Beijing Information Security Evaluation Center, Jinshan Poison PA jointly released the January 24, 2005 popular virus.
Today, users are reminded to pay special attention to the following viruses: "WORM.ANIG.E" and "Concert" (Worm.concier).
"Mud brother" worm, the worm through weak password attacks and ICQ software to spread, steal user's login password, and connect remote host, the user's machine for dangerous control.
"Concert" worm virus, the virus will forcibly modify the user's desktop background, causing the user machine to run slowly, a lot of space occupied.
First, "Ni-worm.anig.e" (Threat level): ★
According to Jinshan Poison Bully anti-virus engineer analysis, this is a worm, and this virus is related to a DLL file Ntgina.dll, the virus first copies itself and the current directory of DLL file Ntgina.dll to the system directory%system%, The copy in the system directory is then loaded into the registry's startup entry and the copy is created as a self-starter service. By modifying the registry, you can steal the user's login password by loading the DLL file Ntgina.dll before the user logs on to the system. Viruses can also use weak passwords to attack remote systems for active propagation, and if a successful connection to a remote host succeeds, it replicates itself to the target host's directory: \admin$\system32\, then connects to the remote host's registry and loads the virus into the registry's startup entry. The virus connects to the ICQ website Port 5190 to send the on-line notification, then opens the backdoor port 5190, uses the ICQ software to carry on the remote control or the dissemination.
Jinshan Poison Bully Anti-Virus experts recommend users: the use of complex password protection. Many network viruses attack the system by guessing simple passwords, so using complex passwords will greatly improve the safety of the computer.
Second, "Concert" (Worm.concier) Threat Level: ★
According to Jinshan Poison Bully anti-virus engineer analysis, the worm is written with VisualBasic, will forcibly modify the user's desktop background, and a large number of system resources, resulting in slow user machine, affecting the user's work and learning, please immediately upgrade the virus poison PA's library, to prevent the invasion of the virus.
Jinshan Poison Bully Anti-Virus experts recommend users: the best installation of professional anti-virus software for comprehensive monitoring. It is recommended that users install anti-virus software to prevent the increasing number of viruses, users after the installation of anti-virus software, should be constantly upgraded, some major monitoring often open (such as mail monitoring), memory monitoring, etc., encountered problems to report, so as to truly ensure the safety of the computer.
Jinshan Poison PA Anti-Virus engineer reminds you: Please upgrade the poison PA to January 24, 2005 the virus library can completely handle the virus. If you do not install Jinshan poison PA, you can login to http://online.kingsoft.com/use Jinshan poison pa online search virus or Jinshan poison PA download version to prevent the virus intrusion.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
