顥?顥?virus name: Win32.Floodnet
顥?顥?alias: Win32/Cute.Worm, W32.Tendoolf, WORM_TENDOOLF.A
顥?顥?virus types: Win32
顥?顥?Virus Type: Worm
顥?顥?hazardous levels: in
顥?顥?transmission speed: fast
顥?顥?br />顥?顥?Virus features:
顥?顥?The virus is spread out using MAPI protocol messages worm. The virus e-mail format:
顥?顥?Subject: Thoughts ...
顥?顥?Body: I just found this program, and, i dont know why ... but it reminded me of you. Check it out.
顥?顥?Annex: Cute.exe
Annex running:
顥?顥?br />1. Virus infected machine will generate% Windows% Kernel32.exe virus copies, and deleted from the hard disk has been performed in this Annex.
顥?顥?br />顥?顥?2. Will create the following registry key:
顥?顥?HKLMSoftwareMicrosoftWindowsCurrentVersionRunWindows = "% Windows% kernel32.exe"
顥?顥?HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices = "% Windows% kernel32.exe"
顥?顥?HKCR.vxexefile
顥?顥?HKCR.vxContent Type = "application / x-msdownload"
顥?顥?HKCR.vxNeverShowExt
顥?顥?br />顥?顥?3. Will modify the system.ini and win.ini file, the command line is modified as follows:
顥?顥?system.ini:
顥?顥?[boot]
顥?顥?shell = explorer.exe% Windows% kernel32.exe
顥?顥?br />顥?顥?win.ini:
顥?顥?[windows]
顥?顥?load =% Windows% kernel32.exe
顥?顥?br />顥?顥?4. To act as a backdoor program used to connect IRC servers, and log in to a particular channel. Users in the channel may further send out e-mail, MSN Messenger and AOL Instante Messenger messages, so that may have distributed denial of service attack power.
顥?顥?br />顥?顥?carry the worm ftp and Http server is also able to infect the user's machine.
[Next]
顥?顥?5. Will try to remove the memory of the following processes:
顥?顥?_AVPCC.EXE
顥?顥?_AVPM.EXE
顥?顥?AVP32.EXE
顥?顥?AVPCC.EXE
顥?顥?AVPM.EXE
顥?顥?AVP.EXE
顥?顥?NAVAPW32.EXE
顥?顥?NAVW32.EXE
顥?顥?ICLOAD95.EXE
顥?顥?ICMON.EXE
顥?顥?ICSUPP95.EXE
顥?顥?ICLOADNT.EXE
顥?顥?ICSUPPNT.EXE
顥?顥?IFACE.EXE
顥?顥?ANTS.EXE
顥?顥?Anti-Trojan.exe
顥?顥?iamapp.exe
顥?顥?iamserv.exe
顥?顥?FRW.EXE
顥?顥?blackice.exe
顥?顥?blackd.exe
顥?顥?zonealarm.exe
顥?顥?minilog.exe
顥?顥?vsmon.exe
顥?顥?WrCtrl.exe
顥?顥?WrAdmin.exe
顥?顥?WrCtrl.exe
顥?顥?cleaner3.exe
顥?顥?cleaner.exe
顥?顥?tca.exe
顥?顥?MooLive.exe
顥?顥?lockdown2000.exe
顥?顥?Sphinx.exe
顥?顥?VSHWIN32.EXE
顥?顥?VSECOMR.EXE
顥?顥?WEBSCANX.EXE
顥?顥?AVCONSOL.EXE
顥?顥?VSSTAT.EXE
顥?顥?PCFWallIcon.EXE
顥?顥?APLICA32.EXE
顥?顥?CFIADMIN.EXE
顥?顥?CFIAUDIT.EXE
顥?顥?CFINET32.EXE
顥?顥?CFINET.EXE
顥?顥?TDS2-98.EXE
顥?顥?TDS2-NT.EXE
顥?顥?SAFEWEB.EXE
顥?顥?IFACE.EXE
顥?顥?TEMP.EXE
顥?顥?MPGSRV32.EXE
顥?顥?LIBUPDATE.EXE
顥?顥?RunDIl.exe
顥?顥?WinDll.exe
顥?顥?expl32.exe
顥?顥?RunDii.exe
顥?顥?rundli.exe
顥?顥?nvarch16.exe
顥?顥?Mssmmc32.exe
相关链接:
Christmas-Idea MPG 3G2 QUICKTIME to DVD
Google Video Format
Cucusoft IPod Movie/Video Conver Tools
Value Real Video Converter
CONVERT mpeg to avi
Best Telephony
Hope YouTube to iPhone MOV
LasVegas DVD to Mobile
convert mpg TO mov
Storage Religion
Youtube Movie To MPEG Store
Bluesea MP3 AAC CD To WAV Backup
Dvd Audio Ripper
No comments:
Post a Comment