* is a virus program based on remote control. The program is highly concealed and harmful. It can control or monitor you without anyone noticing it. Some people say that since the * is so powerful, I can stay away from it! However, this * is really "naughty". No matter whether you welcome it or not, as long as it is happy, it will find ways to break into your "home"! Oh, that's great. Hurry up and see if there are any *s in their computer. Maybe they are making trouble in their "home"! Then how do I know where the * is? I believe that novices who are not familiar with *s must want to know such a problem. Below are the tricks of * horses lurking. After reading them, don’t forget to use the ultimate moves to deal with these tricks!
1. Integrate into the program
In fact, * is also a server-client program. In order not to allow users to delete it easily, it is often integrated into the program. Once the user activates the * program, the * file is bundled with a certain application and uploaded to the server to overwrite the original file. In this way, even if the * is deleted, as long as the application bundled with the * is run, the * will be installed again. Bind to a certain application, if bound to a system file, then every time Windows starts, it will start a *.
2. Hide in the configuration file
*s are really too cunning. They know that novices usually use graphical interface operating systems, and most of them ignore the configuration files that are no longer important, which just provides *s with a hiding place. Moreover, using the special role of configuration files, *s can easily run and attack on everyone's computers, thereby peeping or monitoring everyone. However, this method is not very hidden and easy to be discovered, so it is rare to load * programs in He, but you should not take it lightly.
3. Lurking in
If a * wants to control or monitor a computer, it must run, but no one will be stupid enough to run this damn * on his computer. Of course, *s were also mentally prepared, knowing that humans are animals with high IQ and will not help them work, so they must find a place that is both safe and can run automatically when the system is started, so lurking in the middle is a place where *s feel more comfortable. You might as well open it and take a look. There are startup commands "load=" and "run=" in its [windows] field. Generally speaking, the following is blank. If there is a program followed by it, for example: run=c: load=c:
You must be careful at this time, this may be a *.
4. Disguised in ordinary files
This method appeared relatively late, but it is very popular now, and it is easy to be deceived for unskilled Windows operators. The specific method is to disguise the executable file as a picture or text---change the icon in the program to the default picture icon of Windows, and then change the file name to *. Since the default setting of Win98 is "not displaying the known file suffix name", the file will be displayed as *.jpg, if you don't pay attention, you will get the * horse by clicking on this icon (it will be more perfect if you embed an image in the program).
5. Built into the registry
The above method made the * feel comfortable for a while. No one could find it and it could run automatically. It was so happy! However, the good times didn't last long. Humans quickly pulled out their feet and punished them severely! But it was still unwilling. After summarizing the lessons of failure, it thought that the hiding place above was easy to find, and now it had to hide in a place that was not easy to be discovered, so it thought of the registry! Indeed, because the registry was relatively complicated, *s often like to hide here and be happy. Check it out quickly. There is a program under it. Look carefully, don't let go of the *: HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersion all key values starting with "run"; HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersion all key values starting with "run";
6. Hiding in it
*s are really everywhere! They can drill wherever there is room! So, the Windows installation directory is also a place where *s like to hide. Be careful and open this file to see how it is different from a normal file. Is there such content in the [boot] field of the file? That is shell=. If there is indeed such content, then you will be unfortunate because the * server program is here! In addition, in the [386Enh] field in the [386Enh] field, you should pay attention to checking the "driver=path program name" in this section, which may also be used by *s. In addition, in the three fields [mic], [drivers], and [drivers32], these segments also play the role of loading drivers, but they are also a good place to add * programs. Now you should know that you should pay attention to it.
7. Invisible in the startup group
Sometimes *s don't care about their whereabouts. They pay more attention to whether they can be automatically loaded into the system, because once the * is loaded into the system, you can't drive it away no matter what method you use (hey, this * is really too thick-skinned). Therefore, according to this logic, starting a group is also a good place for *s to hide, because it is indeed a good place for automatic loading and running. The corresponding folder of the dynamic group is: C:windowsstart menuprogramsstartup, the location in the registry: HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersion
ExplorerShellFolders Startup="C:windowsstart menuprogramsstartup". Be careful to check the startup group frequently!
8. Hidden in
According to the above logic theory, *s like to stay in any places that are conducive to automatic loading of *s. This is also a file that can be automatically loaded and run by Windows. In most cases, it is automatically generated by applications and Windows. After executing and loading most drivers, it starts to execute (this can be seen by pressing the F8 key at startup and selecting the startup method of gradually tracking the startup process). Since the function can be completed by substitution, the * can be loaded and run like in it, and the danger comes from this.
9. Bundled in startup file
That is, the startup configuration file of the application. The control side uses these files to start the program and uploads the created file with the * startup command to the server to overwrite the file with the same name, so that the purpose of starting the * can be achieved.
