In fact, we all experienced webpage virus attacks. For example, after an Internet roaming, we found that the homepage of IE browser was changed to a malicious website, in addition, the default search engine of the browser is also changed to the search engine of the malicious website, and the "Navigator" is attacked by malicious webpage viruses ......
A lot of virus exclusive tools have been downloaded from the Internet, and the check results all prompt "your registry has been modified ". Press the "Repair" key to fix ie settings. If you do not want to start the computer again, you will find that the IE homepage and search engine have changed back to this malicious website. What is the virus infected?
Analysis: Since the computer's malicious web page virus is restarted every time, the problem must be related to the startup. Run the "Msconfig" program to view the startup items, which are basically the system files required for system startup. It seems that there is nothing. Suddenly, the project name is "System" and the project value is "regedit/s c:/system. reg. reg, open it with notepad, the content is as follows:
REGEDIT4
[HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Main]
"Start Page" = "http: // *****. com /"
"Search Page" = "http: // *****. com /"
"Search Bar" = "http: // *****. com /"
[HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run]
"System" = "regedit/s c:/system. reg"
It is it! Disguised as a System file. In the "Msconfig" startup Item, set "System. remove "√" before reg (the most thorough approach is to enter the registry and delete "System" under "HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run ), run "System. reg.
So far, our problem has been solved. After the computer is restarted, the "Navigator" setting will not be tampered.
Experience summary:
1. Keep anti-virus software and tools for eliminating malicious webpage viruses;
2. once the virus is infected by such malicious web pages, use the "Msconfig" tool (Windows 2000 users can copy the "“msconfig.exe" file in Windows 98's systemdirectory to the System32 directory of Windows 2000 for use) check that there are no abnormal projects when the system is started;
3. Check whether Files on the hard disk are created at the time they are mistakenly inserted into these malicious websites, especially under the C-drive root directory, Program Files directory, and operating system directory.
This is the solution I have found. If you encounter similar problems, try it!