Beijing Information Security Evaluation Center, Jinshan Poison PA jointly released the January 19, 2005 popular virus.
Today, users are reminded to pay special attention to the following viruses: "Wuhan Boys" (WIN32.TROJ.WHBOY2005.J) and "Ddoser" (WIN32.HACK.DDOSER.C).
"Wuhan Boy 2005" Trojan virus, the virus will be through QQ, MSN, UC, POPO2004 to friends to send messages, trick friends to click on the poison site address, stealing poisoned users legendary game information.
"Ddoser" hacker program, the virus replicates itself to the system directory and execution, if the user system for Win9x then call registerserviceprocess hide their own process, the virus to www.918***.com site attacks.
According to Jinshan Poison PA Anti-Virus engineer analysis, the virus is the Wuhan Boys 2005 series of the 10th variant. Virus will pass QQ, MSN, UC, POPO2004 sends the message to the friend, the trick friend clicks the poisonous website address, causes the friend system to infect the virus. The virus steals legendary game information from poisoned users and sends it to a designated location.
Jinshan Poison Bully Anti-Virus experts remind users: with the development of the network, many viruses are accompanying, some viruses specifically steal the user's personal privacy, personal data information and so on, and the user's information disclosure or to create greater harm to users, please enhance their own security awareness, more access to the Poison Tyrant website related security information, Do your own safe work, to avoid the virus to bring you trouble.
According to Jinshan Poison fighter Anti-Virus engineer analysis, the virus is a DDoS attack program. First, the virus creates a mutex named "Ddoser" to ensure that only one copy of the system is running, and then overwrites the registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run entry kernel32= Kernel32.exe, copy itself to the system directory and execute, if the user system is Win9x then invoke registerserviceprocess to hide its own process. Finally, the virus attacks the www.918***.com in a DDoS attack.
Jinshan Poison Bully Antivirus experts recommend users: please do not easily run from the Internet after downloading without anti-virus software processing files, it is strongly recommended that you use the latest virus library of the poison PA to scan, and then decide whether to run.
Jinshan Poison PA Anti-Virus engineer reminds you: Please upgrade the poison PA to January 19, 2005 the virus library can completely handle the virus. If you do not install Jinshan poison PA, you can login to http://online.kingsoft.com/use Jinshan poison pa online search virus or Jinshan poison PA download version to prevent the virus intrusion.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
