Filed a malicious Web page, you will definitely not be unfamiliar, perhaps it has much of its tortured. Malicious website contains malicious code can be on the visitor's computer of illegal and malicious attacks. Now, website malicious code has been defined as antivirus software website virus. With the traditional sense of the virus compared to the homepage does not have infectious virus, but the threat of the virus must not less than ordinary.
Since the preparation of malicious code do not need to advanced technology, the low quality of many people improve their website visibility purposes or for mischief in its website into the malicious code, allow visitors to suffer. That was a malicious website clenched his teeth after fast wish detractors. Now let malicious website to jointly denounce the 10 counts.
1, the initial revision IE Home
IE Home is the starting time of each open IE to enter the first page, click on IE toolbar at the "Home" button can also enter the Home Start, it is generally we need frequent Show pages, but some malicious Home pages will be some initial Wuqibazao web site, so as to achieve their ulterior motives.
Home Start to repair IE method is very simple, in the IE "tools" menu, click "Internet Options" (IE5 example, the same below), select "conventional" tab, in the "Home" text box Home website.
If a non-functional after the above settings, it is certainly in the Windows "start" the group loaded malicious programs, the computer automatically each time you start to run a program on illegal IE settings. Through the registry editor, such procedures will be from the "kick-off" group removal.
Is: Click on the "Start → Run" and type "Regedit" Enter, in the Registry Editor in order expand HKEY_LOCAL_MACHINE \ Software \ Wicrosoft \ Windows \ Current Version \ Run] primary key, and the right of the window shows the start loading all of the procedures, the procedures will be included suspicious keys were deleted.
Apart from the initial Home, and the default home page was changed circumstances. We or through the registry editor to fix the default home page. Expand HKEY_LOCAL_MACHINE \ Software \ Wicrosoft \ Internet Explorer \ Main] primary key, and the right of the window in the keys of "Default-Page-URL" decision IE's default home page, double-click the keys were in the "keys" Text Enter Web site, the site will become a new IE default home page.
2, modify IE toolbars
IE toolbars, including tools button, and the address bar, links, and several other projects, malicious Web page may be in notifying the Add button on the toolbar or in the address bar drop-down list did not include some of the web sites visited, By tampering with even the title of links column shows that some nausea text.
To remove unwanted buttons, very simple button on the toolbar at the election right "Since the definition of" in the "current toolbar buttons" drop-down box selected unwanted button click the "delete" button.
To remove redundant address list, the registry editor can be launched [HKEY_CURRENT_USER \ Software \ Wicrosoft \ Internet Explorer \ TypeURLs] main key, and the right of the window "url1," "url2" keys that were deleted in its entirety can be.
Links to repair column headings, the first start [HKEY_CURRENT_USER \ Software \ Wicrosoft \ Internet Explorer \ Toolbar] primary key, in the right of the window in the name of the keys "LinksFolderName" Double-click to modify their keys to show for the information, or directly The keys were deleted, the links column heading will revert to the default "link".
3, modify the default search engine
IE toolbars in a "search" button, which links to a specified search engine, Web search can be realized. Malicious website of the revised search button and can not work, but from a malicious Web page link to a specific page list.
To repair search engine, first started [HKEY_CURRENT_USER \ Software \ Wicrosoft \ Internet Explorer \ Search] primary key, in the right of the window will "CustomizeSearch", "SearchAssistant" of the two keys corresponding to a web site search engine website.
4, modify IE title bar
We visit the website, IE title bar shows the current Web page decision by the header information. But some malicious Web page by modifying the registry so that the IE browser regardless of what the title page should be added in a message, or is the name of a Web site, or some spam, and even some political reactionary or offensive information .
To repair IE title bar, in the registry editor start [HKEY_LOCAL_MACHINE \ Software \ Wicrosoft \ Internet Explorer \ Main] the key, and the right of the window in "Window Title," were keys can be deleted directly.
5, modify or prohibit IE Right
Some malicious Web page on the IE shortcut menu right to amend, by adding some silly information, or to join the links at its Web site, thinking that the people will frequented their website, is very ridiculous.
To delete a shortcut menu in the garbage, can be launched through the registry editor [HKEY_CURRENT_USER \ Software \ Wicrosoft \ Internet Explorer \ MenuExt] primary key will be below the full contents of the refuse can be deleted, but also directly to the "MenuExt" - button removed, because "MenuExt" under the right-button menu expanded content, delete it, pop-up menu will revert to the default style.
Some malicious website to prohibit downloading, even the Prohibition of the Use Right, it has too heinous. Start [HKEY_CURRENT_USER \ Software \ Policies \ Wicrosoft \ Internet Explorer \ Restrictions] primary key (Note here Policies branch of Internet Explorer), in the right of the window will keys of "NoBrowserContextMenu" Dword keys to "0" can be, or that the keys were deleted, or even the "Restrictions"-delete button, "Restrictions" are some of the key functional limitations IE settings.
