WIN32.HACK.SURILA.R Suri

Virus name (Chinese): Suri

Virus alias:

Threat Level: ★☆☆☆☆

Virus type: Hacker program

Virus Length: 89113

Impact System: WIN9X\WINNT

Virus behavior:

This is a backdoor virus that steals important information on the user's machine and shuts down a number of processes, including the process of a backdoor virus that will be updated on the download file.

1. Add virus to the Start menu:

c:\documentsandsettings\allusers\"Start menu \ program \ Start \ra32helpb.exe

2. Modify the registry and prohibit the use of registry tools.

3. Modify Host:

127.0.0.1www.avp.com

127.0.0.1www.avp.ru

127.0.0.1www.viruslist.com

127.0.0.1viruslist.com

127.0.0.1www.symantec.com

127.0.0.1networkassociates.com

127.0.0.1secure.nai.com

127.0.0.1downloads1.kaspersky-labs.com

127.0.0.1downloads2.kaspersky-labs.com

127.0.0.1downloads3.kaspersky-labs.com

127.0.0.1downloads4.kaspersky-labs.com

127.0.0.1downloads-us1.kaspersky-labs.com

127.0.0.1downloads-eu1.kaspersky-labs.com

127.0.0.1kaspersky-labs.com

127.0.0.1www.networkassociates.com

127.0.0.1us.mcafee.com

127.0.0.1f-secure.com

127.0.0.1avp.com

127.0.0.1www.sophos.com

127.0.0.1sophos.com

127.0.0.1www.ca.com

127.0.0.1ca.com

127.0.0.1securityresponse.symantec.com

127.0.0.1symantec.com

127.0.0.1mast.mcafee.com

127.0.0.1my-etrust.com

127.0.0.1www.kaspersky.com

127.0.0.1www.f-secure.com

127.0.0.1dispatch.mcafee.com

127.0.0.1update.symantec.com

127.0.0.1nai.com

127.0.0.1www.nai.com

127.0.0.1liveupdate.symantec.com

127.0.0.1customer.symantec.com

127.0.0.1rads.mcafee.com

127.0.0.1trendmicro.com

127.0.0.1liveupdate.symantecliveupdate.com

127.0.0.1www.mcafee.com

127.0.0.1mcafee.com

127.0.0.1viruslist.com

127.0.0.1www.my-etrust.com

127.0.0.1download.mcafee.com

127.0.0.1updates.symantec.com

127.0.0.1kaspersky.com

127.0.0.1www.trendmicro.com