White Walker 2 virus features:
1. Regular software carries malicious code: White Walker II is hidden in regular software with official digital signatures, leading to a large number of security manufacturers directly releasing it.
2. Wide range of influence: Through the promotion of high-speed downloaders by several well-known domestic download sites, White Walker II is compatible with mainstream operating systems such as xp, win7, and win10, affecting millions of user machines.
3. Cloud control and flexible evil-doing: The VBR infection module of the Trojan, as well as the final module that actually does evil, are all delivered from the cloud. The author can arbitrarily deliver functional modules to the victim's computer to perform any malicious behavior. Currently, the main ones delivered are tampering with browser homepages, hijacking navigation websites, and background traffic brushing.
4. Strong concealment and stubbornness: The infected VBR resides in the system for a long time, and the Trojan cannot be removed by ordinary reinstallation of the system; White Walker II also protects the malicious VBR through the underlying disk hook to resist detection by anti-virus software.
How to clean the White Walker 2 virus:
1. Download the "White Walker II Virus Immunity Tool"
2. Double-click to run the tool for detection.
3. The test results appear: 1) No White Walker II virus was found, your computer is safe
2) If you find the White Walker II virus, please check it immediately
The virus has been removed, please restart your computer.
If the repair fails, please restart the computer and run the killing tool again to repair.
White Walker 2 virus introduction:
Most anti-virus software "releases" the ability to remotely perform a variety of malicious behaviors
According to research by Tencent Security Anti-Virus Laboratory, the "White Walker II" Trojan is promoted through the high-speed downloaders of several well-known domestic download sites, and is compatible with mainstream operating systems such as XP, Win7, and Win10, and has a huge impact.
It is worth noting that the widespread spread of the "White Walker II" Trojan is no accident. According to security experts from Tencent Security Anti-Virus Lab, on the one hand, VBR is mainly responsible for loading the boot program of the user's computer operating system and starts earlier than the Windows operating system. Once VBR is infected, it will be difficult for anti-virus software to detect it; on the other hand, because the "White Walker II" Trojan was developed by a regular software company and has an official digital signature, many security manufacturers have added it to the "whitelist" which means safety. Most anti-virus software cannot detect the existence of the Trojan.
Compared with the cunning means of "White Walker II" to avoid anti-virus software, the security threat it brings cannot be ignored. It is reported that the crime process of "White Walker II" is controlled through the cloud and is relatively flexible. Once a user is infected with "White Walker II", the Trojan author can remotely perform malicious behaviors such as tampering with the browser homepage, hijacking navigation websites, and brushing traffic in the background.
Reinstalling the system still cannot eliminate the repeated crimes committed in recent years
Unlike other virus Trojans, users can eliminate hidden dangers by reinstalling the system. The "White Walker II" Trojan is extremely concealed and stubborn. Security experts from Tencent Security Anti-Virus Lab pointed out that the "White Walker II" Trojan resides in the system for a long time by infecting VBR, and ordinary system reinstallation cannot remove the Trojan. At the same time, it also protects the malicious VBR through underlying disk hooks to resist detection by anti-virus software.
In fact, Bootkit Trojans that infect MBR (Master Boot Record) or VBR have been highly active in recent years. According to security experts from Tencent Security Anti-Virus Lab, the "White Walker" Trojan was first discovered in August 2016. The first generation of the "White Walker" Trojan spread through Ghost installation and game plug-in channels. After successfully infecting a computer, it will perform malicious behaviors such as hijacking the user's browser homepage and promoting the installation of rogue software. In addition, the recent Dark Cloud Trojan series, which has spread over one million copies, also used Bootkit technology.
Tencent Computer Manager's "Cloud Main Defense + Three Swords" completely kills the "White Walker II" Trojan
At present, Tencent Computer Manager can completely detect and kill the "White Walker II" Trojan. It is understood that Tencent Computer Manager has strengthened its ability to detect and kill Bootkit Trojans in the 12.0 version update on September 1, 2016. The "three swords" of Cloud Master Anti-virus and virus Trojan detection - BootClean removal technology, Rootkit killing, and system first aid kit have significantly improved their detection capabilities, which can accurately intercept and detect high-risk behaviors of virus samples.
Ma Jinsong, a security expert at Tencent Security Anti-Virus Lab, advises users that because the Trojan file has a digital signature and is trusted by most security software by default, most security vendors are still unable to kill the Trojan. Currently, Tencent Computer Manager has been able to kill the VBR Trojan and found abnormalities on the computer. Users can download Tencent Computer Manager for cleaning; in addition, try to download software through official channels and do not download software through download sites. If you must use a high-speed downloader, remember to remove unnecessary recommended software during installation, and be sure to keep Tencent Computer Manager turned on to ensure computer security.
Useful
Useful
Useful