What is a phantom virus?

Source: Internet
Author: User

Nat.exe is a program called "New Ghost virus" that can be used to achieve the illegal purpose of a virus, for example:

1, the operation can control some of the advertising program to achieve traffic profit; that is, the pop-up ad window that the user mentions

2, control the computer to become broiler, DDoS competitors or more sinister purposes.

Phantom virus:

Ghost Virus After a successful run, in the process, the system boot add-ins can not find any exceptions, and even the format of the reload system, will not be able to completely clean the virus. Like "Ghost Shadow" General "haunting", so called "Ghost Shadow" virus. The virus has therefore become the country's first "boot zone" downloader virus.

The main feature of the Ghost virus is the crazy bomb ads window, the reload system is not used, the other two alg.exe, one of which is the Windows program.

Alg.exe is the Microsoft Windows operating system's own program, which handles Microsoft Windows network Connection Sharing and network connection firewalls. This program is very important to the normal operation of the system.

Another is the virus release program, disguised as a system process, its main features are:

1, C:windowsalg.exe registration for system services, to achieve the launch load.

2, C:windowsalg.exe control Winlogon.exe process. Therefore, the C:windowsalg.exe process cannot be terminated under Windows.

After the Alg.exe virus, it will pass 135, 445 and so on several ports outward communication, to the local area network has the influence, and often can cause system error and restart. Because it invokes the Winlogon.exe process, the alg.exe process cannot be closed directly.

3, the virus parasitic in the disk Master boot record (MBR), even if the format of the reload system, can not remove the virus, so there will be no use of reloading the phenomenon.

Solution

One of the features of the

Phantom virus is that the security software is not functioning properly, and the virus currently has a cumulative infection rate of about 300,000 units. If netizens find their computer installed on the security software inexplicably not normal operation, common repair tools also can not be normal operation, please try to use the Golden Hill Security Center released the "Ghost Shadow" virus kill tool to check repair. At present, this tool is applicable to the Phantom virus has not yet mutated, once the virus variant, the special kill will be ineffective, governance to remind everyone to pay attention to the Internet is the network protection, to regularly open to kill soft scan, the current Jinshan poison tyrant has been able to kill the Ghost Shadow Matrix. Analysis of the spread of "ghost shadow" virus The Golden Cloud security system analyzes the download frequency of the malware, combined with the traffic analysis of the website transmitting the virus, evaluates the virus to be about 230,000.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.