Tip: utility to kill web Trojans

Web Trojans are widely used in the use of Windows, IE, or other software vulnerabilities, and the majority of Internet users are innocent victims. Even if your system patches are frequently used, it is inevitable that the system will fail. If you are not careful, you will be tempted. In this way, the user is always following the vulnerability and too passive. Is there any effective way to end various webpage Trojans? Below I will introduce several tools for ending webpage Trojans to safeguard the security of web browsing.

　　I. webpage wooden marker

Webpage Trojan is a comprehensive Web Trojan prevention tool that can effectively prevent ie from running other programs to prevent Trojans. In addition, it can not only prevent web Trojans, but also prevent calls from any unknown processes, thus more comprehensive protection of the system.

1. Monitor malicious webpages

On the Dynamic Web page, click the "system settings" tab, select the "Monitor browser running other programs" option, click the "Save settings" button, and then click the "enable monitoring" button, you can enable the monitoring function of the web page. When we open the trojan webpage, the trojan instantly intercepts the process information. The process interception dialog box is displayed. In the dialog box, you can find out the name of the Trojan process downloaded from the web page. (Figure 1)

　　

The web page can also effectively protect the IE browser, prevent the web page from modifying the IE homepage, check the option "Modify IE Monitoring Program" in the process interface, click the "Save settings" button, and then enable monitoring. When the webpage tries to bring up the modification prompt dialog box, you can choose whether to be the IE homepage. Check "Agent IE and lock as" and enter the home address in the blank input box to automatically block all homepage modification operations and lock them to the specified website address. (Figure 2)

　　

2. prevent advertising windows

Some webpage Trojans are bundled with IE, and many rogue software are embedded in IE. Some webpage Advertisement Windows are often displayed automatically, the use of web-based wooden star can effectively prevent such Trojans and rogue software.

In the program interface, select "monitor the browser to run other programs" and enable monitoring to prevent unauthorized program calls. When a webpage advertisement window pops up, the webpage's wooden star will automatically intercept it, and you can see that such advertisement windows are often called through IE. (Figure 3)

　　

Ii. SSM also protects against webpage Trojans

Some security software, such as the "Watchdog" and SSM, are also capable of preventing webpage Trojans. If the system has installed these software, you can also use it to prevent web Trojans.

Take SSM as an example. Open the "Rules"> "programs" tab, right-click, and select "add file Rules". In the displayed dialog box, browse specified C: Program FilesInternet rule eriexplore. EXE. After confirmation, you can create a rule for IE. With the default rule settings, when IE browses a trojan page, the background program is automatically blocked. For example, when an SSM is enabled, when a trojan webpage is opened, information about the blocked program is displayed, effectively blocking webpage Trojans. (Figure 4)

　　

　　3. Web Page Monitor WebPageMon

WebPageMon is a Web page monitor that effectively prevents the execution of various web page script Trojans and takes up a very small percentage of system resources. Before moving WebPageMon, you must first set the default browser for IE. If Maxthon is used, because the kernel it calls is also the IE kernel, you must also set IEAS the default browser.

After the WebPageMon operation is performed, the program automatically detects the current default browser and displays the browser process in the list below. Click "start monitoring" to enable webpage Trojan monitoring. When you open some Trojan pages, WebPageMon automatically checks whether IE runs other programs in the background and displays interception information in the preceding logs. (Figure 5)

　　

The WebPageMon program does not delete trojan files downloaded by web scripts, but stops them from moving. Therefore, we can open the temporary IE folder and view executable files downloaded by blocked IE in the background. You can also use the kill software to detect and kill viruses. (Figure 6)

　　4. webpage Trojan blocker

In general, the trojan and rogue software in malicious web pages can be exploited to download and execute malicious programs with sinister intentions by exploiting browser or system vulnerabilities. That is to say, as long as we prohibit the movement of suspicious programs, even if a malicious webpage downloads the trojan program virus in the background, it cannot infect or damage our system. Control programs to prevent malicious web pages. -- "Webpage Trojan Blocker" prevents webpage Trojan viruses by monitoring and controlling any program processes in the system.

Because Web Trojan interception uses process monitoring to prevent web magpie Trojans, the software firewall must be used to detect malicious processes in the system before browsing the Web page. At the same time, in order to avoid affecting the interruption of webpage Trojans, it is best not to use a scapegoat program. Web Trojan blocker is a small green software. After decompression, you can directly execute the program to monitor and intercept various web Trojan viruses and malicious web pages.

1. Process Protection

In the program interface window, the list shows all the processes in the current system that are currently running. Right click the "Refresh list" button to update the process information. Locate unrelated or suspicious processes and click the "Terminate process" command to terminate them. Click "set". In the displayed dialog box, select "Start with system" to enable the trojan blocker to protect the system instantly.

2. Web page Interception

Click the start intercept button on the page. In the title bar of the program window, you can see the prompt "intercept system started" to intercept any web page, at this time, the running program process will be marked as "trusted", and the interceptor will always pay attention to monitoring whether there are new processes in the system. (Figure 7)

　　

If the interceptor detects that a new process is generated, it immediately blocks the process and automatically displays the program interface on the top of the desktop to remind you. You can see a new process name marked with a yellow question mark in the intermediate window list. If you think this process is a Trojan process, you can click the "End Process" button on the right of the program interface to terminate the operation of the Trojan virus program. If it is a normal software program, click the "Trust process" button to allow the program to run. The prohibited and licensed processes are displayed in a conspicuous manner in the list. You can click the "Refresh process" button to resume normal display. (Figure 8)

　　

How do I know the process in which the interceptor sends an alarm, whether the space is a normal system or software process, or a harmful webpage trojan virus program? If the system runs normal processes before the monitoring starts, but does not run any other programs while browsing the Web page after the monitoring starts, but it prompts that a new process is blocked, so the intercepted process is generally contained in a Trojan on the webpage.

3. Anti-malicious plug-ins

Under the Protection of interception, you can browse all kinds of websites safely without worrying about Trojan horse in the webpage. Because any webpage Trojan program tries to run, the software will automatically intercept the website, the interceptor can ensure that 100% of all web Trojans are intercepted. Even if the running Trojan or various rogue software is loaded in DLL mode, they can't escape the "eye-catching" of the interceptor ". At the same time, there is also a type of malicious web pages on the Internet that specifically modify system security configurations and registries, and can also be blocked. (Figure 9)

　　

4. Set a black/white list

If you need to run some normal software programs when browsing the Web page, the interceptor will pop up frequently. What should we do?-We can add secure programs to the "White List, you can run the program freely. On the program interface, click the "whitelist" option and enter the program process name in the list window in the middle. (Figure 10)

　　

In addition, you can add and disable dangerous programs in the "Blacklist". For example, some web pages modify the registry and add the programs to the blacklist to prohibit any modification to the registry when browsing the Web page. There are two files in the program Directory: allow.txtw.( "“kill.txt "(blacklist). You can directly use NotePad to edit files and add them to the blacklist and whitelist program. (Figure 11)

　　

　　Summary: Webpage Trojans are rampant. Instead of passively preventing them, it is better to take the initiative to kill them with the corresponding network horse detection and detection tools. Of course, in addition to the software listed by the author, you can also find other similar software