Tell you the most effective way to prevent webpage Trojans

The anti-Trojan method is only applicable to webpage Trojans, with an efficiency of more than 90%. It can prevent more than 90% trojans from being executed on your machine, or even Trojans that cannot be found by anti-virus software. Let's talk about the principle first.

Currently, webpage Trojans can be stored on your machine in the following ways:

1: Change the trojan file to a BMP file, and then use the DEBUG in your machine to restore it to EXE. The Trojan 20% exists on the Internet.

2: Download a TXT file to your machine. Then there is a specific FTP ^-^ file in it. FTP is connected to the machine where they have a Trojan to download the trojan. The Trojan 20% exists on the Internet.

3: download an HTA file and use the webpage control interpreter to restore the Trojan horse. More than 50% of Trojans exist on the Internet.

4: JS scripts are used to execute Trojan Files with VBS scripts. This type of Trojan horse has a large number of QQ-stealing legends, accounting for about 10%.

5: Other methods are unknown .............

Now let's look at the preventive methods ......... Do not lose the BRIC

That is, rename the windowssystemmshta.exe file,

Change to whatever you want (Windows XP/2000 is under system32)

Create a new CLSID-based key value {rjb6015c} for Active Setup controls under javaseractivex Compatibility, create a REG_DWORD-type key Compatibility under the new key value, and set the key value to 0x00000400.

In addition, windowscommanddebug.exeand windowsftp.exe are both named (or deleted)

Some of the latest and popular Trojans have the most effective defenses ~~

For example, smss.exe, a popular Trojan on the network, is the main body of one of the Trojans lurking in the 98/winme/xp c: windows Directory 2000 c: winnt .....

If you get this trojan, we first use the Process Manager to end the running Trojan smss.exe and then create a priced smss.exe in the C: windows or c: winnt directory and set it to a read-only attribute ~ (If the disk format of 2000/xp ntfs is used, you can use "Security Settings" to set it to read.) This trojan is gone ~ In the future, it will not be infected with this method. I have tested many Trojans.

Are very effective

After such modification, I now want to test the trojan URL sent by someone else. The experiment results show that about 20 Trojan websites are on, and about 15 rising stars will report an alarm, the other five rising stars did not reflect this, but my machine did not add new EXE files or new processes, but some Trojans left in the Temporary Folder of IE, they are not executed, and there is no danger. Therefore, we recommend that you clean up temporary folders and IE frequently.