Fans of Jay Chou need to be careful when there is Jay Chou's picture virus.
A disgusting Virus
Micro-point Interception
This program is a malicious program written in the E language, with a length of 1,546,468 bytes "......), No limit is allowed to fill in the available space of the hard disk, resulting in the computer being suspended.
Figure 1
Virus analysis
After the virus runs, sysgoo.exe is released to the system32 directory of the system directory and set as system and hidden attributes. The e-language support library file KRNLN is released. fnr to the E_4 directory of the temporary directory. The LoadLibraryA function calls the function to transfer Windows Memory until infinity, the virus entity files are frequently copied in the system root directory, the current user's "desktop" directory, the current user's "Start Menu" directory, and the current user's "start" directory, attackers attempt to maliciously occupy the available space of the user's system partition and fill it up completely. A large number of virus files written in the startup directory may occupy a very high amount of system resources after the restart, the computer basically cannot operate normally; a large number of Viruses Is set as a system and hidden attribute, so it is difficult for users to find out.
|
| [Content navigation] | |
| Page 1st: Jay Chou is also caught by viruses. | Page 2nd: Jay Chou is also caught by viruses. |
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
