On the Welcome screen, click UVK Immunization. UVK will be displayed like the screenshot below:
The UVK immunization helps you to prevent your computer from being infected by protecting the registry and file system most vunlnerable areas from changes. It doesn't use any resources and only takes a few seconds to be configured.
You can also backup and restore your registry in this section.
The UVK immunization doesn't replace an anti-virus software. Anti-virus real-time protection prevents the malware files from being executed. The UVK immunization doesn't.
The UVK immunization can prevent some genuine programs from being installed/uninstalled. If you get access denied errors when installing trustful software after immunizing your system, try removing temporarily the UVK immunization.
Then why do you need it? For many reasons. Below are the main ones.
If the
malware is very recent and your anti-virus software doesn't detect
it yet, your computer will still be protected against the most
common infections.
The UVK
immunization doesn't use any resources and doesn't generate false
positives.
The UVK
immunization not only protects your computer from infections, as it
also prevents unwanted software such as Internet explorer toolbars and
browser helper objects from being installed.
The UVK
immunization helps to keep the good performance of your computer by
preventing programs from being added to the windows startup, which
will use resources continuously.
You can
select which areas to be immunized.
You can
quickly un-immunize (restore access to) one, several or all the areas you have
previously immunized.
The UVK
immunization protects your windows settings from being changed by
malware, common software or un-experienced users by preventing the
group policies, desktop and Windows explorer registry entries from
being changed.
The UVK
immunization can protect your driver files from being replaced by
rootkits.
UVK uses a special method to make as
dificult as posible for malware and non administrator users to
restore the access to modifying the immunized ares.
How do you choose which ares to immunize? See below.
Windows startup and logon:
Autorun entries (recommended) - These are the most commonly
used registry entries to set programs to be run on the Windows
startup and user logon. You can quickly un-immunize this area to
allow a new program to be added to the list, and then immunize it
again. While this area is immunized, no programs can be added or
removed.
Startup and tasks folders (recommended) - These two folders
are used to run programs either at windows startup (startup folder)
or at a specific time or date (tasks folder). While this area is
immunized no files can be added or deleted in these folders.
Winlogon entries (recommended) - This is a very vulnerable
area to infections. Malware often use it to replace the windows
shell application (explorer.exe) and the userinit application
(userinit.exe) with their infected files. Un-imunize this area only
if you're installing a trusted application to replace the windows
shell, and immunize it again afterwards.
RunOnce entries (user choice)
- While this area is
often used by malware to run their files once after reboot, it is
also used by common software to complete install or uninstall on
reboot. From a security view, it may be helpful to immunize
this area, but you sould think of
un-immunize it if you install or uninstall software that may need to
delete or modify files on reboot. The system will still have access
to modify these entries even when they are immunized.
RunServices entries (recommended)
- This area is no longer used by modern applications. But malware
can still use it to run their infected services once upon reboot.
RunServicesOnce entries (user choice)
- While some legacy applications may use this area to run their
services once after reboot, it can also be used by malware to do the
same thing.
System registry entries:
Group policies (recommended) - UVK will prevent the group
poilicies from being changed either using gpedit.exe or modifying
the corresponding registry entries. Un-immunize this area only if
you want to modify the group policies yourself.
Lsa providers (recommended) - This area is oftenly used by
malware to infect the Windows security providers.
Hosts file (recommended) - The hosts file is very oftenly
used by malware to create internet redirects and prevent access to
Microsoft and Anti-virus websites. Immunizing this area will protect
the hosts file from being modified.
Image Hijacks (recommended) - Another very vulnerable area
which is used by malware to run infected files instead of system
files.
Driver files (user choice) - Some viruses replace the
driver files with rootkits. Immunizing this area will prevent the
driver files from being modified or deleted. However, you will
probably have to un-immunize this area to update non windows
drivers.
SubSystems key (recommended) - Prevent the values under the
HKLM\SYSTEM\CurrentControlSet\Control\Session
Manager\SubSystems registry key from being changed. These
values are commonly used by modern malware to load their infected
dll files.
Internet and Windows explorer:
Browser helper objects (recommended) - Prevent Internet
explorer BHO registry keys from being modified. This will prevent
adding toolbars and ad-ons to Internet explorer.
Url search hooks (recommended) - Prevent the Url search
hooks registry keys from being modified.
IE main entries (recommended) - Prevent changes to
the Internet explorer main registry keys. This will prevent
modifying the Internet explorer welcome pages and other settings.
IE toolbars and search providers (recommended) - Prevent
adding toolbars and search providers to Intenet explorer.
Internet settings (recommended) - Prevent changes to the
internet settings.
Explorer registry entries (user choice) - Prevent modifying
the Windows explorer settings. You must un-immunize this area to be
able to change Windows explorer settings such as the folder view, or
displaying the hidden files and folders.
Shell execute hooks (recommended) - Prevent the Windows
explorer Shell execute hooks registry keys from being modified.
Desktop registry entries (recommended) - Prevent the
Desktop registry keys from being modified.
Start menu (user choice) - Prevent the Start menu from
being deleted.
Programs will still be able to create new files and folders in the
start menu, but they will not be allowed to delete the existing
ones.
Select ()
the areas you want to immunize. To quickly select the recommended
areas above, click Recommended, in the lower pane.
You can also click All or None to
quickly select all the areas, or none, respectively.
Applying the selected immunization:
When you have configured the areas to immunize/un-immunize, click Apply selected immunization, and confirm to start the immunization. It will only take a few seconds to immunize all the areas, it's a very fast process.
Note: UVK will automatically un-immunize the un-checked areas, if they have been previously immunized.
And that's it! When you come back to this section again, the immunized areas will automatically be selected. If you wish to un-immunize one or several specific areas, just uncheck the corresponding checkboxes and click Apply selected immunization again.
The users who have purchased a UVK license key will also be able to choose whether to immunize the registry keys and folders for all the users or just the current user. For more information about the UVK license key, click here.
Registry backup and restore:
The UVK immunization section also allows you to make a backup of your windows registry, which you can restore later if your system gets damaged. Note that the Restore registry option will be disabled while you don't make your first registry backup.
To backup the registry, just click Backup registry and confirm by clicking Yes.
To restore a previous registry backup, click Restore registry, choose if you want to restore the HKEY_LOCAL_MACHINE or the HKEY_CURRENT_USER, or Both rootkeys, and click OK. UVK will then start restoring your registry. Usually it takes a few minutes to restore the both rootkeys.
Go back to the UVK's welcome screen:
To return to the welcome screen, click Welcome screen.