A lot of web page malicious Code Response method

Web page We often encounter a variety of malicious code, how should we be targeted to do a good job of preventive measures?

1. Prohibit the use of computers

Phenomenon Description: Although the network rogue with this trick is not much, but once you recruit, the consequences are really unimaginable! Browsing the Web page containing this malicious code the consequences are: "Shutdown system", "Run", "Logoff", Registry Editor, DOS program, running any program is prohibited, the system can not enter the "real mode", The drive is hidden.

Solution: Generally speaking, the above eight phenomena you have met, basically the system to "waste", the proposed reload.

2. Format the hard drive

Description: This type of malicious code is characterized by the use of IE to perform ActiveX functions, so that you inadvertently format your hard disk. As soon as you browse the page that contains it, the browser pops up a warning that "the current page contains unsafe Ctivex that may be harmful to you" and asks if you want to execute it. If you choose "Yes", the hard drive will be quickly formatted because the window is minimized when it is formatted, you may not be aware of it at all, and you are too late when you find it.

Solution: Unless you know what you're doing, don't answer "yes" casually. This message can also be modified, such as "Windows is removing temporary files from this computer, continue", so be sure to pay attention! In addition, renaming computers on Format.com, Fdisk.exe, Del.exe, Deltree.exe, and so on is also one way. Special tips, do not arbitrarily execute the unknown process.

3. Download Run Trojan program

Description: Browsing on the Web page will also be in the Trojan? Of course, due to IE5.0 itself loopholes, so that the new intrusion method is possible, the way is to use the Microsoft can embed exe file EML file loopholes, the Trojan in eml file, and then with a malicious code point to it. Internet users browse to the malicious Web page, you will unknowingly download the Trojan and implementation, during which there is no hint and warning!

Solution: The first way is to upgrade your ie5.0,ie5.0 the above version does not have this problem; In addition, the installation of Jinshan Poison PA, Norton and other virus firewall, it will be a Trojan horse as a virus quickly check and kill.

4. Locking the Registry

Description: Sometimes browsing the malicious Web page after the system is modified, want to change with regedit, but found that the system prompts you do not have the right to run the program, and then let you contact the administrator. Dizzy, moved my thing still not to change, this is what kind of truth!

Solution: To be able to modify the registry and more than Regedit one, find a registry editor, such as: Reghance. Restores the DWORD value "DisableRegistryTools" key value under Hkey_current_usersoftwaremicrosoftwindowscurrentversionpoliciessystem in the registry to "0" to restore the registry.

5. Default home Page Modification

Description: Some websites in order to improve their access volume and advertising, the use of IE loopholes, the visitor's IE use robust reporting to modify. Generally get rid of your start page and default homepage, in order not to let you change back, even the IE option in the default Home button to become invalidated gray. Is worthy of the Internet rogue is accustomed to do the wind.

Solution:

1. Changes to the Start page. Expand the registry to Hkey_local_machinesoftwaremicrosoftinternetexplorermain, and change the key value of "StartPage" to "About:blank" in the right half window. Similarly, expand the registry to Hkey_current_usersoftwaremicrosoftinternetexplorermain, and in the right half window, change the key value of "StartPage" to "About:blank".

Note: Sometimes the above steps are still not in effect, it is estimated that there is a program loaded into the startup of the cause, even if modified, the next time the startup will automatically run the program, the above settings to change back, the solution is as follows:

Run the Registry Editor Regedit.exe, expand the Hkey_local_machinesoftwaremicrosoftwindowscurrentversionrun primary key sequentially, and then the following Registry.exe subkey (name not fixed) Delete, and finally delete the same name on the hard drive executable program. The problem is solved by exiting the registration editor and restarting the computer.

2. Changes to the default home page. Run Registry Editor, expand Hkey_local_machinesoftwaremicrosoftinternetexplorermain, and correct the URLs of those malicious Web sites in the key values of the Default-page-url subkeys, or set to the default value of IE.

The 3.IE option button is invalid. Run Registry Editor to set the DWORD value in Hkey_current_usersoftwarepoliciesmicrosoftinternetexplorercontrolpanel to =dword:1, Links "=dword:1," Secaddsites "=dword:1 all changed to" 0 ", will HKEY_USERS. The key value of the DWORD Value "Homepage" under Defaultsoftwarepoliciesmicrosoftinternetexplorercontrolpanel is changed to "0".