Start from the registry and cut off all hacker intrusion paths

While the network brings great convenience to our work and study, viruses, Trojans, backdoors, and hacker programs also seriously affect information security. One common characteristic of computer infection is that these programs write information in the Registry to achieve such purposes as automatic operation, destruction, and dissemination. The following are collected by the author on the Internet. By modifying the registry, we can deal with viruses, Trojans, backdoors, and hacker programs to ensure the security of personal computers.

1. Clear the words left after accessing "Network neighbors"

Delete the following primary key under HEKY_CURRENT_USERNetworkRecent.

2. automatic dialing upon cancellation of login

In HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionNetworkRealModeNet, change "autologon" in the right window to "01 00 00 00 ".

3. Select a user when canceling Logon

All users have been deleted, but users have to be selected during logon. To cancel logon, select a user in the window on the right under HKEY_LOCAL_MACHINENetworkLogon, modify "UserProfiles" to "0 ".

4. Hide the login name of the computer user

Create a new string "DontDisplayLastUserName" in the window on the right under HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionWinlogon and set the value to "1 ".

5. prevent the destruction of Acid Battery v1.0 Trojans

If the "Explorer" key value is found in the right window under HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunServices, The YAI Trojan is in use and deleted.

6. prevent the destruction of YAI Trojans

In HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunServices, if the "Batterieanzeige" key value is found in the right window, the YAI Trojan is included and deleted.

7. prevent the destruction of the Eclipse 2000 Trojan

In HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunServices, if "bybt" is found in the right window, delete it.

Then, under HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunServices, delete the key value cksys on the right and restart the computer.

8. Prevent BO2000 damage

"Deleted" key value, it indicates BO2000 is in, delete it.

9. prevent the destruction of insects

In HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun, if the "MSKernel32" key value is found in the right window, delete it.

10. Disable the "interner option" in the "Tools" column of the IE menu"

Change inetcpl. cpl under c: windowssystem to inetcpl. old or another name, and then change the name if it is disabled.

11. prevent the destruction of BackDoor

In HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun, if the "Notepad" key value is found in the right window, delete it.

12. prevent damage to WinNuke

In the window on the right under HKEY_LOCAL_MACHINESystemCurrentControlSetServicesVxDMSTCP, create or modify the string "BSDUrgent" and set its value to 0.

13. prevent the destruction of KeyboardGhost

Delete the hosts file and the kg. dat file.

14. Search for NetSpy hacker programs

Find the key "NetSpy" in the window on the right under HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun. If yes, it indicates that the NetSpy hacker program has been installed and deleted.