruction of Yai Trojans

If the "batterieanzeige" Key is found in the right window under HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ runservices, The Yai Trojan is included and deleted.

3. prevent the destruction of the eclipse 2000 Trojan

In HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ runservices, if the "bybt" key value is found in the right window, delete it. Then, delete the key value cksys on the right under HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ runservices and restart the computer.

4. Prevent bo2000 damage

If you find the parameter umgr32.exe in the right window under HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ runservices, bo2000 is in the description and deleted.

5. prevent the destruction of insects

In HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run, if the "mskernel32" key value is found in the right window, delete it.

6. Disable the "interner option" in the "Tools" column of the IE menu"

Rename inetcpl. Cpl under C: \ WINDOWS \ system to inetcpl. Old or a different name. If the name is disabled, you can change it back to resume use.

7. prevent the destruction of Backdoor

In HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run, if the "Notepad" key value is found in the right window, delete it.

8. prevent damage to winnuke

In the window on the right under HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ VxD \ mstcp, create or modify the string "bsdurgent" and set its value to 0.

9. prevent the destruction of keyboardghost

If you find the kg.exekey value under HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ runservices, Delete the values, find the kg.exe file and the kg. dat file, and delete them all.

10. Search for NetSpy hacker programs

Find the "NetSpy" key in the window on the right under HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run. If yes, it indicates that the NetSpy hacker program has been installed and deleted.

11. Clear the words left after accessing "Network neighbors"

Delete the following primary key under heky_current_user/Network/recent.

12. automatic dialing upon cancellation of login

In the HKEY_LOCAL_MACHINE/software/Microsoft/Windows/CurrentVersion/Network/realmodenet window, change "autologon" to "01 00 00 00 ".

13. Select a user when canceling Logon

All users have been deleted, but users have to be selected during logon. To cancel logon, select a user in the window on the right under HKEY_LOCAL_MACHINE \ Network \ logon, modify "userprofiles" to "0 ".

14. Hide the login name of the computer user

Create a new string "DontDisplayLastUsername" in the window on the right under HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Winlogon and set the value to "1 ".

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.