【 Weak current College 】 IE after the destruction of self healing methods

IE is the majority of computer users to surf the Internet browser, thus also become a variety of viruses, malicious programs that target. Here are some simple and effective IE destroyed after the self-healing method:
1. IE plug-in maliciously sabotage

Online reports that in the normal shutdown after boot, WindowsXP systems does not boot properly. WindowsXP-system power-on, in the start list, select either normal or safe mode boot, fail to enter the system and machine then automatically restart, so loop, use the system repair, and other measures will not be able to boot the system. Discovered by analysis of the impact system could not start the file "CnsMinKP.sys".

CnsMinKP.sys is not a Windows system file, which is a third-party driver files in the file attribute in had a Internet company related information. The driver generally is at the bottom of the system, if there is a problem very easily lead to system instability. Remind users: this phenomenon also is not a virus, nor contagious. This symptom occurs if the system, don't panic, your system has not been completely damaged, please use the following solutions can repair system:

FIX: If your computer has dual system, please login to the normal system, remove%systemroot%\system32\drivers\CnsMinKP.sys file; if your computer does not exist-system, please use the following methods:

Use the system boot CD to boot the system, the system folder and delete the following files in the

%systemroot%\system32\drivers\CnsMinKP.sys

2, IE6 window keeps open until the last panic

The Internet soon IE6 window is kept open until the last system memory consuming too much and panic. This is because when you browse a Web page, in the script viruses. Script virus execution cannot be separated from the WSH (full name "WindowsScriptingHost"), you need to call WScript.exe program, which is located in the Windows folder, because the vast majority of ordinary users will not use it, so you can uninstall it so that to prevent such a virus.

FIX: Windows98, click "Start/Settings/Control Panel", click on the "Add/Remove Programs", select "Windows Installer"; and then double-click the "attachments" option in the pop-up window, uncheck the "WindowsScriptingHost", the last two click "OK" and uninstall it.

In WindowsXP/2000, click the "start/search/files or folders" in the system directory (C:\WINDOWS\system32), find the WScript.exe file, deleted.

3, IE home page setting is shielding lock

Malicious Web page, you can modify your registry, lock IE home page settings, so that many of the IE home page settings option is gray, the button is unavailable, do not allow users to change back.

FIX: click "start/run", type "regedit" to open the registry, navigate to the branch, new HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer "ControlPanel" primary key, and then in the primary key of a new HomePage for "jianzhiming" DWORD value, the value is "00000000" ("1" for the disabled), navigate to the HomePage HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\InternetExplorer\ControlPanel key value to 0;

Next, navigate to it by HKEY_CURRENT_USER\Software\Policies\Microsoft\InternetExplorer\ControlPanel "Settings" and "Links" and "SecAddSites" all changed to 0. Note: HKEY_CURRENT_USER\Software\Policies\Microsoft, by default only the primary key "SystemCertificates", no "InternetExplorer", if you pass the above operation, IE still there are other settings is disabled (grayed out), you can remove the primary key "InternetExplorer".

4, in IE toolbar buttons are illegal

Malicious Web page, you can also place your IE toolbars, add various illegal button.

FIX: start IE, select toolbar illegal button, and then right-click pop-up menu, choose "custom" in the pop-up window, find the illegal button, point to the "delete".

5, IE the default search engine manipulation

In IE toolbar is a search engine tools button, click on the search network. IE default use Microsoft search engine, if IE search engine being tampered with by malicious Web sites, as long as you click on the "search" button, you will link to a malicious Web site.

FIX: click "start/run" and enter "Regedit" to playOpen the registry, navigate to the branch, find HKEY_LOCAL_MACHINE\Software\Microsoft\InternetExplorer\Search "SearchAssistant" jianzhiming, in the right window click on "modify" and set its value to a search engine's Web site (for example ie.search msn.com/{SUB_RFC1766}/srchasst/srchasst.htm), and then find the "CustomizeSearch" jianzhiming, its key values into a search engine's Web site.