What is the Win32.Troj.Bluros virus?

Source: Internet
Author: User
Tags win32

Virus alias:

Processing time:

Threat Level: ★

Chinese name:

Virus type: Trojan Horse

Impact System: WIN9X/WINNT/WIN2K/WINXP/WIN2003

Virus behavior:

Writing tools: VB, Aspack compression

Infection conditions: User accidentally run, or through a floppy disk

Seizure conditions: Users are not careful to run

System Modifications:

The MagicCall.exe that the virus releases to the floppy disk destroys the boot area of the floppy disk:

1. When the virus runs, it is blocked in memory and copies itself to%systemroot%system32internet.exe

2. To the registry

Hkey_current_usersoftwaremicrosoftwindowscurrentversionrunservices

Add the following key value: "Internet.exe" = "%systemroot%system32internet.exe"

3. If there is a floppy disk in the floppy drive, the virus will write to the floppy disk MagicCall.exe file

Seizure phenomenon: After poisoning, the virus will automatically connect http://www.zymf.com,

http://www.csdn.net/soft/openfile.asp?kind=1&id=6398 site.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.