Klez

王朝百科·作者佚名  2010-02-16
窄屏简体版  字體: |||超大  

病毒名称:Klez(求职信)

别名:Win32/Krn132,Win32/Klez, W32.Klez, Kleza.A,ElKern, Klaz, Kletz, I-Worm.Klez

病毒特点:

由于病毒体代码包含以下内容,该英文信的内容与求职有关,所以我们将其命名为“求职信”病毒。

(I'm sorry to do so,but it's helpless to say sorry.

I want a good job,I must support my parents.

Now you have seen my technical capabilities.

How much my year-salary now? NO more than $5,500.

What do you think of this fact?

Don't call my names,I have no hostility.

Can you help me?)

该病毒通过电子邮件传播,邮件的主题从下列中随机选取

Hi

Hello

How are you?

Can you help me?

We want peace

Where will you go?

Congratulations!!!

Don't Cry

Look at the pretty

Some advice on your shortcoming

Free XXX Pictures

A free hot porn site

Why don't you reply to me?

How about have dinner with me together?

Never kiss a stranger

附件的名称也是随机的,如Nxrj.exe,Uruo.exe,Vws.exe。如果用户使用微软的Outlook收发电子邮件,那么在预览含有该病毒的邮件时,病毒已经被执行。病毒一旦运行,将在C:WindowsSystem下生成两个隐含文件Krn132.exe和Wqk.exe,修改注册表,添加如下键值:

HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunKrn132=C:WINDOWSSYSTEMKrn132.exe

HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunWQK=C:WINDOWSSYSTEMWqk.exe

同时感染PE文件和.scr文件。

一旦感染此病毒,系统将变得非常缓慢,并且该病毒还可以通过取Outlook地址簿中的邮件地址自动传播给其他用户。

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
 
 
© 2005- 王朝網路 版權所有 導航