Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > the virus to be related > Content
Hot Articles
Worm.Win32.AutoRun.eee a
Trojan-Downloader.Win32.
The resistance kills the
Everybody may kill the p
Careful ¡°hard disk devi
Trojan-PSW.Win32.QQPass.
Trojan-PSW.Win32.OnLineG
DeviceWall 5.0 extends U
Trojan-Dropper.Win32.Sma
Trojan-PSW.Win32.QQPass.
The machine dog presents
Trojan-PSW.Win32.OnLineG
Worm.Win32.AutoRun.eee a
Trojan-PSW.Win32.OnLineG
Under Professor differen
Recommend Articles
Trojan-PSW.Win32.QQPass.
The machine dog presents
Everybody may kill the p
Trojan-Dropper.Win32.Sma
How does the Trojan Hors
The resistance kills the
Careful ¡°hard disk devi
Trojan-PSW.Win32.OnLineG
Jinshan virus early warn
Under Professor differen
Trojan-Downloader.Win32.
08 year the first half o
Win32.Troj.OnlineGamesT.
Worm.Win32.AutoRun.eee a
07.13 viral early warnin
New Articles
The auspicious star on S
The auspicious star on S
To some Trading company
The security examines fo
The auspicious star on S
Introduces the ash pigeo
The river people science
Caba Siji from September
The river people science
The auspicious star on S
A significant amount of
Spammers also go on holi
Protecting your business
The river people science
The auspicious star on S
The river people issued that on August 05 the virus disseminates news
  Add date: 09/17/2008   Publishing date: 09/17/2008   Hits: 4
Total 2 pages, Current page:1, Jump to page:
 
Jiang Min reminds you to pay attention today: Win32/Angryel.b “the Anger Switzerland” variety b and Trojan/Buzus.h “the tyrant race” variety h is worth in today's virus paying attention.
Viral name: Win32/Angryel.b
Chinese name: “Anger Switzerland” variety b
Viral length: 234270 bytes
Viral type: Worm
Dangerous rank: ¡ï¡ï
Affects the platform: Win 9X/ME/NT/2000/XP/2003
Win32/Angryel.b “the Anger Switzerland” variety b is “the Anger Switzerland” one of worm family's most young bloods, uses the VB compilation, and after increase protection cover processing. after “Anger Switzerland” variety b movement, duplicates is infected the computer system “%SystemRoot% \ system” under the table of contents, names for “keyboard.exe” (file attribute is again “system, hideaway”); Duplicates “%SystemRoot% \ fonts \” under the table of contents, names for “fonts.exe” (file attribute is again “system, hideaway”). The revision registry, realizes the worm starting automatic movement. Camouflages folder's icon own icon, traps the user click. The distortion registry content carries on the reflection to kidnap forcefully, cause user when moves certain system programs what in fact moves is the worm virus. Forbids certain security auxiliary means' movement, reduced greatly was infected on computer's security. The distortion registry, the cause user is unable to examine the hideaway document forcefully. Moreover, “the Anger Switzerland” variety b will also found “autorun.inf” under each symbol root directory the document and the wooden horse program file, will achieve the double click plate symbol to start “the Anger Switzerland” the variety b movement goal, thus using migration storage devices and so on U plate will carry on the dissemination.
Viral name: Trojan/Buzus.h
Chinese name: “dominates the race” variety h
Viral length: 622592 bytes
Viral type: Wooden horse
Dangerous rank: ¡ï¡ï
Affects the platform: Win 9X/ME/NT/2000/XP/2003
Trojan/Buzus.h “the tyrant race” variety h is “the tyrant race” one of wooden horse family's most young bloods, uses the Delphi compilation, and after increase protection cover processing. after “dominates the race” the variety h movement, in is infected the computer system “%SystemRoot% \ system32 \ drivers \” under the table of contents to release the evil intention driver “sysdt.sys” and loads the movement. Return to original state system SSDT, causes certain security software's monitoring malfunction. In is infected the computer system “%SystemRoot% \ system32 \” under the table of contents to release the DLL wooden horse module document, the filename is composed of 13 stochastic lowercase letters. The wooden horse module registration is BHO (browser auxiliary object), realizes the wooden horse starting automatic movement. The server establishment network connections which assigns with the hacker, the hacker may adopt “the tyrant race” the variety h long-distance operation user's computer, carries on the malicious operation, may carry out the operation includes: The file operation, the advancement operation, the registry operation, the service operation, the screen monitoring, the keyboard record, the camera grasps the chart, the command operation and so on, for user's computer security and individual privacy, even the trade poses the threaten seriously secretly.

 
Other pages: : 1 * 2 * Next>>
Prev:Clearly recognizes the disk driver virus ten big evils Next:Jiang Min reminds the user community vigilant variety DNS chameleon

Comment:

Category: Home > the virus to be related
Home