In-depth analysis of four cleanup methods of MY123 rogue software

Source: Internet
Author: User

MY123 has created many rogue software first, and is expected to compete for the "most rogue software throne" of rogue software ":

1. Driver Protection (System Bus Extend driver, also loaded in safe mode)

2. Random file names, DLL and SYS

3. multi-thread protection and automatic network upgrade

4. Strong Automatic Recovery (even if all files are deleted, they can still be restored through memory !)

5. The driver file is exclusive and cannot be read/written or deleted by any other program.

6. Scheduled outbreak)

I. The past and present of MY123

Wind and rain to send (snow piaoxue) Back, snow (fiexue) to the spring. Don't be proud (allxun) network, see one second three (MY123 ).

In just over a month, the rogue software that locks the home page has made tens of millions of users understand what is called a robber, what is shameless, and what is crazy. On the 9th, a rogue will erupt on a large scale. Sure enough, MY123 arrived on schedule on Singles Day no. 2006/11/11. It seems that the reason is that this rogue software has long been lurking in users' computers. Through bundling with multiple other rogue software and other channels, it has already penetrated into the computers of hundreds of thousands of Internet users, it is usually started, but when the judgment date is less than 11/11, it does not move. Once the system time is later than 11, it begins to modify the user's homepage. When selecting this special time, it is obvious that we have ulterior motives when we are not doing this week. We can use the anti-virus service providers to respond in a timely and large-scale manner during holidays.

In terms of scale and explosion area, millions or even tens of millions of users across the country may have been maliciously modified by the rogue home page, which is similar to the previous explosion of Large-area piaoxue.com, feixue.net, 73ss.com, such as 9505.com, 81915.com, and 4199.com maliciously modify the user homepage, which is very similar. Compared with the previous "old rogue", these new hooligans are characterized by a very large explosion area and obvious effects. They have a single purpose (to modify the homepage), which is a novel, cool, and amazing method.

Apparently this was a long-planned activity, and in just a few days, the driver virus already had at least three different versions, resulting in ineffective killing tools. This MY123 already has all the characteristics of the virus, hoping that one day the law will bring such unscrupulous authors to justice.

  • 1
  • 2
  • 3
  • 4
  • Next Page
[Content navigation]
Page 1st: in-depth analysis of four cleanup methods for MY123 rogue software Page 2nd: in-depth analysis of four cleanup methods for MY123 rogue software
Page 3rd: in-depth analysis of four cleanup methods for MY123 rogue software Page 4th: in-depth analysis of four cleanup methods for MY123 rogue software

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.