How to Prevent ASP trojans from running on servers

Source: Internet
Author: User

Currently, ASP Trojans, which are popular on the network, mainly use the following three technologies to perform server-related operations.

1. Use the FileSystemObject component

Ii. Use the WScript. Shell component

3. Use the Shell. Application Component

Currently, the popular ASP Trojan mainly uses three technologies to perform server-related operations.

1. Use the FileSystemObject component

FileSystemObject can perform regular operations on files. You can modify the registry and rename this component to prevent the harm of such Trojans. HKEY_CLASSES_ROOTScripting.FileSystemObject and rename it to another name, for example, change it to FileSystemObject_ChangeName. You can call this component later and change the clsid value, the value of the HKEY_CLASSES_ROOTScripting.FileSystemObjectCLSID project can also be deleted to prevent the harm of such Trojans. Run RegSrv32/u C: WINNTSYSTEMscrrun. dll to log out of this component. Disable the use of scrrun. dll by Guest to prevent calling this component. Run cacls C: WINNTsystem32scrrun. dll/e/d guests

Ii. Use the WScript. Shell component

WScript. Shell can call the system kernel to run basic dos commands. You can modify the registry and rename this component to prevent the harm of such Trojans. HKEY_CLASSES_ROOTWScript.Shell and HKEY_CLASSES_ROOTWScript.Shell.1 are renamed as other names, for example, changed to WScript. shell_ChangeName or WScript. shell.1 _ ChangeName. You can call this component normally when calling it later. You also need to change the clsid value. The value of the HKEY_CLASSES_ROOTWScript.ShellCLSID project is HKEY_CLASSES_ROOTWScript.Shell.1CLSID project value, you can also delete the Trojan to prevent its harm.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.