Five steps to prevent avterminator Virus

 
In fact, the current avterminator is very easy to deal with. A simple method: use REG or INF to re-build IFEO, fix the security mode, clear the startup items, clear AUTORUN. INF, and restart the computer!

However, the administrator should remind everyone that it is best to unplug the network cable when the avterminator is in progress. Remember to clear rogue software and scan and kill Trojans after the virus is eliminated.

Let's say how to prevent avterminator, first hit the system patch, pay special attention to: MS06-014 and MS07-017 these two patches.

Step 1: restrict the read and write permissions of IFEO to prevent viruses from hijacking anti-virus software through IFEO.

Start-run-regedt32 (this is the 32-bit registry of the system, which is similar to the registry operation method) and expand:

HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File

Execution Options

Right-click and select permissions, and then cancel all permissions of the Administrors user group and Users user group.

Step 2: restrict the read and write permissions of SAFEBOOT to prevent avterminator from modifying or deleting Drives and ensure the normal operation in safe mode.

Use the IFEO-restricted method to restrict the sub-par value permissions:

HKEY_LOCAL_MACHINE/SYSTEM/ControlSet001

/Control/SafeBoot/Network/{4D36E967-E325-11CE-BFC1-08002BE10318}

And

HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/SafeBoot/Minimal/{4D36

E967-E325-11CE-BFC1-08002BE10318}

If you do not often install programs, you can restrict the permissions of the startup items, and do not need to leave them with viruses!

Step 3: Disable the WIndows USB flash drive automatic operation function. Open notepad and edit it as follows:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Policies/Explorer]

"NoDriveTypeAutoRun" = dword: 000000B5

[HKEY_USERS/. DEFAULT/Software/Microsoft/Windows/CurrentVersion/Policies/Explorer]

"NoDriveTypeAutoRun" = dword: 000000B5

Save the file as a file name: Disable the USB flash drive to automatically run. reg. Select "all files" for the SAVE type, and double-click the file to import it to the Registry.

Step 4: perform anti-virus processing on the USB flash drive. You can create an Autorun. inf folder to restrict avterminator from creating the Autorun. inf file on the USB flash drive. Haha! But now the avterminator seems to be able to deal with this Autorun. inf folder.

Step 5: Change Operation habits and improve security awareness.

In step 5, we can completely keep the avterminator away from our computer and eliminate all USB flash drive viruses.