病毒名称:
W32.Cabreck
类别: Win32病毒
病毒资料:
这是一个Win32病毒,长度为12,288字节,感染windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows xp系统。它通过网络共享传播;当收到、打开此病毒时,,有以下危害:
A 显示对话框
B增加注册表项"run" = "Cable.exe"到注册表的
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows使得病毒在每次开机后自动执行
C 复制自身到以下目录的
系统驱动目录
Windows目录
当前目录
[本地共享目录]
以下文件
Cable.exe
FileCryptor.exe
Microsoft SP4.exe
Acrobat Reader Setup.exe
NAI McAfee.exe
Norton AV.exex
PGP Free.exe
PassWord recovery.exe
KazzaP2P.exe
Download accelerator.exe
linux Source.exe
WinZip.exe
Lotus app.exe
Netscape.exe
Money Manger.exe
Paypal.exe
FixMydoom.exe
BillSux.exe
MorpheusP2P.exe
E_donkey.exe
Calvin and Hobbes.exe
D 搜索网络共享,复制病毒到共享中的以下命名的文件
Cable.exe
FileCryptor.exe
Microsoft SP4.exe
Acrobat Reader.exe
Setup.exe
NAI Mcafee.exe
Norton AV.exex
PGP Free.exe
Password recovery.exe
KazzaP2P.exe
Download accelerator.exe
Linux Source.exe
Winzip.exe
Lotus app.exe
Netscape.exe
Money Manger.exe
Paypal.exe
FixMydoom.exe
BillSux.exe
MorpheusP2P.exe
E_donkey.exe
Calvin and Hobbes.exe
E 增加以下内容到Windows目录的win.ini 和cable.ini文件
Origin= India
Type= Netwreck Worm
Credicts= [Cable] By Gabe (Gabe Roq's Inc.)
Warning= Amazing things will happen, you just wait...
Note= Your Death is comming...Anticipation afterall is everything!
SignNote= Because Death is only the beginning...
Quote= For those who believe no explanation is necessary, for those who don't nothing will suffice.
病毒的清除法:
使用光华反病毒软件,彻底删除。
病毒演示:
病毒FAQ:
Windows下的PE病毒。
发现日期:
2005-7-25