A reference to "Annie," the general Internet users may also remember: A vulnerability has been using Microsoft 0day big spread, a panda burning incense, which is more harmful than the worm. However, along with the Microsoft ANI vulnerability patch release, "Annie," also will disappear for some time. But "Annie" has not completely disappeared, but the "brewing" a new round of attack!
"Annie," a new variant of AN (Worm.MyInfect.an), they began to stir, resulting in a large number of users to the machine running slowly, does not work, and that a large number of variants can download Daohao Trojans, to the user's online games, online banking security great threat.
Duba lightsaber wearing anti-virus engineers said, "Annie" before the new variant of AN with different variants of the virus can copy itself to C: \ Program Files \ Common Files \ System \ driectdb.exe or \ wab32res.exe, while driectdb . exe file by adding hidden attributes, and to own and iexplorer.exe were both injected into the notepad.exe process, and then infected files and download other viruses, such as Daohao class Trojans.
The user is infected with the virus, in the absence of browser and Notepad open the case, the process will appear in the iexplore.exe, notepad.exe two processes, but can not stop there iexplore.exe, and take up a lot of memory, causing the user computer running slow, does not work.
1. Before the end of the system created by the system processes the virus (Notepad.exe Iexplore.exe), the virus itself is injected into the two processes running (Figure 1);
Figure 1
2. Use of a comprehensive anti-virus software to scan, remove the infected exe;
3. Remove virus startup items:
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
"EXPLORER" = "% ProgramFiles% Common FilesSystemwab32res.exe"
4. Delete the file:
% ProgramFiles% Common FilesSystemtemp.ini
% ProgramFiles% Common FilesSystemavp.ini
% ProgramFiles% Common FilesSystemtemp.txt
Recommended links:
Youtube to mpg
convert mov to flv
Articles about Audio Speech
Sober worm RESURGENCE of rampant e-mail form
"Change" and "no change" in the contest
BenQ COMPETING against the shining 2008 SEPG Conference
Free download convert mp4 to 3gp
.ts file
He Weifang: Why do I write an open letter
Low high Eye hand to teach beginners how to learn Hibernate
Cisco "NOW Van" trip to China depart
Window frames with good HTML tag
Using photoshop build a passion MIYI chocolate effect
Good E-Mail Clients
My favorite Languages Education
Modeling With UML To Note Problems
No comments:
Post a Comment