[Continued] A simple defense method for a horrible Trojan, aspxspy

Source: Internet
Author: User

Yesterday's essay reprinted a simple defense method for the horrible Trojan Horse aspxspy ..

Follow the above solution.

One method:
We can also make the following simple settings:
% SystemRoot %/servicepackfiles/i386/activeds. dll
% SystemRoot %/system32/activeds. dll
% SystemRoot %/system32/activeds. TLB
Search for these two files, remove the user group and powers group, and retain only the permissions of administrators and systems .. if there are other groups, please remove them all .. this will prevent such trojans from listing the physical paths of all sites...

 

I tried it on the server and removed the user group and powers group of activeds. dll and activeds. TLB .. Only the administrative and system permissions are retained ..

But today the problem is coming .. After the scheduled start of the evening yesterday, the website cannot be opened today, and the remote connection cannot be connected .. Restart the server in the IDC .. Still .. Finally, there is no way to log on to the IDC with your account .. Is the cause of activds. dll. Activeds. dll and activeds. TLB cannot remove the user group .. Alas...

 

Baidu knows that one of them is the same as mine.

 

2. How can I avoid iisspy listing the physical paths of all websites under IIS? (I checked on the Internet that activeds can be used. DLL and activeds. the permissions of the two TLB files are removed from the power user and users groups. I can test it on a virtual machine, but I can test it on three servers, after the permissions of these two user groups are deleted and the server is restarted, the server cannot be started, the server cannot be connected to the Internet, and ping does not respond. In addition, an error message indicating that SQL server has been started for more than 16 minutes is displayed in the Event Viewer)

 

I don't know which one has a better solution ?.

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.