Beijing Information Security Evaluation Center, Jinshan Poison PA jointly released the December 13, 2004 popular virus.
Today, users are reminded to pay special attention to the following viruses: "Dsnx" (win32.hack.dsnx.05) and "Spth" (JS.SPTH.G).
"DSNX" hacker tool, the virus is run will open the back door, listening to TCP port 113, and to the designated IRC server sent on-line notification, waiting for hackers to send illegal control commands.
"Spth" JS virus, this type of virus can be emailed, IRC class software, Peer-to-peer software transmission, to the system directory to release a large number of virus copies, delete commonly used anti-virus software program files.
According to Jinshan Poison fighter Anti-Virus engineer analysis, the virus will be copied to the system directory, renamed the random file name, and then loaded into the startup items to achieve the purpose of the boot operation. Then release a driver and load it as a service, and the virus will remove the driver after loading. The driver periodically loads the virus into the startup item, ensuring that every boot virus has a chance to run. The virus opens the back door, listens on TCP port 113, and sends an online notification to the specified IRC server, waiting for the hacker to send commands.
Jinshan Poison bully Anti-Virus experts to remind users: the development of the network, the user's computer is also a serious problem of hacker attacks, many network viruses have used the hacker's method to attack the user's computer, so users should also install personal firewall software to prevent black.
Second, "Spth" (JS.SPTH.G) Threat Level: ★
According to Jinshan poison bully anti-virus experts introduced, the virus is generated automatically by the generator, the virus can be emailed, IRC class software (MIRC, Pirch, VIRC), Peer-to-peer Software (Kazaa, Morpheus, Bear Share, LimeWire, Edonkey, Applejuice, overnet) to propagate, through the registry, Win.ini,system.ini, Autorun.inf, such as automatic loading, but also to the system directory to release a large number of virus copies, delete commonly used anti-virus software program files, modify the user desktop shortcuts to the virus file.
Jinshan Poison Bully Anti-Virus experts remind users: with the development of computer science and technology, more viruses will accompany, in order to protect your system and personal information security, please constantly update the virus to poison the library, to prevent the invasion of the virus.
Jinshan Poison PA Anti-Virus engineer reminds you: Please upgrade the poison PA to December 13, 2004 the virus library can completely handle the virus. If you do not install Jinshan poison PA, you can login to http://online.kingsoft.com/use Jinshan poison pa online search virus or Jinshan poison PA download version to prevent the virus intrusion.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