Some malicious website cunning, when using the right mouse button, the menu will not be displayed, but the pop-up dialog warning you not to "infringement", or forced you to read their spam, which did not modify the registry, Therefore, this page will not withdraw from the events. If insist on the right to use this website, for alternative methods: When pop-up dialog box appears, click on the keyboard "Properties" button (on the right Ctrl key left a key) link, then click Enter button, the dialog box pops up several times on several occasions by the Enter key, finally opening up "Properties" button, the menu will be fast right out.
6, system startup page or pop-up dialog box
If a page pop-up when you start Windows, which is a malicious Web page on the Windows "start" group dynamic because of the hands and feet. We in the registry will "kick-off" item to delete the corresponding group can be solved.
Method: start [HKEY_LOCAL_MACHINE \ Software \ Wicrosoft \ Windows \ Current Version \ Run] primary key, in the right of the window will include a url, htm, html, asp, php web site attributes such as the keys were deleted in its entirety.
There is also a malicious website similar trick is that when you start Windows dialog box will pop up to show their advertising messages. Solution: expand HKEY_LOCAL_MACHINE \ Software \ Wicrosoft \ Windows \ Current Version] primary key, the primary key of the key "Winlogon" when Windows starts can display information boxes, direct of the start button to delete can be avoided When refuse the information.
7, IE regularly pop up a new window
IE browser will pop up from time to time to visit the new windows-based website, which is typical of malicious website poisoning symptoms. Malicious website through the Windows "start" group added hta document to achieve the objective. Similarly, we take advantage of the six methods, the group will be activated hta document contains all the items can be deleted.
8, prohibited to modify the registry
This is a malicious Web page of the most shameless act, a malicious Web page revised our system, when we use at the Registry Editor Regedit.exe to repair the registry, prompted "Registry Editor was prohibited by the administrator." Malicious website tried to prohibit the use Regedit.exe to prevent us from the registry repair, is the sinister intention.
But apart from Regedit.exe registry editing tools, there are many, a casually downloaded from the Internet registry editor, start [HKEY_CURRENT_USER \ Software \ Wicrosoft \ Windows \ Current Version \ Policies \ System] main key, and keys were " DisableRegistryTools "keys to" 0 ", or the keys were deleted, this can use Windows built-in the Registry Editor.
If you can not find other editors, the use Notepad to prepare the following three lines:
REGEDIT4
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System]
"Disableregistrytools" = dword: 0
Save for the above aaa.reg, the file name can be admitted, but the extension must reg, and then double-click the document, suggesting that information after successful importation of the registry, you can use the Regedit.exe.
9, Operation Trojan Horse program downloads
Malicious website the most insidious move is a Trojan Horse program to download and run to control the visitor's computer. This is IE5.0 use of a loophole, malicious website through the links of a section of evil code embedded exe files (Trojans) eml files (E-mail), when visitors to the Web page and click on such a link in disguise , eml files will be automatically downloaded and run these exe files (Trojans), and will not have any messages, all in quietly conducted.
Such criminal acts, we do not have any good countermeasures. Only upgrade versions of IE, because of this loophole in the version of IE5.0 and above all no longer exist.
10, formatting a hard disk
Malicious website can you formatted the hard drive! ? That's right, and this is the most vicious malicious website a move, the consequences would be unthinkable, it is too horrible. Malicious Web page using IE ActiveX implementation of functions, called the Windows Format.com procedures for formatting of the hard disk, and the use of a Microsoft operating parameters did not open, Format.com formatted hard drives without going through the confirmation you automatically, At the same time window in the smallest of the state, it is not possible reaction from you, your system has been finished. This move is really a despicable.
But insurance bills are dangerous, when you visit such a malicious Web page, due to the use of ActiveX features, IE will prompt the current page containing unsafe ActivcX, the system might cause harm, and asked whether the implementation, then you must improve vigilance, and must not arbitrarily choose "yes", and suggested that this information may also be disguised, such as: "Your browser will use the anti-virus function, you avoid malicious attacks, whether to continue?" really confused right and wrong, you see Wuli flower, then you have to watch carefully, there is no regret drugs for you to eat.
In fact, the safest approach is that your computer in the name Format.com procedures so that nobody malicious website called procedures, the Evil fragmentation. In Windows there is a danger Deltree.exe order, and its role is to delete an entire directory, which can also carry parameters automatically, in order to prevent a malicious Web page to take advantage of you may also wish to rename it down.
Revealed more than just a malicious Web page 10 of the most common crimes, in addition, there are a myriad of small tricks, and also gives us a lot of trouble bringing the Internet. In addition, the above proposed solutions, are subject to a malicious Web page against the relief measures, does not guarantee a future to Tabengmoshi. To avoid or mitigate harm prevention must start.
The most simple preventive measures are upgraded versions of IE, and the use of antivirus software for the Firewall:
1, the upgrade version of IE
Many malicious Web page only to the following version of IE5.0 and effective. High-repair version of the software is generally available in a low-Bug, we use high on the relatively safe version of IE much.
2, the opening of the virus firewall
Now the majority of antivirus software virus firewall functions, such as Rising. Virus firewall can be intelligent identification, killing, quarantine malicious website, in addition, various antivirus software or Trojans a "nemesis." Antivirus software and computer industry has always been on the various protest the devil in the front line, to protect our drug fighters, quasi-That's right! |
