病毒名称(中文):
病毒别名:
P2P-Worm.Win32.Surnova.b[AVP]
威胁级别:
★★☆☆☆
病毒类型:
蠕虫病毒
病毒长度:
40960
影响系统:
Win9xWinNT
病毒行为:
这是一个通过电子邮件和KAZAA文件共享系统传播的蠕虫病毒。该病毒会将自己拷贝到系统目录和Media目录下,再将Media目录与KAZAA文件共享系统的下载目录联系起来,诱骗用户去下载并运行这些伪装成有用程序的病毒。此外,该病毒还通过电子邮件将自己发送出去。
1)病毒运行时弹出如下窗口,并将自己拷贝到%SystemRoot%目录下
病毒名可能是:
Alles-ist-vorbei.exe
Desktop-shooting.exe
Hello-Kitty.exe
BigMac.exe
Cheese-Burger.exe
例如:
2)在%SystemRoot%目录下生成一个文件名由随机数字组成的TXT文件,其内容是:
W32.Supernova
---------------------------------------------------
"Patchtheleaksortheshipwillsink"
---------------------------------------------------
3)添加注册表启动项:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"Supernova"="%SystemRoot%\Hello-Kitty.exe"
4)将病毒的多个副本拷贝到%SystemRoot%\Media目录下,再修改KAZAA的下载路径到该目录:
WindowsXPkeygenerator.exe
WindowsXPserialgenerator.exe
KeygeneratorforallwindowsXPversions.exe
Warcraft3ONLINEkeygenerator.exe
Half-lifeONLINEkeygenerator.exe
Quake4BETA.exe
Grandtheftauto3CD1crack.exe
GTA3crack.exe
Battle.netkeygenerator(WORKS!!).exe
Warcraft3battle.netserialgenerator.exe
Half-lifeWONkeygenerator.exe
Starwarsepisode2downloader.exe
Winzip8.0+serial.exe
Winrar+crack.exe
Britneyspearsnude.exe
MacromediaMXkeygenerator(allproducts).exe
KaZaAmediadesktopv2.0UNOFFICIAL.exe
Microsoftkeygenerator,worksforALLmicrosoftproducts!!.exe
MicrosoftWindowsXPcrackpack.exe
Hackintoanycomputer!!.exe
DivXcodecv6.0.exe
DivXnewestversion.exe
DivX.exe
DivXprokeygenerator.exe
Keygeneratorforover1,000applications(really!).exe
DivXpatch-Increasesquality.exe
KaZaAspywareremover.exe
Ageofempires2crack.exe
Nortonantivirus2002.exe
XBOXemulator(WORKS!!).exe
MacromediaDreamweaverMXKeyGenerator.exe
MacromediaFlashMXKeyGenerator.exe
MicrosoftOfficeXP(english)keygenerator.exe
MicrosoftOfficeXP.iso.exe
CloneCD+crack.exe
CloneCDall-versionskeygenerator.exe
GamecubeEmulator(WORKS!!).exe
Xbox.info.exe
5)病毒邮件可能采用的主题:
Hehe,checkthisout:-)
Funny,checkitout(h)
LOL!!Seethis:D
LOL!!Checkthisout:)
Hehe,thisisfun:-)
