Immune Windows systems from malicious code harassment

The so-called malicious code refers to the use of WSH vulnerabilities in a webpage to modify a piece of code of the system (however, because it does not have the basic characteristics of both infectious and self-replication viruses, therefore, it cannot be called a virus ). WSH is short for "Windows Scripting Host" and is a script interpretation mechanism provided by Microsoft, which makes the script file (extension. js ,. vbs) can be run directly on a Windows desktop or command prompt.

In other words, we can start with uninstalling WSH, blocking malicious code running, and real-time protection to prevent windows from being tampered with by malicious code.

1. Uninstall WSH

The original intention of Microsoft to provide WSH is to allow administrators to conveniently manage the system through script programs and implement batch processing or automated functions. However, this beautiful wish is exploited by malicious code, making WSH a very weak link in the system. In fact, most common users do not need WSH, so we can unmount it completely. The specific method is as follows:

To delete WSH in Windows 2000 and XP, double-click the "my computer" icon and run the "tools/Folder Options" command to select the "file type" tab, find the "VBS VBScript Script File" option, click the "delete" button, and click "OK.

　　

 

Ii. Prohibit script running

If you do not want to delete the WSH component, you can use the following method to disable script running:

1. Open the resource manager and click "tools-> Folder Options-> file type ", in the file type, delete all the content suffixed with "VBS, VBE, JS, JSE, WSH, and WSF, in this way, these files will not be executed (double-click *. js ,*. try the vbs file ).

2. Open IE, click "tools-> Internet Options-> Security-> Custom Level", and in the "Security Settings" dialog box, disable all ActiveX plug-ins, controls, and Java-related components. However, if the js or vbs script is used in the webpage, the website cannot be displayed normally.

Iii. Real-time IE protection

Maybe you think the above two methods are too absolute and cannot meet your flexible needs, you can consider installing a netassistant (enter "netassistant" or "zs.3721.com" in the address bar to enter the website, in the pop-up installation prompt dialog box, click "yes "). After the installation, the netassistant will display a blue icon on the system tray in the lower-right corner of the screen. Click it and you will see that the "protect IE" item is selected, indicating that the function of real-time IE protection is in effect.

Of course, in addition to the above methods, we should promptly patch the system and IE, update the virus database for anti-virus software in a timely manner, and do not easily browse some unknown websites, it is a good habit to reject malicious code to the maximum extent.