Rising to discover they can not afford to kill the virus, what ah?
[Users questions | Browse:37 | Favorites]
Users questions: Virus Name: HACK.SUSPICIOUSANI not know which turtles get out of the
Experts answer: children this is a hack! Hack.SuspiciousAni, actually use Microsoft's MS07-017 vulnerability in dealing with the abnormal dynamic cursor ANI files Generally been linked to horse-related web pages to download malicious code. The vulnerability exists in the system of key documents in user32.dll. When the user associated with malicious code into the page, the browser will download to this malformation ANI file to your local temporary folder and follow the web page script, to Is set to view this page the mouse cursor design. If this entire process is complete, then for MS07-017 patch is not marked with a computer, this vulnerability will be triggered, hackers will be able to remotely execute arbitrary code (usually downloaded Trojan). For this situation, Rising to the inclusion of such a deformity killing ANI files Range, named Hack.SuspiciousAni. Rising with the computer monitor, when the user's browser to open pages with related malicious code will be deformed ANI file download to a local temporary folder, the Rising file monitoring and (or) web control to the police, prompted discovery H ack.SuspiciousAni. Because the file is called by the browser, Rising typically prompts the user to skip the code and must "restart computer and delete the file." This deformity ANI file will not work, there will be no downloading real virus trojan. However, just because "after reboot Delete "this tip, which may make unsuspecting users who Shifen nervous. Because they will find that after restart scan, Rising still prompt ... ... In fact Ruguo only Jiu this" virus "itself, treatment is simple: close the browser, and then empty the IE temporary folder. In addition, the MS07-017 vulnerability in the current web page link once hackers get more frequent use is strongly recommended that users stamped related to the windowsupdate patches, patches, please refer to http: ** forum.ikaka.com * topic.asp? Bo ard = 28 & artid = 8292648 or directly refer to http: ** www.microsoft.com * technet * security * bulletin * ms07-017.mspx4 24 added: this quote Son came out, also found new situations: Some viruses (such as http: ** forum.ikaka.com * topic.asp? Board = 28 & artid = 8302447 virus as described), using ARP deception, the user receives net Contact data package insert iframe code automatically, the code point to use the URL MS07-017 vulnerability. Makes the poison user, as well as local area network of computers affected by this poisoning attack to deceive the user, in the time of any web site, will appear Hack.SuspiciousAni of Alarm. If a user on any site will appear Hack.SuspiciousAni the alarm, which may belong to this situation, measures must be taken: 1. In any event marked first patch. 2. Verified that your computer being infected, or attacks on other people's computers after poisoning himself. As Fruit is your computer being infected, should be timely processing; If it is someone else's computer poisoning attacks themselves, should contact the network administrator to coordinate treatment. For such cases, the user must have a clear head, because such cases, Hack.SuspiciousAni is only a "performance" Certainly not the real virus, the virus had been fixed Hack.SuspiciousAni name is meaningless. If you do not understand, take another example: the Vikings will download the virus, "opening night" Trojan. If the antivirus software on the "opening night" Trojan reported drug and clear, but did not find or kill non-net Wiggin virus, then the "opening night" Trojan will still be downloaded again and again. So he created a user "opening night Trojan What does not kill," the illusion. This situation, for the opening night Trojan itself is indeed a "duplicate poisoning." But, how to find root cause and eliminate "duplicate poisoning", as opposed to down Trojan itself is killing the snow, it is another question. How to deal with Hack.SuspiciousAni, is one thing, how to handle this automatically lead to connect to a malicious web page virus, is another matter. Like downloader Trojans, and was downloaded, its functions and principles are "to Points ". Therefore, please do not mix them with the absolute. Other explanations, please refer to http: ** forum.ikaka.com * topic.asp? Board = 28 & artid = 8302368 fact approach is simple: close the browser, and then Clear IE temporary folder References: http: ** hi.baidu.com * dnxk * blog * item * cb57971846bab9b54bedbc74.
