Worm.DellCom

王朝other·作者佚名  2008-08-14
窄屏简体版  字體: |||超大  

病毒名称(中文):

病毒别名:

Worm.P2P.gen[AVP]

威胁级别:

★☆☆☆☆

病毒类型:

蠕虫病毒

病毒长度:

100355

影响系统:

Win9xWinNTWin2000WinXPWin2003

病毒行为:

编写工具:

传染条件:通过网络高速传播

发作条件:

系统修改:

A、在系统目录下添加以下文件:

%System%DellCom.exe

%System%DellCom.exe-up.txt

以及一个文件夹:

%System%kazaabackupfiles

在该文件夹下包含如下文件:

vicecity.exe

gtafull.exe

gtacrack.exe

Harry_PotteR_TETRIS.exe

crazytaxi2.exe

doom3beta.exe

quake3mods.exe

half-life.exe

RA21006EN.exe

hl1110.exe

osp-Quake3-1[1].01_full.exe

q3pointrelease_131.exe

osp-wolf-0.21.exe

Wolf_Update_141_full.exe

DiabloDupeHack.exe

DiabloMapHack.exe

StarcraftMaphack.exe

halflifebunnyhop.exe

Halflifewallhack.exe

Halflifeskinhack.exe

Hacktoolz.exe

PeeLover_game.exe

Lord_of_the_rings_screensaver.exe

Harry_Potter_screensaver.exe

EnriqueIglesiasScreenSaver.exe

JaRuleScreenSaver.exe

Pamela_AndersonvsTommy_leescreensaver.exe

Trillian_pro_plugins.exe

TrillianPro.exe

ICQ_Message_bot.exe

Yahoo!_Message_Bot.exe

Paltalk_pwd_hacker.exe

Paltalk_AntiBouncer.exe

Credit_Card_Gen_5.50.exe

Windows_xp_Media_center_hacker.exe

Hotmail_pwd_hacker.exe

Yahoo!_hacker.exe

XXX_Passwords.exe

WinXP_KeyGen.exe

WinMX_Backdoor_Hack.exe

Windows_XP_Keygen.exe

Windows_XP_Backdoor_Hack.exe

Windows_Hacker.exe

Windows_98_Hacker.exe

WinACE_With_Crack.exe

Warcraft_3_Keygen.exe

Warcraft_3_Crack.exe

Mirccrack.exe

mIRC_Backdoor_hack.exe

NeroFullVersion.exe

lolita-dialer.exe

lolita.exe

Aol_passwordcrack.exe

XXX_Password_Generator.exe

popup_stopper.exe

KazaaLite.exe

Kmd_171.exe

Kazaa_Advertisement_Remover.exe

Kazaa_Ad_Remover.exe

IRC_Hacker.exe

ICQ_Password_Stealer.exe

ICQ_Hack.exe

ICQ_AIM_Password_Stealer.exe

NeroCrack.exe

Hot_Sex.exe

Hentai.exe

Aol_Punter.exehacking_Tools.exe

Aol_PasswordSteal.exe

Aol_Hacker.exe

Aim_Punter.exe

Aim_Password_Stealer.exe

Aim_Hacker.exe

B、在注册表主键:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun

下添加如下键值:

"DellComp"="DELLCOM.exe"

在注册表主键:

HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun

下添加如下键值:

"DellComp"="DellCom.exe"

添加子键:

HKEY_CURRENT_USERSOFTWAREKAZAALocalContent

并在其下添加如下键值:

"Dir0"="012345:%System%kazaabackupfiles"

C、该病毒运行后,还会删除第一次运行时的文件。

发作现象:

非凡说明:

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
 
 
© 2005- 王朝網路 版權所有 導航