汗....中了灰鸽子Win-Trojan/Hupigon.Gen
竟然用微软的恶意软件删除工具查杀了!360和瑞星竟然毫无反应.......
瑞星以后绝不再用了 Technical Information
Backdoor:Win32/Hupigon.gen is a generic detection for a DLL component of Win32/Hupigon. This component logs keystrokes, captures screens and steals passwords and other sensitive data. Detection for this component may indicate that other files on the computer might be infected.
Win32/Hupigon is usually composed of a dropper, a backdoor and plugins which may be installed by a TrojanDropper:Win32/Hupigon variant. This component is injected into other processes in order to steal credentials and other sensitive data.
This component may:
log keystrokes and message window information
capture screens or webcam snapshots
log stored passwords and credentials
Analysis by Patrik Vicol
Steps
Take the following steps to help prevent infection on your system:
Enable a firewall on your computer.
Get the latest computer updates.
Use up-to-date antivirus software.
Use caution with attachments and file transfers.
Enable a firewall on your computer
Use a third-party firewall product or turn on the Microsoft Windows XP Internet Connection Firewall.
To turn on the Internet Connection Firewall in Windows XP
Click Start, and click Control Panel.
Click Network and Internet Connections. If you do not see Network and Internet Connections, click Switch to Category View.
Click Change Windows Firewall Settings.
Select On.
Click OK.
To turn on the Windows Firewall in Windows Vista
Click Start, and click Control Panel.
Click Security.
Click Turn Windows Firewall on or off.
Select On.
Click OK.
Get the latest computer updates
Updates help protect your computer from viruses, worms, and other threats as they are discovered. You can use the Automatic Updates feature in Windows XP to automatically download future Microsoft security updates while your computer is on and connected to the Internet.
To turn on Automatic Updates in Windows XP
Click Start, and click Control Panel.
Click System.
Click Automatic Updates.
Select a setting. Microsoft recommends selecting Automatic. If you do not choose Automatic, but you choose to be notified when updates are ready, a notification balloon appears when new downloads are available to install. Click the notification balloon to review and install the updates.
Use up-to-date antivirus software
Most antivirus software can detect and prevent infection by known malicious software. To help protect you from infection, you should always run antivirus software that is updated with the latest signature files. Antivirus software is available from several sources. For more information, see [url]http://www.microsoft.com/protect/computer/viruses/vista.mspx.[/url]
Use caution with attachments and file transfers
Exercise caution with e-mail and attachments received from unknown sources, or received unexpectedly from known sources. Use extreme caution when accepting file transfers from known or unknown sources.
Recovery Steps
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft online scanner ([url]http://safety.live.com[/url]). For more information, see :( 我看budong
回复 1# 门口蹲一狼 的帖子
瑞星我从来不用!有可能是那病毒变种了,杀毒软件没有 及时更新所致!周周不是看不懂吗?我给你翻译一下!
技术信息
后门: win32/hupigon.gen是一个通用的检测为DLL组件的win32/hupigon 。此组件记录击键,捕获屏幕和抢断,密码和其他敏感数据。检测这一部分可能会显示其他计算机上的文件可能被感染。
win32/hupigon通常是组成一个滴管,后门和外挂程式可安装一trojandropper : win32/hupigon变。这部分是注入到其他进程,以窃取的全权证书和其他敏感数据。
这个组件可能:
日志按键和邮件窗口的信息
捕捉帘或摄像头快照
日志存储的密码和全权证书
分析帕特里克vicol
步骤
采取下列步骤,以帮助防止感染对您的系统:
启用防火墙在您的计算机上。
获取最新的电脑更新。
使用到最新的防毒软体。
谨慎使用带有附件和文件传输。
启用防火墙在您的计算机上
使用第三方防火墙产品或把在Microsoft Windows XP Internet连接防火墙。
要打开Internet连接防火墙在Windows XP
单击开始,单击控制面板。
按一下网路和网际网路连线。如果您没有看到网络和Internet连接,单击切换到分类视图。
单击更改Windows防火墙设置。
选择对。
单击确定。
要打开Windows防火墙在Windows Vista
单击开始,单击控制面板。
单击安全性。
单击打开Windows防火墙或关闭。
选择对。
单击确定。
获取最新的电脑更新
更新帮助保护您的计算机免受病毒,蠕虫和其他威胁,因为他们发现。您可以使用自动更新功能在Windows XP中自动下载未来的Microsoft安全更新,而您的计算机上并连接到Internet 。
要打开Windows XP的自动更新
单击开始,单击控制面板。
单击系统。
[自动更新。
选择一个设定。 Microsoft建议选择自动。如果你不选择自动,但您选择时收到通知,更新已准备就绪,通知气球时,会出现新的下载可用的安装。单击通知气球审查和安装更新。
使用到最新的防病毒软件
大多数防病毒软件可以检测和预防感染是由已知的恶意软件。为了帮助保护您免受感染,你应该始终运行防病毒软件是最新病毒码档案。防病毒软件,可从几个来源。如需详细资讯,请参阅[url]http://www.microsoft.com/protect/computer/viruses/vista.mspx[/url] 。
谨慎使用带有附件和文件传输
谨慎行事,与电子邮件和附件收到来历不明的,或意外地收到从已知的来源。使用非常谨慎,当接受文件传输,从已知或未知的来源。
恢复步骤
手动删除是不推荐用于这一威胁。来检测和删除这种威胁和其他恶意软体的可能已安装,运行全系统扫描一起来-以最新的防病毒产品,如微软在线扫描( [url]http://safety.live.com[/url] ) 。如需详细资讯,请参阅
回复 3# 大周 的帖子
你懂啥叫灰......灰....机不?:/? [quote]原帖由 [i]门口蹲一狼[/i] 于 2008-7-9 15:27 发表 [url=http://474150.org/bbs/redirect.php?goto=findpost&pid=14608&ptid=5685][img]http://474150.org/bbs/images/common/back.gif[/img][/url]竟然用微软的恶意软件删除工具查杀了!
360和瑞星竟然毫无反应.......
瑞星以后绝不再用了 [/quote]
不是我不选择瑞星,不过确实瑞星令我不敢恭维:/sweat
明明是病毒却检测不出来,现在我用卡巴斯基了
页:
[1]