Experts answer: children this is a hack! Hack.SuspiciousAni, actually use Microsoft's MS07-017 vulnerability in dealing with the abnormal dynamic cursor ANI files Generally been linked to horse-related web pages to download malicious code. The vulnerability exists in the system of key documents in user32.dll. When the user associated with malicious code into the page, the browser will download to this malformation ANI file to your local temporary folder and follow the web page script, to Is set to view this page the mouse cursor design. If this entire process is complete, then for MS07-017 patch is not marked with a computer, this vulnerability will be triggered, hackers will be able to remotely execute arbitrary code (usually downloaded Trojan). For this situation, Rising to the inclusion of such a deformity killing ANI files Range, named Hack.SuspiciousAni. Rising with the computer monitor, when the user's browser to open pages with related malicious code will be deformed ANI file download to a local temporary folder, the Rising file monitoring and (or) web control to the police, prompted discovery H ack.SuspiciousAni. Because the file is called by the browser, Rising typically prompts the user to skip the code and must "restart computer and delete the file." This deformity ANI file will not work, there will be no downloading real virus trojan. However, just because "after reboot Delete "this tip, which may make unsuspecting users who Shifen nervous. Because they will find that after restart scan, Rising still prompt ... ... In fact Ruguo only Jiu this" virus "itself, treatment is simple: close the browser, and then empty the IE temporary folder. In addition, the MS07-017 vulnerability in the current web page link once hackers get more frequent use is strongly recommended that users stamped related to the windowsupdate patches, patches, please refer to http: ** forum.ikaka.com * topic.asp? Bo ard = 28 & artid = 8292648 or directly refer to http: ** www.microsoft.com * technet * security * bulletin * ms07-017.mspx4 24 added: this quote Son came out, also found new situations: Some viruses (such as http: ** forum.ikaka.com * topic.asp? Board = 28 & artid = 8302447 virus as described), using ARP deception, the user receives net Contact data package insert iframe code automatically, the code point to use the URL MS07-017 vulnerability. Makes the poison user, as well as local area network of computers affected by this poisoning attack to deceive the user, in the time of any web site, will appear Hack.SuspiciousAni of Alarm. If a user on any site will appear Hack.SuspiciousAni the alarm, which may belong to this situation, measures must be taken: 1. In any event marked first patch. 2. Verified that your computer being infected, or attacks on other people's computers after poisoning himself. As Fruit is your computer being infected, should be timely processing; If it is someone else's computer poisoning attacks themselves, should contact the network administrator to coordinate treatment. For such cases, the user must have a clear head, because such cases, Hack.SuspiciousAni is only a "performance" Certainly not the real virus, the virus had been fixed Hack.SuspiciousAni name is meaningless. If you do not understand, take another example: the Vikings will download the virus, "opening night" Trojan. If the antivirus software on the "opening night" Trojan reported drug and clear, but did not find or kill non-net Wiggin virus, then the "opening night" Trojan will still be downloaded again and again. So he created a user "opening night Trojan What does not kill," the illusion. This situation, for the opening night Trojan itself is indeed a "duplicate poisoning." But, how to find root cause and eliminate "duplicate poisoning", as opposed to down Trojan itself is killing the snow, it is another question. How to deal with Hack.SuspiciousAni, is one thing, how to handle this automatically lead to connect to a malicious web page virus, is another matter. Like downloader Trojans, and was downloaded, its functions and principles are "to Points ". Therefore, please do not mix them with the absolute. Other explanations, please refer to http: ** forum.ikaka.com * topic.asp? Board = 28 & artid = 8302368 fact approach is simple: close the browser, and then Clear IE temporary folder References: http: ** hi.baidu.com * dnxk * blog * item * cb57971846bab9b54bedbc74.
- Why have to press F1 each boot
- Recommended browser 360, it temporarily shut down ie6
- Expert to help me see my computer the CPU is large, pattern
- SharedStep?
- UT27626461 room to help find the next thank you
- 360 anti-virus software, virus scanning is safe and credibility of the results is the number
- Why Thunder look at the online viewing is always "temporarily not connect server"
- Always sound. . . . . ?
- configure a boot on vista update 0%, then a restart.
- Galvanized the national standard thickness tolerance
- This information provided by the users.Thanks!
Computer Knowledge Copyright 2005-2015 All Rights Reserved.