Polar Tiger virus is Jinshan poison bully Cloud Security laboratory in the first found in a collection of disk drives, Av terminator, Chinese vampire, cat tinea download as one of the mixed virus, because the virus can use the Internet Explorer Aurora oday loophole spread, the tiger is the first major malignant virus, so named "Polar Tiger."
Extreme Tiger Virus Hazard
The virus resembles a QVOD player icon. What might happen to an infected polar tiger: there are ping.exe and rar.exe processes in the computer process, and the CPU is very high, the fan turns very loud (the laptop), and the two processes cannot end. Some files will appear Usp10.dll, lpk.dll files, anti-virus software and security software will be automatically shut down, such as rising, 360 security guards, Jinshan poison tyrants, etc. if not in time to upgrade to the latest version may be stopped. Destroy antivirus software, system files, infection system files, so that antivirus software.
The most important and most dangerous of the extreme Tiger virus is that the system files are tampered with. It cannot be cleaned with antivirus software, and once cleaned, the system will not open and run properly, and account information based on computer and network may be stolen, such as online gaming accounts, bank accounts, payment accounts, and important e-mail accounts.
According to recent research and analysis, the Polar Tiger virus is so far, integrated with a variety of viruses, Trojans, Trojans downloader, worm characteristics of the super malicious software. Almost a mixture of several well-known viruses, harmful to the panda than burning incense; the destructive power of antivirus software is equivalent to AV terminator, disk drive, and the destructive power of the system is unprecedented; the target of an attacker. Extremely greedy, will download all kinds of Trojan horse, Rogue software, steal account number, bomb ads, brush flow, is a wicked.
The virus infects all the executable files on the user's machine and downloads a large number of stolen and adware software, which seriously endangers the security of the system, while the virus is very covert, without a specific process, instead of a "thread" insertion method, Inserted into the normal system into the Svchost.exe, only in the process module, can see the virus source.
According to the response of a large number of victims, the computer system infected with the "Polar Tiger" downloader is significantly slower and the CPU is highly occupied. Some users of the computer after the "Polar Tiger" attack, there will be desktop IE icon was modified, IE homepage exception, anti-virus software can not open, a large number of EXE files are infected, repeatedly reported that the virus can not clear and other symptoms, and will automatically download a large number of Trojan virus. The polar tiger dives into the user's computer like a player. Once turned on, the "player" disappears and the virus spreads through the computer. When you receive an unknown player, carefully open, disinfect, or even delete.
The solution of the extreme Tiger virus after the precaution 1. Based on the "Polar Tiger" virus raging, Jinshan poison PA safety experts recommend, install genuine anti-virus software, timely upgrade; At the same time if infected with the "Polar Tiger" virus users also need not worry, Jinshan Security Center has launched the first "polar Tiger" virus kill tools, users can download free of charge.
2. Restart the computer after the use of mainstream anti-virus software comprehensive killing system.
3. After poisoning, try not to open each other near the disk, or casually insert a U disk, so as to avoid the adjacent disks or between the spread of the computer infection.
4. If the mainstream anti-virus software to kill the results of the case? We can use the original solution, the entire hard disk format after the CD-ROM system.
Transmission mode of Polar Tiger virus
(1) The transmission of the Web page hangs the horse, will use the Aurora 0day and so on system flaw spreads
(2) LAN sharing transmission, through weak password in the local area network infiltration
(3) through the U disk, digital memory card, mobile phone card, mobile hard disk and other mobile devices spread
(4) software bundle, cheat downloading, downloading in pirated movie download station, game plug-in download station bundle download
(5) Infected with the Web page format of the file to carry out two times, if unfortunately a network of strokes, it may cause the site's visitors poisoned.
(6) Infection executable EXE file (a lot of people computer poisoning, no way will be ghost, or lattice plate reload, but generally not all format, so after reloading, will certainly again poisoning)
(7) Infection in the RAR compressed package executable program (this will make the computer running slow, the process found that multiple rar.exe in the run, and can not end, or after the completion of the rebuild)
(8) Some variants are created in the System Folder Usp10.dll and Lpk.dll (cat Tinea virus communication methods consistent)
The characteristics of extreme tiger virus poisoning
(1) Comprehensive use of various means to make anti-virus software ineffective, such as active defense can not be opened, 360 Open is closed
(2) Prompt system file is missing
(3) The system obviously slows down, the CPU occupies extremely high, frequently reads and writes the disk, may observe the hard disk light to flash wildly
(4) in the process of inexplicable appearance rar.exe and Ping.exe can not end, or end up again.
(5) A large number of EXE files are infected, repeatedly reported poison
(6) Desktop IE icon is modified, IE homepage exception
(7) Some variants will be created Usp10.dll and Lpk.dll under the program folder and cannot be deleted manually