Blocking Automatic Operation Of System To Block Virus Trojan Horse
No matter what virus you encounter, it wants to occupy your system and encroach on your files. Most of them will automatically join in every system restart. If we have a way to lose it, you will stay away from most of the virus Trojan horses.
Change the registry to run automatically.
Virus Trojans usually set themselves to run automatically by modifying the registry. We can set three corresponding countermeasures according to the three ways they modify.
1. set the registry self starting item as everyone read-only permissions (Run, RunOnce, RunService) to prevent Trojan horse and virus from starting by self starting project.
2. set.Txt,.Com,.Exe,.Inf,.Ini,.Bat and other files as everyone read only permissions, prevent Trojan horse, virus through file association start.
3. set registry HKLMSYSTEMCurrentControlSetServices as everyone read only permissions to prevent Trojan horse and virus from starting by "service".
White list runs only licensed Windows applications.
Whitelist can effectively prevent malicious programs running in your system or setting up automatic operation. The method is simple and effective.
First step: first login WinXP with administrator account (Administrator).
The second step: select the "run" item in the start menu, enter the "gpedit.msc" command, and then click the confirm button to open the Group Policy Editor window.
The third step: in the left pane of the group policy window, expand the user configuration > management template to system branch, then double-click the "run only permission Windows application" policy item in the right pane to open the "run only permission Windows application properties" window.
The fourth step: in the "run only permission Windows application properties" window, go to the "policy tab". First, choose start item, then click Show button to open the display content dialog box.
The fifth step: in the display content dialog box, click the Add button to open the Add Item dialog box, enter the command line that allows the program to run in the corresponding text box, and then click the confirm button to add it to the list of the display contents dialog box.
When the setup is completed, other programs in the WinXP will be banned except the programs specified in the list, not to mention the virus trying to add itself to the ranks of the automatic operation, or to run at the time the system starts.
Restrict virus Trojan horse shelter
When we browse the web, we download the Trojan horse which is executed locally. Many times, we will first land in some common system catalogues, such as Temp, system32, drivers, etc. we will make certain permission settings for this directory, so it is very easy to stop them and prevent them from running automatically. It is required that our c disk must be in NTFS format so that we can set up the permissions. Here we take the Temp directory as an example.
The first step is to select "my computer > tool to folder option > look away" remove hidden protected system files > select "show all files and folders > >". This step is done to display the temp folder to set permissions.
The second step: right click "temp folder > attribute > Security > advanced", now set up, choose the right item named your user name, click "Edit". In the "traversing folder / running file" check "reject", determine in turn.
Tip: FAT2/NTFS
If your C disk is not in NTFS format, you can convert it through the DOS command: convert c:/fs:ntfs, and do not have to force the volume to be unloaded. Proceed to the next step, the system will plan to execute after the next restart.
Of course, for example, the famous SXS virus, in addition to the C disk, also generates two or three files autorun.inf, sxs.exe and autorun.pif under the root directory of other discs. In order to prevent this trojan horse, we can also prevent it by setting permissions. However, the price we have to pay is that we cannot create files in the root directory. The method is as follows:
First step: right-click the D disk and select "attribute > Security > group or user name". Here is only one user name for you.
The second step: select "advanced" and select the folder or file in the application to list. What this means is that only for this directory, we can still delete and delete subdirectories.
The third step: set "create file / write data" to "reject"; set "folder / additional data" to "reject".
Such a personalized anti trojan virus automatic operation batch processing is completed.
- Related reading
- Female house | Practical Tips, Three Tips For Choosing Fiber Laser Marking Machine.
- Fabric accessories | Nantong Established Stock Industry Association
- Fabric accessories | The Eighteenth Dalang Weaving Conference Was Held In November.
- Fabric accessories | Nanfang Shares (600250): To Buy Qinhuai Scenery And Storm
- I want to break the news. | Shenzhen Fashion Exhibition Opens YOSAR Theme Pavilion For Exploring The Future
- Company news | Hongxing Erke Responded To "Chopping Orders": Compensation For Normal Consumers 50 Yuan Coupons.
- Company news | A Pair Of Broken Pants Is Sold For 150 Thousand! Levi's Jeans Are Turning Over.
- Men's district | When Men Are 40, They Don't Wear Earth Shirts. Now They Are Short Sleeved Polo Shirts.
- Fabric accessories | Fast Sales Will Reduce 85% Disposable Plastic Products
- Company news | Anta Sports Was Hit By Short Selling Again, And The Stock Price Dropped 7%.
- 摸清源頭 讓電腦運行不再遲緩
- Enjoy What You Want To Make Windows2008 Network More Secure.
- 戶外旅游你的十件貼身帶
- Use Yoga To Create Happiness.
- Hangzhou Chefs Dominate The UN Kitchen
- A Guide To Hangzhou Night Owls
- One Macrobrachium, Another Shrimp.
- Decisive Battle 08 Worries And Strategies In Warm Season
- Internet Search: A Comprehensive War
- The Planning Treasure Of Clothing Enterprise Brand