10. Set in a super connection
The owner of the * horse puts malicious code on the web page to lure users to click. The result of the user clicks is self-evident: open the door and invites thieves! I advise not to click on the link on the web page casually, unless you understand it, trust it, and be willing to die for it.
1. Integrate into the program
In fact, * is also a server-client program. In order not to allow users to delete it easily, it is often integrated into the program. Once the user activates the * program, the * file is bundled with a certain application and uploaded to the server to overwrite the original file. In this way, even if the * is deleted, as long as the application bundled with the * is run, the * will be installed again. Bind to a certain application, if bound to a system file, then every time Windows starts, it will start a *.
2. Hide in the configuration file
*s are really too cunning. They know that novices usually use graphical interface operating systems, and most of them ignore the configuration files that are no longer important, which just provides *s with a hiding place. Moreover, using the special role of configuration files, *s can easily run and attack on everyone's computers, thereby peeping or monitoring everyone. However, this method is not very hidden and easy to be discovered, so it is rare to load * programs in He, but you should not take it lightly.
3. Lurking in
If a * wants to control or monitor a computer, it must run, but no one will be stupid enough to run this damn * on his computer. Of course, *s were also mentally prepared, knowing that humans are animals with high IQ and will not help them work, so they must find a place that is both safe and can run automatically when the system is started, so lurking in the middle is a place where *s feel more comfortable. You might as well open it and take a look. There are startup commands "load=" and "run=" in its [windows] field. Generally speaking, the following is blank. If there is a program followed by it, for example: run=c: load=c:
You must be careful at this time, this may be a *.
4. Disguised in ordinary files
This method appeared relatively late, but it is very popular now, and it is easy to be deceived for unskilled Windows operators. The specific method is to disguise the executable file as a picture or text---change the icon in the program to the default picture icon of Windows, and then change the file name to *. Since the default setting of Win98 is "not displaying the known file suffix name", the file will be displayed as *.jpg, if you don't pay attention, you will get the * horse by clicking on this icon (it will be more perfect if you embed an image in the program).
5. Built into the registry
The above method made the * feel comfortable for a while. No one could find it and it could run automatically. It was so happy! However, the good times didn't last long. Humans quickly pulled out their feet and punished them severely! But it was still unwilling. After summarizing the lessons of failure, it thought that the hiding place above was easy to find, and now it had to hide in a place that was not easy to be discovered, so it thought of the registry! Indeed, because the registry was relatively complicated, *s often like to hide here and be happy. Check it out quickly. There is a program under it. Look carefully, don't let go of the *: HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersion all key values starting with "run"; HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersion all key values starting with "run";
6. Hiding in it
*s are really everywhere! They can drill wherever there is room! So, the Windows installation directory is also a place where *s like to hide. Be careful and open this file to see how it is different from a normal file. Is there such content in the [boot] field of the file? That is shell=. If there is indeed such content, then you will be unfortunate because the * server program is here! In addition, in the [386Enh] field in the [386Enh] field, you should pay attention to checking the "driver=path program name" in this section, which may also be used by *s. In addition, in the three fields [mic], [drivers], and [drivers32], these segments also play the role of loading drivers, but they are also a good place to add * programs. Now you should know that you should pay attention to it.
7. Invisible in the startup group
Sometimes *s don't care about their whereabouts. They pay more attention to whether they can be automatically loaded into the system, because once the * is loaded into the system, you can't drive it away no matter what method you use (hey, this * is really too thick-skinned). Therefore, according to this logic, starting a group is also a good place for *s to hide, because it is indeed a good place for automatic loading and running. The corresponding folder of the dynamic group is: C:windowsstart menuprogramsstartup, the location in the registry: HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersion
ExplorerShellFolders Startup="C:windowsstart menuprogramsstartup". Be careful to check the startup group frequently!
8. Hidden in
According to the above logic theory, *s like to stay in any places that are conducive to automatic loading of *s. This is also a file that can be automatically loaded and run by Windows. In most cases, it is automatically generated by applications and Windows. After executing and loading most drivers, it starts to execute (this can be seen by pressing the F8 key at startup and selecting the startup method of gradually tracking the startup process). Since the function can be completed by substitution, the * can be loaded and run like in it, and the danger comes from this.
9. Bundled in startup file
That is, the startup configuration file of the application. The control side uses these files to start the program and uploads the created file with the * startup command to the server to overwrite the file with the same name, so that the purpose of starting the * can be achieved.
10. Set in a super connection
The owner of the * horse puts malicious code on the web page to lure users to click. The result of the user clicks is self-evident: open the door and invites thieves! I advise not to click on the link on the web page casually, unless you understand it, trust it, and be willing to die for it.