病毒名称(中文):
病毒别名:
Trojan.Trickler.3202[RAV:15.38]
威胁级别:
★☆☆☆☆
病毒类型:
木马程序
病毒长度:
200988
影响系统:
Win9xWinNTWin2000WinXP
病毒行为:
无
编写工具:
VC++6.0
传染条件:
已知来源:随一些共享软件安装
发作条件:
启动后自动加载运行
系统修改:
A.添加如下注册表项:
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
"Trickler"=应用程序运行路径
[HKEY_LOCAL_MACHINESoftwareGator.com]
[HKEY_LOCAL_MACHINESoftwareGator.comTrickler]
"FirstStartValue"=dword:0000034c
"StartTime"=dword:3f9d259d
"FirstStartSent"=dword:00000001
"AppPath"=应用程序运行路径
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerFiles]
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerFilesSilentSetup]
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerFilesSilentSetupdl]
"Attempts"=dword:00000001
"Errors"=dword:00000000
"FileDones"=dword:00000000
"UrlTime"="Tue,16Apr200200:04:19GMT"
"UrlSize"=dword:0002a675
"StoredFile"=""
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerFilesSilentSetupchk]
"CheckFailures"=dword:00000000
"Attempts"=dword:00000000
"Errors"=dword:00000000
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerFilesBundle]
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerFilesBundledl]
"Attempts"=dword:00000000
"Errors"=dword:00000000
"FileDones"=dword:00000000
"UrlTime"=""
"UrlSize"=dword:ffffffff
"StoredFile"=""
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerFilesBundlechk]
"CheckFailures"=dword:00000000
"Attempts"=dword:00000000
"Errors"=dword:00000000
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerFilesOemResDll]
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerFilesOemResDlldl]
"Attempts"=dword:00000000
"Errors"=dword:00000000
"FileDones"=dword:00000000
"UrlTime"=""
"UrlSize"=dword:ffffffff
"StoredFile"=""
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerFilesOemResDllchk]
"CheckFailures"=dword:00000000
"Attempts"=dword:00000000
"Errors"=dword:00000000
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerFilesTricklerInf]
"Attempts"=dword:00000002
"Errors"=dword:00000000
"FileDones"=dword:00000000
"UrlTime"="Tue,14Oct200320:34:12GMT"
"UrlSize"=dword:0000176c
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerSettings]
"Dead"=dword:00000000
"OEM"=dword:00000001
"TrickleRate"=dword:00000019
"RequirePassword"=dword:00000000
"MinPasswordLength"=dword:00000000
"InstallGator"=dword:00000000
"InstallOffers"=dword:00000000
"OemResDll"=""
"SilentSetupExe"="PdpSetup3103.ex_"
"Bundle"="3124.gsz"
"BundleVer"="3.1.2.4"
"IMUDelay"=dword:00000000
"PreInstalledApps"="DivxNetwork2"
"AppRequests"=""
"Verbose"=dword:00000000
"PingRS"=dword:00000000
"DropdeadThresholdPct"=dword:00000032
"DropdeadExtendHours"=dword:000002d0
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerdownloads]
[HKEY_LOCAL_MACHINESoftwareGator.comTricklerdownloadsrickle.gator.com:80/download/PdpSetup3103.ex_]
"AccumFile"="C:\WINDOWS\TEMP\fsg_tmp\accum\Trickler\GTA0003821E.tmp"
"UrlSize"=dword:0002a675
"UrlTime"="Tue,16Apr200200:04:19GMT"
[HKEY_LOCAL_MACHINESoftwareGator.comGator]
[HKEY_LOCAL_MACHINESoftwareGator.comGatordyn]
"PdpFirstStart"="841:NEW"
[HKEY_LOCAL_MACHINESoftwareGator.comGatorstat]
"Guid"="5949FF20-08C9-11D8-A444-A5FE5702E862"
"MID"=dword:116cb0e1
发作现象:
无
非凡说明:
暂缺
