Thoroughly defeat hackers and find hidden super management users

Many of my friends reflect that there seems to be a "third party" in their computers, but whether they directly open the account manager in the system, you still cannot find any clues through the "net user" command in the command prompt.
Does this mean that there are no other illegal accounts in the computer? No, because many hackers modify the Registry's "HKEY_LOCAL_MACHINE/SAM" to create hidden accounts, which cannot be seen by conventional methods.

To check whether a hidden account exists on your computer, you must start from the source to view the corresponding key value of the registry. Open the "run" window, enter "regedit", and press enter to open the Registry Editor. Select "HKEY_LOCAL_MACHINE/SAM" on the left, right-click the SAM sub-key, and select "permission" in the pop-up menu ", in the displayed permission settings window, click "add" to add the current account, set the permission to "full control", and click "OK" to return.

Now we can see two more sub-keys under the SAM sub-key, namely SAM/Domains and SAMSAMRxact. Expand "SAM/Domains/Account/Users/Names" in sequence. The subkeys under Names are the list of all accounts in the current system, including hidden accounts, if it is found that the list is inconsistent with the user that the system account management or net user sees, it turns out that it is an illegal secret account and you can directly Delete the corresponding sub-key.

In addition, if you are in trouble, you can directly open the registry, select "HKEY_LOCAL_MACHINE/SAM", open the "file" menu, and select the "Export" command to export the key value, if you suspect that a hidden account has been illegally created, you only need to double-click the exported registry file and re-import it to the Registry to delete the hidden account.