Thursday, October 21, 2010

To prevent the most effective way to Trojan


Anti-Trojan way to teach everyone, only for web Trojans, there are more than 90% efficiency, can prevent over 90% on your machine Trojan is executed, or even anti-virus software is able to detect the Trojan can prohibit the implementation. Before the point of principle.

Trojan is now nothing more than a page in the following ways to your machine in

1: the Trojan files into BMP files, and then with you in the machine to restore DEBUG EXE, 20% of online presence of the Trojan

2: download a TXT file to your machine, and then inside there is a specific FTP ^ - ^ for, FTP to connect their machines to download Trojan horse, the existence of the Trojan line of 20%

3: The most common way is to download an HTA file, and then the interpreter with a web control to restore the Trojan horse. The Trojan horse for more than 50% of online presence

4: The JS script, use the VBS script to perform the Trojan file, this type of Trojan horse to steal QQ, more, less stealing legend, probably about 10%

5: other

Now is the method to prevent

That is to windowssystemmshta.exe file rename, change what their casual (Win XP and Windows 2000 is in system32 under) HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility under the Active Setup controls to create a new key based on CLSID (6E449683_C509_11CF_AAFA_00AA00 B6015C), then the new key create a REG_DWORD value type of key Compatibility, and set the key to 0x00000400 can.

There windowscommanddebug.exe and windowsftp.exe gave a change of name (or deleted)

Some of the latest effects of the most popular Trojan defense

Such as the popular network smss.exe Trojan horse that is one of the main body hidden in the 98/winme/xp c: windows directory, 2000 c: winnt .....

If you are in this Trojan first, we end with the process manager smss.exe trojan is running and then in C: windows or c: winnt directory create a 0 price and is set to read-only attribute smss.exe ~ (2000/XP NTFS disk formats, then so much the better, you can use the "Security Settings" is set to read) After this Trojan did not re-infection had been tested this way for many Trojans have a great effect. After such modifications, I am specifically looking for someone to test the hair of the Trojan site, the experimental results is about 20 trojans on the site, there will be about 15 Rising alarm, another 5 did not reflect the Rising, and my machine does not add out of the new EXE file, and no new process appears, but some remained in the wreckage of Trojan IE temporary folder, they are not enforcing it, there is no risk, it is proposed that we often clean up temporary files folder and IE.






Recommended links:



ASF to MPG



Warning: evil "cool dog" fake "cool dog" EVIL



MKV to MOV



Catalogs Security And PRIVACY:



RUP Anti-pattern



COREL KNOCKOUT Guide (1): Interface description



Sony BMG U.S. Federal Court approved a settlement agreement with the consumer



When The "vision" Into A "trap"



tips for phone users to make cheap calls



Transport Stream Converter



CMM Assessment in China Suggestions



"Want to" Match "can do"



Brief Puzzle And Word Games



Zhongguancun HAND new countryside



Jobs Leak Macworld Speech



No comments:

Post a Comment