Cut off all black/guest/intrusion paths from the registry

When the network brings great convenience to our work and study, viruses, Trojans, backdoors and hacking programs also seriously affect the security of information. A common feature of these programs that infect computers is to write information in the registry for purposes such as autorun, destruction, and propagation. The following is the author collected online, by modifying the registry to deal with viruses, Trojans, backdoors and hacking programs to ensure the security of personal computers.

1. Clean up the information left after accessing "Network Neighborhood"

Under HEKY_CURRENT_USER\\Network\\Recent, delete the following primary key.

2. Cancel automatic dialing when logging in

Modify "ldquo;autologon" in the right window under HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Network\\RealModeNet as "1 00 00 00 00”.

3. Select user when canceling login

All users have been deleted, but you have to select the user when you log in. We want to cancel the login and select the user, under HKEY_LOCAL_MACHINENetworkLogon, on the right In the window, modify the "UserProfiles" value to "0".

4. Hide the name of the user login on the computer

In HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Winlogon, create a new string "DontDisplayLastUserName" in the right window, set the value "1".

5. Prevent the destruction of the Acid Battery v1.0 Trojan

If HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunServices is found in the right window, the "Explorer" key is found. , the description of the YAI Trojan, remove it.

6. Prevent YAI Trojan damage

Under HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunServices, if you find the "Batterieanzeige" key in the right window, then the description The YAI Trojan, remove it.

7. Prevent Eclipse 2000 Trojan damage

Under HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunServices, if you find the “bybt” key in the right window, you will It is removed.

Then delete the right key value  cksys” under HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunServices and restart the computer.

8. Preventing the destruction of BO2000

If HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunServices is found in the right window, if the value of "umgr32.exe" is found, In the BO2000, delete it.

9. Prevent the destruction of love insects

Under HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run, if you find the "MSKernel32" key in the right window, it will be delete.

10. It is forbidden to appear in the IE menu in the "Tools" column, "interner option",

renamed inetcpl.cpl under c:\\windows\\system to inetcpl. If the name is forbidden after the old or other name, the name can be changed back and it can be used again.

11. Preventing the destruction of BackDoor

If you find the “Notepad” key in the right window under HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run, delete it. .

12. Preventing the destruction of WinNuke

In HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\VxDMSTCP, create or modify the string "BSDUrgent" in the window on the right, set its value to 0.

13. Prevent the destruction of KeyboardGhost

If you find the key value of KG.EXE under HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunServices, delete it and find KG. Exe file and kg.dat file, delete them all.

14.Find NetSpy hacking program

Under HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run, look for the key "NetSpy" in the right window, if it exists, it means already Install the NetSpy hacking program and remove it.