Lets start:
First Method: Checking the startup
1. Open the "Run" by pressing "windows key + r" or go to "Start", and then select "Run".
2. Type msconfig
3. A window will come up. Go to the "Startup" Tab.
4. Now as you can see, you have the list of all the applications that start with Windows. You can find almost every RAT/Stealer/Keylogger/bot...
5. Search for some file like "Stub.exe" ,"server.exe" ,"s3rver.exe"... This are the most used names.
If you found one uncheck it, and click on "Save". Reboot your computer, and you have successfully prevented the malware(s) to startup with the system.
Second Method: Checking the Registry
In the registry every application saves its configuration, of course malware too. Malware often uses the Registry to startup, and Save the options.
1. Open the "Run" (Start -> Run)
2. Write regedit.exe
3. Search In The HKey_Current_User (HKCU) for the Software Folder.
4. There will be a list with the programs. If you are infected, you'll find something like Server or Stub, some sh*t like that.
5. If you found one, delete that entry (Right Click -> Delete Entry).
First Method: Checking the startup
1. Open the "Run" by pressing "windows key + r" or go to "Start", and then select "Run".
2. Type msconfig
3. A window will come up. Go to the "Startup" Tab.
4. Now as you can see, you have the list of all the applications that start with Windows. You can find almost every RAT/Stealer/Keylogger/bot...
5. Search for some file like "Stub.exe" ,"server.exe" ,"s3rver.exe"... This are the most used names.
If you found one uncheck it, and click on "Save". Reboot your computer, and you have successfully prevented the malware(s) to startup with the system.
Second Method: Checking the Registry
In the registry every application saves its configuration, of course malware too. Malware often uses the Registry to startup, and Save the options.
1. Open the "Run" (Start -> Run)
2. Write regedit.exe
3. Search In The HKey_Current_User (HKCU) for the Software Folder.
4. There will be a list with the programs. If you are infected, you'll find something like Server or Stub, some sh*t like that.
5. If you found one, delete that entry (Right Click -> Delete Entry).
No comments:
Post a Comment