顥?顥?virus name: Win32.Floodnet
顥?顥?alias: Win32/Cute.Worm, W32.Tendoolf, WORM_TENDOOLF.A
顥?顥?virus types: Win32
顥?顥?Virus Type: Worm
顥?顥?hazardous levels: in
顥?顥?transmission speed: fast
顥?顥?br />顥?顥?Virus features:
顥?顥?The virus is spread out using MAPI protocol messages worm. The virus e-mail format:
顥?顥?Subject: Thoughts ...
顥?顥?Body: I just found this program, and, i dont know why ... but it reminded me of you. Check it out.
顥?顥?Annex: Cute.exe
Annex running:
顥?顥?br />1. Virus infected machine will generate% Windows% Kernel32.exe virus copies, and deleted from the hard disk has been performed in this Annex.
顥?顥?br />顥?顥?2. Will create the following registry key:
顥?顥?HKLMSoftwareMicrosoftWindowsCurrentVersionRunWindows = "% Windows% kernel32.exe"
顥?顥?HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices = "% Windows% kernel32.exe"
顥?顥?HKCR.vxexefile
顥?顥?HKCR.vxContent Type = "application / x-msdownload"
顥?顥?HKCR.vxNeverShowExt
顥?顥?br />顥?顥?3. Will modify the system.ini and win.ini file, the command line is modified as follows:
顥?顥?system.ini:
顥?顥?[boot]
顥?顥?shell = explorer.exe% Windows% kernel32.exe
顥?顥?br />顥?顥?win.ini:
顥?顥?[windows]
顥?顥?load =% Windows% kernel32.exe
顥?顥?br />顥?顥?4. To act as a backdoor program used to connect IRC servers, and log in to a particular channel. Users in the channel may further send out e-mail, MSN Messenger and AOL Instante Messenger messages, so that may have distributed denial of service attack power.
顥?顥?br />顥?顥?carry the worm ftp and Http server is also able to infect the user's machine.
[Next]
顥?顥?5. Will try to remove the memory of the following processes:
顥?顥?_AVPCC.EXE
顥?顥?_AVPM.EXE
顥?顥?AVP32.EXE
顥?顥?AVPCC.EXE
顥?顥?AVPM.EXE
顥?顥?AVP.EXE
顥?顥?NAVAPW32.EXE
顥?顥?NAVW32.EXE
顥?顥?ICLOAD95.EXE
顥?顥?ICMON.EXE
顥?顥?ICSUPP95.EXE
顥?顥?ICLOADNT.EXE
顥?顥?ICSUPPNT.EXE
顥?顥?IFACE.EXE
顥?顥?ANTS.EXE
顥?顥?Anti-Trojan.exe
顥?顥?iamapp.exe
顥?顥?iamserv.exe
顥?顥?FRW.EXE
顥?顥?blackice.exe
顥?顥?blackd.exe
顥?顥?zonealarm.exe
顥?顥?minilog.exe
顥?顥?vsmon.exe
顥?顥?WrCtrl.exe
顥?顥?WrAdmin.exe
顥?顥?WrCtrl.exe
顥?顥?cleaner3.exe
顥?顥?cleaner.exe
顥?顥?tca.exe
顥?顥?MooLive.exe
顥?顥?lockdown2000.exe
顥?顥?Sphinx.exe
顥?顥?VSHWIN32.EXE
顥?顥?VSECOMR.EXE
顥?顥?WEBSCANX.EXE
顥?顥?AVCONSOL.EXE
顥?顥?VSSTAT.EXE
顥?顥?PCFWallIcon.EXE
顥?顥?APLICA32.EXE
顥?顥?CFIADMIN.EXE
顥?顥?CFIAUDIT.EXE
顥?顥?CFINET32.EXE
顥?顥?CFINET.EXE
顥?顥?TDS2-98.EXE
顥?顥?TDS2-NT.EXE
顥?顥?SAFEWEB.EXE
顥?顥?IFACE.EXE
顥?顥?TEMP.EXE
顥?顥?MPGSRV32.EXE
顥?顥?LIBUPDATE.EXE
顥?顥?RunDIl.exe
顥?顥?WinDll.exe
顥?顥?expl32.exe
顥?顥?RunDii.exe
顥?顥?rundli.exe
顥?顥?nvarch16.exe
顥?顥?Mssmmc32.exe
相关链接:
Procurement into the DECISION-MAKING problems faced in China
Listed company s three key financial indicators
How-to DVD Burner
Avi to 3gp converter free download
Convert mp3 to aac
Value DVD to Zune Converter
convert flv to mov
Games Arcade evaluation
BLUESEA MPEG SWF to AVI
Free FLV Watermarker
Ts video format
MovieTaxi PSP Video Converter Platinum
HTML Tools COMPARISON
Shop Java And JavaScript
Shop Launchers And Task Managers
No comments:
Post a Comment