Frequent surfing on the Internet, in all likelihood, can't avoid network virus attacks. After using professional anti-virus programs to clean these programs and restart the computer system, we sometimes find viruses that have been cleaned up before. It’s a comeback, what's the matter?
It turns out that many popular network viruses will automatically have a repair option left in the registry startup of the computer system once they are started. Can be restored to the state before the modification. In order to <;reject" network virus restart, we can manually remove the virus legacy option from the registry in time to ensure that the computer system is no longer vulnerable to virus attacks.
Preventing web page startup
After many computer systems are infected with network viruses, it may be in
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion \\Run
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\RunServices and other key values in the registry branch, there is something like .html or .htm, in fact, the main role of this type of startup key is to wait After the computer system starts successfully, it automatically accesses the specific website containing the network virus. If we do not delete these startup keys in time, it will easily lead to the re-emergence of the network virus.
For this reason, after using the anti-virus program to clear the virus in the computer system, we need to open the system registry editing window in time, and view the above several registry branch options one by one in the window to see these branches. Whether the following startup key value contains a suffix such as .html or .htm. Once found, we must select the key value, and then click the “edit”/“delete” command to select the selected target key. The value is deleted, and finally press the F5 function key to refresh the system registry.
Of course, there are some viruses that will have the startup key value in the .vbs format in the startup key values below the above registry branches. We also need to delete them when we find such startup key values.
Preventing startup through the back door
In order to avoid the user's manual "cofferdam", many network viruses will perform some camouflage concealment operations in the startup items of the system registry. Users who are not familiar with the system often dare not Clear these startup key values so that the virus program can be restarted.
For example, some viruses will create a startup key named "system32" under the above registry branches, and set the value of the key to "regedit -s D:\\Windows" Up, many users will think that the startup key value is automatically generated by the computer system, and dare not delete it at will. It is not known that the "-s" parameter is actually the backdoor parameter of the system registry. The parameter is used to import the registration. Tables, at the same time can automatically generate vbs format files in the Windows system installation directory, through these files viruses can achieve the purpose of automatic startup. So, when we see the backdoor parameter key value of "regedit -s D:\\Windows" in the startup items of the above several registry branches, we must remove it without mercy.
Preventing startup via file
In addition to checking the registry startup key, we also check the system's "Win.ini" file, because the network virus will automatically generate some files in this file. Legacy projects, if you do not delete the illegal startup items in the file, the network virus will come back.
In general, the "Win.ini" file is often located in the system's Windows installation directory, we can go to the system's explorer window, find and open the file in the window, and then in the file editing area Check whether the options such as "run=", "load=" contain unknown content. If you find it, you must clear the contents of “=” in time; of course, before deleting Look at the specific file name and path, after completing the delete operation, then enter the system's "system" folder window to delete the corresponding virus file.
After paying attention to the above details, it is not so easy for many network viruses to restart in the future!
WinXP system comes with a speech recognition system, this speech recognition system can use your acc
After the input is complete, save the file as “boot.ini” (pictured) and save it to the C
First, after preparing the usb infrared adapter, turn on the computer, the new machine gene
If you have not installed SP2, or want to upgrade to SP2, be sure to do eight things before installi
Enable Guest's inaccessible network solution in XP
The system's top ten hiding places for automatic startup programs
Common methods for recovering WINDOWS failures (2)
Practical skills: Windows XP system to restore weight loss three strokes
There are several possibilities of "virtual memory is not enough"
WindowsXP classic failure network failure articles
In-depth analysis of 14 problems of computer crash
Solve Win xp can not shut down fault
Resolve system failure "A disk read error" failure
Xp shutdown always shows "Shutdown" but can't be closed, what should I do?
Solution for player plugin corruption
Windows10 system can not find wireless network how to do
IE always prompts "Respond to problems, need to be closed, whether to send error reports"
Win7 Ultimate system to see video card or sound picture is not synchronized solution
Window xp easily removes the fiber-optic dial-up settings under XP
What should I do if OneNote cannot be logged in win10?
Detailed steps to configure IIS under win7
Win 2000/XP blue screen solution practical skills