Win32.Troj.Small.vr是一種木馬病毒。
基本介紹
- 中文名:Win32.Troj.Small.vr
- 威脅級別:★
- 病毒類型:木馬
- 影響系統:Win 9x/ME,Win 2000/NT
病毒行為:
1、生成的檔案
%Documents and Settings%\All Users\桌面\Internet Explorer.lnk
%Documents and Settings%\administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\啟動 Internet Explorer 瀏覽器.lnk
%SystemRoot%\system32\drivers\olgjvcwo.sys
2、添加驅動
HKLM\System\CurrentControlSet\Services\olgjvcwo
"Type" = "0x1"
HKLM\System\CurrentControlSet\Services\olgjvcwo
"Start" = "0x0"
HKLM\System\CurrentControlSet\Services\olgjvcwo
"ImagePath" = "system32\drivers\olgjvcwo.sys"
HKLM\System\CurrentControlSet\Services\olgjvcwo
"DisplayName" = "olgjvcwo"
3、捷徑Internet Explorer.lnk會默認打開http://5115.5009.**//
"%Program Files$\Internet Explorer\IEXPLORE.EXE" 5115.5009.**//
4、該病毒會將主頁設定為:http://5115.5009.**/