Wednesday, October 6, 2010

To prevent the most effective way to Trojan


Anti-Trojan way to teach everyone, only for web Trojans, there are more than 90% efficiency, can prevent over 90% on your machine Trojan is executed, or even anti-virus software is able to detect the Trojan can prohibit the implementation. Before the point of principle.

Trojan is now nothing more than a page in the following ways to your machine in

1: the Trojan files into BMP files, and then with you in the machine to restore DEBUG EXE, 20% of online presence of the Trojan

2: download a TXT file to your machine, and then inside there is a specific FTP ^ - ^ for, FTP to connect their machines to download Trojan horse, the existence of the Trojan line of 20%

3: The most common way is to download an HTA file, and then the interpreter with a web control to restore the Trojan horse. The Trojan horse for more than 50% of online presence

4: The JS script, use the VBS script to perform the Trojan file, this type of Trojan horse to steal QQ, more, less stealing legend, probably about 10%

5: other

Now is the method to prevent

That is to windowssystemmshta.exe file rename, change what their casual (Win XP and Windows 2000 is in system32 under) HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility under the Active Setup controls to create a new key based on CLSID (6E449683_C509_11CF_AAFA_00AA00 B6015C), then the new key create a REG_DWORD value type of key Compatibility, and set the key to 0x00000400 can.

There windowscommanddebug.exe and windowsftp.exe gave a change of name (or deleted)

Some of the latest effects of the most popular Trojan defense

Such as the popular network smss.exe Trojan horse that is one of the main body hidden in the 98/winme/xp c: windows directory, 2000 c: winnt .....

If you are in this Trojan first, we end with the process manager smss.exe trojan is running and then in C: windows or c: winnt directory create a 0 price and is set to read-only attribute smss.exe ~ (2000/XP NTFS disk formats, then so much the better, you can use the "Security Settings" is set to read) After this Trojan did not re-infection had been tested this way for many Trojans have a great effect. After such modifications, I am specifically looking for someone to test the hair of the Trojan site, the experimental results is about 20 trojans on the site, there will be about 15 Rising alarm, another 5 did not reflect the Rising, and my machine does not add out of the new EXE file, and no new process appears, but some remained in the wreckage of Trojan IE temporary folder, they are not enforcing it, there is no risk, it is proposed that we often clean up temporary files folder and IE.






Recommended links:



Wizard Audio And Multimedia



QuickTime to MPEG



CNNIC: Domain transfer fee does not exist



Printing Machinery "pioneers", "English Education" Story



FreeBSD Serial (35): serial port and modem



Screen Capture brief



1 million for the lessons do NOT come!



TIPS to download lovers to support the market



Dell Notebook Case For The Core Trial Xiamen



MKV to Xbox 360



DVR-MS TO MPEG



Dynamic programming algorithm with the largest



Review Strategy And WAR Games



Adobe Is Very Fragile, Then Photoshop It?



No comments:

Post a Comment