Ideas: The methods of tampering with the browser homepage are: 1. Modify the registry; 2. Modify the shortcut; 3. Modify the homepage settings in the browser (the lowest method for this kind of thing)
In fact, this rogue software can be defended against general antivirus software, so computers with antivirus software don't have to worry about this virus damaging your computer, but for safety, it is best to run in a virtual machine, after all, I have not analyzed this software, I don't know what hidden dangers there are besides this tampering homepage.
First let's run this virus, turn on the Tinder antivirus software, and see what it does. The picture below is intercepted by Tinder, the first time I ran it was intercepted five times, and this time I don't know why, I only intercepted four times.
So let's follow the idea
1. Modify the registration form
Start-Run Type regedit to open the registry and searchhttp://www.2345.com/?k59918823, right-click to delete after searching, and search several times until the reminder that the search cannot be found
At this point, the registry is deleted.
2. Modify the shortcut
There is a simple and crude way to delete all shortcuts, then go to the browser installation directory and send the shortcuts to the desktop.
3. Modify the homepage settings in the browser
This is very simple, most people will
So far, it's basically done, and finally it's best to use antivirus software to kill the virus.
Sample attached: link:https://pan.baidu.com/s/1s8nHOYAqtArPZfuS0QvmJgExtraction code:Tourists, if you want to see the hidden content of this post, please Reply
| 
Posted on 1/18/2019 7:26:10 PM
|
|
|
