顥?顥?virus name: Win32.Floodnet
顥?顥?alias: Win32/Cute.Worm, W32.Tendoolf, WORM_TENDOOLF.A
顥?顥?virus types: Win32
顥?顥?Virus Type: Worm
顥?顥?hazardous levels: in
顥?顥?transmission speed: fast
顥?顥?br />顥?顥?Virus features:
顥?顥?The virus is spread out using MAPI protocol messages worm. The virus e-mail format:
顥?顥?Subject: Thoughts ...
顥?顥?Body: I just found this program, and, i dont know why ... but it reminded me of you. Check it out.
顥?顥?Annex: Cute.exe
Annex running:
顥?顥?br />1. Virus infected machine will generate% Windows% Kernel32.exe virus copies, and deleted from the hard disk has been performed in this Annex.
顥?顥?br />顥?顥?2. Will create the following registry key:
顥?顥?HKLMSoftwareMicrosoftWindowsCurrentVersionRunWindows = "% Windows% kernel32.exe"
顥?顥?HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices = "% Windows% kernel32.exe"
顥?顥?HKCR.vxexefile
顥?顥?HKCR.vxContent Type = "application / x-msdownload"
顥?顥?HKCR.vxNeverShowExt
顥?顥?br />顥?顥?3. Will modify the system.ini and win.ini file, the command line is modified as follows:
顥?顥?system.ini:
顥?顥?[boot]
顥?顥?shell = explorer.exe% Windows% kernel32.exe
顥?顥?br />顥?顥?win.ini:
顥?顥?[windows]
顥?顥?load =% Windows% kernel32.exe
顥?顥?br />顥?顥?4. To act as a backdoor program used to connect IRC servers, and log in to a particular channel. Users in the channel may further send out e-mail, MSN Messenger and AOL Instante Messenger messages, so that may have distributed denial of service attack power.
顥?顥?br />顥?顥?carry the worm ftp and Http server is also able to infect the user's machine.
[Next]
顥?顥?5. Will try to remove the memory of the following processes:
顥?顥?_AVPCC.EXE
顥?顥?_AVPM.EXE
顥?顥?AVP32.EXE
顥?顥?AVPCC.EXE
顥?顥?AVPM.EXE
顥?顥?AVP.EXE
顥?顥?NAVAPW32.EXE
顥?顥?NAVW32.EXE
顥?顥?ICLOAD95.EXE
顥?顥?ICMON.EXE
顥?顥?ICSUPP95.EXE
顥?顥?ICLOADNT.EXE
顥?顥?ICSUPPNT.EXE
顥?顥?IFACE.EXE
顥?顥?ANTS.EXE
顥?顥?Anti-Trojan.exe
顥?顥?iamapp.exe
顥?顥?iamserv.exe
顥?顥?FRW.EXE
顥?顥?blackice.exe
顥?顥?blackd.exe
顥?顥?zonealarm.exe
顥?顥?minilog.exe
顥?顥?vsmon.exe
顥?顥?WrCtrl.exe
顥?顥?WrAdmin.exe
顥?顥?WrCtrl.exe
顥?顥?cleaner3.exe
顥?顥?cleaner.exe
顥?顥?tca.exe
顥?顥?MooLive.exe
顥?顥?lockdown2000.exe
顥?顥?Sphinx.exe
顥?顥?VSHWIN32.EXE
顥?顥?VSECOMR.EXE
顥?顥?WEBSCANX.EXE
顥?顥?AVCONSOL.EXE
顥?顥?VSSTAT.EXE
顥?顥?PCFWallIcon.EXE
顥?顥?APLICA32.EXE
顥?顥?CFIADMIN.EXE
顥?顥?CFIAUDIT.EXE
顥?顥?CFINET32.EXE
顥?顥?CFINET.EXE
顥?顥?TDS2-98.EXE
顥?顥?TDS2-NT.EXE
顥?顥?SAFEWEB.EXE
顥?顥?IFACE.EXE
顥?顥?TEMP.EXE
顥?顥?MPGSRV32.EXE
顥?顥?LIBUPDATE.EXE
顥?顥?RunDIl.exe
顥?顥?WinDll.exe
顥?顥?expl32.exe
顥?顥?RunDii.exe
顥?顥?rundli.exe
顥?顥?nvarch16.exe
顥?顥?Mssmmc32.exe
相关链接:
Review Access CONTROL
CXBSoft DVD To MKV Converter
Best Mathematics Education
Merry DVD-AUDIO CDA M4P to WAV Burner
Flv to mov
My favorite Audio And Multimedia
! WMA OGG Converter
Swift DVD AOL VIDEO QT Copy
Bluesea DVD To MOV
Youtube Movie to RMVB Help
vob File
Compare Covert Surveillance
how to convert m4v to MP4
Youtube FLV to EPOC Deluxe
Youtube To PPC Pack
swf Format
Happiness 3GPP 3GPP2 Convert
No comments:
Post a Comment