Author: seve Source: 1. prohibit the use of computer design several times described the phenomenon: even though the network hooligans are not much use this trick, but once you are in the move, really disastrous consequences! The consequence of the web page containing this malicious code is: "Close System", "Run", "Logout", Registry Editor, DOS Program, running any program is disabled, the system cannot enter "real mode", drive hide. Solution: Generally speaking, the above eight phenomena, you have met, basically the system will give "waste", it is recommended to reload. 2. Formatting hard disk phenomenon description: The feature of such malicious code is to use IE to perform ActiveX's function, so that you unintentionally format your hard drive. As long as you browse the webpage containing it, the browser will pop up a warning "The current page contains unsafe CTIVEX, may cause you to harm you", ask if you are executed. If you choose "Yes", the hard disk will be quickly formatted, because the window is minimized when formatting, you may not pay attention to it, wait for the discovery. Solution: Unless you know what you are doing, don't just answer "Yes". The prompt can also be modified, such as "Windows is deleting the temporary file of this unit," so don't pay attention! In addition, it is also a way to change the computer, fdisk.exe, del.exe, fdisk.exe, del.exe, deltree.exe on your computer. Special tips, don't be able to execute an unknown program. 3. Download the run Trojan program Description: Browse on the web page also Wood Horse? Of course, due to the vulnerability of IE5.0 itself, this new intrusion method is possible, the method is to use Microsoft's vulnerability that can embed EML files that can embed an EXE file, put the Trojan in the EML file, and point to it with a malicious code. . The Internet is browsed to the malicious web page, and it will download the Trojan and execute unconsciously, there is no tips and warnings! Workaround: The first method is to upgrade your IE5.0, IE5.0 or above is not this problem; in addition, install the virus firewall such as Jinshan Taxi, Norton, which will use the webpage Trojan as a virus quickly check. 4. Description of the registry: Sometimes the system is modified after the malicious web page, wants to change with regedit, but find that the system prompts you have no permission to run the program, and let you contact the administrator. fainted! It's still not letting my things, which is the truth of this. Workaround: You can modify a registry yet, find a registry editor, for example: Reghance. Returning the registry in the DWORD value "DisableRegistryTryTools" key value under the hkey_current \ster \ /currentversion \policies \System \currentversion \policies@tem. 5. Default Home Change Phenomenon Description: Some websites use IE vulnerabilities to improve their vulnerabilities in order to improve their visits and advertisements. Generally changed your starting page and the default home page, in order not to change it, even the default home button in the IE option is grayed. It is a common style of network rogue. Solution: 1. Modification of the start page.
Expand the Registry to HKEY_LOCAL_MACHINE \Software\Microsoft \Internet Explorer \Main, change the key value of "start page" to "About: blank" in the right half window. Similarly, expand the registry to HKEY_CURRENT_USER \Software\Microsoft \NTERNET Explorer \Main, change the key value of "start page" to "About: blank" in the right half window. Note: Sometimes there is still no effective after the above steps, it is estimated that there is a program to load the startup item, even if the modification, the process will automatically run when the next startup will be run, and the above setting is changed, the solution is as follows: Run the registry Editor regedit.exe, then expand the hkey_local_machine@wwwarentversion@rosoft \Windows \CurrentVersion@run primary key, then delete the "registry.exe" subkey (name is not fixed) below, and finally remove the same name in the hard disk. Exit the registration editor, restart your computer, and the problem is solved. 2. The default home page is modified. Run the registry editor, expand HKEY_LOCAL_MACHINE \Software\Microsoft @Ternet Explorer \Main \ 3.ie Option Button Failure. Run the Registry Editor, the dword "settings" = DWORD: Settings "= DWORD: 1," LINKS "= DWORD: 1," SECADDSITES "= DWORD: 1," SECADDSITES "= DWORD: 1," SECADSITES "= DWORD: 1 "0", change HKEY_USERS .FAULT \Software \policies ingfault@ternet Explorer \Control Panel "HomePage" to "0". 6. Tampering IE Title Bar Phenomenon: In the system default, the application itself provides information on the title bar. However, some network rogues reach the key values under the string value "Windows Title" to its website name or more advertisements to achieve the purpose of the IE title bar. I have to look at him in other people, and by illegal modification means, there is no other adjective word in addition to "shameless". Workaround: Expand the registry to HKEY_LOCAL_MACHINE \Software\Microsoft @Ternet Explorer \Main \, find the string value "Windows Title" on the right half window and delete the string value. Restart your computer.
7. Tampering the default search engine phenomenon: There is a search engine tool button in the toolbar of the IE browser, you can implement network search, after being tampered with, just click the Search Tool button to link to the network note want you to go Website. Solution: Run the Registry Editor, expand HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch and HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant, will CustomizeSearch and SearchAssistant the key value to a search engine URL. 8. e Right-click Modification Description: Some network rogues have made modifications to the function menu of your right-click in order to promote the purpose of publicity, and add some messy things, even to prohibit you from downloading, right-click in the IE window The function is shielded. Workaround: 1. Right-click menu is modified. Open the registry editor, find hkey_current_user \Software\Microsoft \NTERNET Explorer \MENUEXT, delete the relevant advertising provisions. 2. Right click function. Open the Registry Editor, expand to HKEY_CURRENT_USER \Software ∎Policies \ Microsoft \Internet Explorer \RESTRICTIONS, and the value of its DWORD value "NobrowserContextMenu" is changed to 0. 9. Tampering address bar text phenomenon Description: The nephew of the IE address column appears some inexplicable text and icon. There is a lot of addresses in the drop-down box in the address bar, not your previous visit. Workaround: 1. The text under the address bar. Locate the key value linksfoldername under HKEY_CURRENT_USER \Software\Microsoft \Internet Explorer \MICROFT \Internet Explorer \MICROFT \Internet Explorer\ Microsoft \Internet Explorer\Microsoft \Internet Explorer\ Microsoft \Internet Explorer\ Microsoft .... 2. Useless addresses in the address bar. Remove the useless key value in HKEY_CURRENT_USER \SOFTWARE \MICROSOFT \Internet Explorer \TYPEURLS. 10. Punctual pop-up dialog phenomenon when starting: 1. Pop online dialog box when the system starts, usually some advertising information, such as welcome to visit a certain site. 2. Boot pop-up, usually pop up a lot of windows, so that you can't do it, you can repeat the window until you die. Solution: 1. Pop-up dialog. Open the registry editor, find the hkey_local_machine \Software\Microsoft \Windows \CurrentVersion@winlogon primary key, then find "LegalNoticeCaption" and "LegalnoticeTiceText" in the right window, and delete these two strings can be solved in the startup The phenomenon of the prompt appears. 2. Pop online. Click "Start - Run - Enter Msconfig", select "Start", check the suffix of URLs, HTML, and HTM.
