virus Name: trojan-PSW.Win32.Bjlog.a Risk level: Medium
Virus Description
The size of the virus samples after shelling were "200,704" bytes, it's icon "
" using the "exe" extension, through the file bundle, pages linked to horse, download tools to download, etc. and spread. The main purpose is to obtain the target viruses all computer control, remote control the target computer's become a puppet, after the user's computer infected, it will found completely controlled by others.
Infection in the operating system Windows 2000/Windows XP / Windows 2003/Windows Vista / Windows 7
Manual removal:
1, manually delete the following files
D: \ druswmlskc.exe
2, manually delete the following Registry key:
HKEY_LOCAL_MACHINE \ SODTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Shell Folders \ Cache
Variable declaration:
% SystemDriver% system partition, usually "C: \"
% SystemRoot% WINDODWS directory, usually "C: \ Windows"
% Documents and Settings% user's documents directory, usually "C: \ Documents and Settings"
% Temp% temp folder, usually "C: \ Documents and Settings \ current user name \ Local Settings \ Temp"
% ProgramFiles% system program the default installation directory, typically: "C: \ ProgramFiles"
Analysis of the virus:
1 in the D drive to create the file druswmlskc.exe (2) to obtain the absolute path to the location itself, create a thread 3. To speak their own way with a copy of the copy to replace the D: \ druswmlskc.exe next, and run their own 4 registered their service 5 Create registry entries HKEY_LOCAL_MACHINE \ SODTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Shell Folders to achieve their own boot entry. 6. Create a process to find the system memory directory in soft kill 7. To create a remote process. Wait for the remote service client operating test once every 20 seconds. 8 detection time more than 1800 seconds to delete the original file itself Viruses create a file: D: \ druswmlskc.exe Virus creates registry: HKEY_LOCAL_MACHINE \ SODTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Shell Folders \ Cache Virus access to the network: 202.103 .***.* 9
Oyun…
Emre Aydin Hakkinda…
kameralı sohbet…
kameralı chat…
kameralı chat…
kameralı sohbet…
saç ekiminde kim yapmalıdır…
Liposuction ameliyatı…
Private Cappadocia Tour…
Private Cappadocia Tours…
nasıl yapılır…
dekorasyon…
cappadocia tour…
cappadocia turkey tours…
masa…
kokteyl masalari…
list of companies…
business list…
porselen diş…
porselen diş fiyatları…
acil kurye…
kurye…
sxe indir…
sxe download…
beyazesyaklimaservis.com…
Hello there, You have done an excellent job. I will definitely digg it and personally suggest to my friends. I am sure they’ll be benefited from this website….
maç dinle…
maç sonuçları…
lazer epilasyon izmir…
lazer epilasyon fiyatları…
xnetworkacademy.com…
Hello there, You have done a great job. I’ll certainly digg it and personally suggest to my friends. I am confident they will be benefited from this site….
Film izle…
Donmadan Film izle…
diziizledim.com…
Hi there, You have done an incredible job. I’ll definitely digg it and personally recommend to my friends. I am sure they will be benefited from this web site….
telekominternet.com…
Hi there, You have done an incredible job. I’ll definitely digg it and personally recommend to my friends. I am sure they’ll be benefited from this website….
merhaba televole…
I saw this really great post today….
Fragman izle…
Dizi Videoları…
banka kampanyaları…
otomobil kampanyaları…
resim yükle…
resim paylaş…
boşanma davası…
aile içi şiddet…
film fragmanları…
vizyondaki filmler…
oyun oyna…
bedava oyunlar…
eleştir…
facebook video indir…
Evden Eve Nakliyat…
istanbul Evden Eve Nakliyat…
online maç izle…
iddaa tahminleri…
superbahis…
ukash kart…
lumix waterproof camera…
waterproof camera…
borsa…
borsa haberleri…
konteyner…
birleşik konteyner…
kemerburgaz tente branda…
beşiktaş branda tente…
film izle…
hd film izle…
dis beyazlatma…
dis kaplama…
mankenler…
manken resimleri…
diamonds and rings…
wedding bands…
temizlik şirketleri…
temizlik şirketleri…