52ky 发表于 2022-9-8 17:12:05

狗皮膏病毒专杀

近来,网上很多用户反映IE主页被改成123.sogou了,通过瑞星企业分析,近期发现的这类问题是由一个恶性木马点击器病毒致使的,瑞星企业将其命名为狗皮膏木马。瑞星安全专家介绍,用户访问某些恶意网站后会感染该木马,中毒电脑的浏览器被强行锁定为搜狗网址。电脑一旦中毒,则其安装的杀毒软件无法升级,假如用户手艺删去病毒文件netsflt.sys,则会无法上网,现在至少有近万网民受害。瑞星安全专家表明,狗皮膏木马是近年来发现的最具破坏性的恶意点击器,它妄图通过修正浏览器默认主页的方法提升网站点击量,然后获取商业利益。并且该木马会安装驱动,拦截网络数据,阻止很多干流安全软件的升级,使其无法正常使用。该木马还会悄悄连接黑k控制的网站,从网站接收新的控制命令,进行版本更新、广告点击等更多操作。该木马的发挥行为与流氓软件极为类似,很多网民试图手艺删去病毒文件来解决问题,可是当用户手艺删去狗皮膏木马的病毒文件netsflt.sys后,电脑重启后将无法正常上网。并且,因为涉及到网络协议栈等常识,普通用户手艺管理十分费事。

(Recently, many users on the Internet reported that the IE homepage was changed to 123.sogou. According to the analysis of Rising Enterprise, the recently discovered problem was caused by a malicious Trojan clicker virus, which Rising Enterprise named the dog skin cream Trojan. According to Rising security experts, users will be infected with the Trojan after visiting some malicious websites, and the browser of the poisoned computer will be forcibly locked as the Sogou website. Once the computer is poisoned, the anti-virus software installed on it cannot be upgraded. If the user manually deletes the virus file netsflt.sys, it will not be able to access the Internet. At least nearly 10,000 netizens have been affected. Rising security experts show that the dog skin cream Trojan is the most destructive malicious clicker discovered in recent years. It attempts to increase website traffic by amending the browser's default home page, and then obtain commercial benefits. And the Trojan will install drivers, intercept network data, prevent the upgrade of many mainstream security software, and make it unable to use normally. The Trojan will also quietly connect to websites controlled by hackers, receive new control commands from the website, perform version updates, click advertisements, and more. The behavior of the Trojan is very similar to that of rogue software. Many netizens try to delete the virus file to solve the problem. However, after the user deletes the virus file netsflt.sys of the Goupei cream Trojan, the computer will not be able to access the Internet normally after restarting. Moreover, because common knowledge such as the network protocol stack is involved, the technical management of ordinary users is very troublesome.)




页: [1]
查看完整版本: 狗皮膏病毒专杀