Trojan virus belongs to the virus category, mainly to steal account password information, remotely control the user's computer, destroy the operating system and other operations. Moreover, in order to prevent anti-virus software from killing it, it usually has strong concealment and anti-reconnaissance. After most Trojan viruses are infected, the first attempt is to forcefully shut down the anti-virus software, and then start stealing accounts. Some Trojan viruses will even break the mainstream anti-virus software at home and abroad.
Recently, from the virus reports released by major anti-virus software vendors, it can be seen that the Trojan virus is currently flooding the Internet very seriously, and has formed a complete virus industry chain. How does it invade the computer? How should it be prevented as an ordinary netizen?
Many users find that their computer has a problem, but they can't find the reason. It is a Trojan, but it is impossible to find out. The problem was later detected when the data was uploaded, the Trojan virus hidden in the picture was found in the picture, and finally it was pulled out. Take a look at the specific content:
The attacker uses the Microsoft GDIplus security vulnerability to hide the Trojan in the picture. Note that it is hidden rather than tied. This is different from the previous disguise of a Trojan as a picture to lure netizens to click, but it is real. The picture became a Trojan. Affected by the Microsoft GDIplus security vulnerability, almost all browsers, instant messenger tools, Office programs, and viewing software may become channels for Trojans. Just browse through the browser, view the software open, or even view these images in QQ, MSN, email, Office documents, you will be recruited! You are a QQ expression or a PNG picture with tens of thousands of layers, see You are on the Trojan! This security vulnerability is Microsoft's GDIplus image vulnerability, which is the biggest security vulnerability in Microsoft's history.
GDIplus is a graphical device interface that provides two-dimensional vector graphics, images, and layouts for applications and programmers. GdiPlus.dll provides access to a variety of graphical methods through a class-based API. It has an integer overflow vulnerability when parsing specially crafted BMP files. An attacker who exploits this vulnerability has complete control over the system, which can be used to install more Trojans; view, change, or delete data; or create new ones with full user rights. account. This GDIplus vulnerability is very serious, similar to previous cursor vulnerabilities and wmf vulnerabilities, but it covers a wide range and covers almost all graphic formats.
Understanding the above problems, computer users should be cautious about the images they have received. They must first kill the virus and then open it to prevent the move, but this problem can also be solved because of the Microsoft GDIplus security vulnerability. Specialized patches have also appeared, as long as the download is running, the problem is saved.
Cultivate good online habits. A large number of Trojans are spread through illegal websites;
Improve personal safety awareness. If you receive unfamiliar mail, do not open the attachment, do not click on the QQ or MSN message with the link, insert the U disk and then copy the file first, etc.;
If the computer has been infected with the Trojan virus, first upgrade the anti-virus software to the latest version. After the whole process of anti-virus. You can also seek help from professional anti-virus vendors such as Rising.
The Trojan virus is indeed a huge hazard, but it is believed that as the country continues to crack down on computer viruses and cybercrime and related laws, the underground Trojan industry chain will gradually be eliminated.
Cultivate the above good habits, you can prevent your computer from infecting Trojans, hurry.