How to solve the problem of IE8 home page being modified? Mining Windows 7 potential

The IE 8 that comes with Windows 7 is the same as other versions of Windows, and it is impossible to fundamentally eliminate the problem of the IE home page being modified. However, we can fully exploit the Windows 7 system "potential" to improve the ability of IE 8 to protect itself.

& ldquo; installed XX anti-virus software, IE home page is still modified by Trojan virus & rdquo; & mdash; & mdash; This is what Windows users often encounter. For this question, many friends often ask, is there not a complete solution? The author's answer is: Yes, there is no thorough solution. In my opinion, to prevent the IE homepage from being tampered with by the Trojan virus, "the only good way" is not to point to unknown source URLs, not to see unknown sources … … today, we will be able to fully exploit Windows 7 The system "latitude", promotes IE 8 self-protection.

Some basic commands can often play a big role in protecting network security. The functions of the following commands are very prominent.

Detecting network connections

If you suspect that a Trojan has been installed on your computer, or if you have a virus, but there is no perfect tool to detect if this is the case. , you can use the Windows network command to see who is connecting to your computer. The specific command format is: netstat -an This command can see all the IPs that are connected to the local computer. It contains four parts ——proto (connection method), local address (local connection address), foreign address (and Locally established connection address), state (current port status). With the details of this command, we can fully monitor the connection on the computer to achieve the purpose of controlling the computer.

We enter the following at the command prompt: netstat -a shows all ports currently open on your computer, netstat -s -e shows your network details in more detail, including TCP, UDP, ICMP And IP statistics and so on, you may have seen it. Have you ever thought about the level of understanding of Vista, Windows 7 display protocol statistics and the current TCP /IP network connection knowledge?

System home special finishing netstat command usage is as follows (Hint: which has ab Sequentially arranged ——

NETSTAT: Vista/Windows7 displays protocol statistics and current TCP/IP network connections. You can run netstat directly without parameters, as shown in the figure:

NETSTAT [-a] [-b] [-e] [-f] [-n] [-o] [-p proto] [-r ] [-s] [-t] [interval]

-a Displays all connections and listening ports.

-b Displays the executables involved in creating each connection or listening port. In some cases, an executable program is known to host multiple independent components, in which case the sequence of components involved in creating a connection or listening port is displayed. In this case, the name of the executable is at the bottom [], and the component it calls is at the top until it reaches TCP/IP. Note that this option can be time consuming and can fail if you do not have sufficient permissions.

-e Display Ethernet statistics. This option can be combined with the -s option.

-f Displays the fully qualified domain name (FQDN) of the external address.

-n Displays the address and port number in numeric form.

-o Shows the process IDs associated with each connection.

-p proto Displays the connection of the protocol specified by proto; proto can be any of the following: TCP, UDP, TCPv6 or UDPv6. If used with the -s option to display statistics for each protocol, proto can be any of the following: IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6.

-r Display the routing table.

-s Displays statistics for each protocol. By default, statistics for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6 are displayed; the -p option can be used to specify the default subnet.

-t Displays the current connection uninstall status.

interval Redisplays the selected statistics, the number of seconds between pauses between displays. Press CTRL+C to stop redisplaying statistics.

Disabling Unknown Services

Many friends will find that the computer slows down after a system reboot. This time it is likely that someone else has opened up a special one after invading your computer. Some kind of service, such as IIS information service. You can check if there is any service in the system through <quo;net start”, if you find a service that is not open to you, we can disable this service in a targeted manner. The method is to directly enter “net start” to view the service, and then use “net stop server” to prohibit the service.

Easily check your account

For a long time, malicious attackers liked to use a cloned account to control your computer. The method they use is to activate the default account in a system, but this account is not used often, and then use the tool to promote this account to administrator privileges. On the surface, this account is still the same as the original, but this clone The account is the biggest security risk in the system. A malicious attacker can control your computer arbitrarily through this account. To avoid this, you can test your account in a very simple way.

First enter net user at the command line, check what users on the computer, and then use “net user+username” to see what permissions this user belongs to, generally except Administrator is the administrators group, Nothing else! If you find that a system built-in user belongs to the administrators group, it is almost certain that you have been compromised, and someone else has cloned the account on your computer. Use <quo;net user username/del” to delete this user.