病毒名称(中文):
病毒别名:
P2P-Worm.Win32.Harex.a[AVP]
威胁级别:
★★☆☆☆
病毒类型:
蠕虫病毒
病毒长度:
14848
影响系统:
Win9xWinNT
病毒行为:
病毒尝试下载一个网络文件并运行,下载的文件是一个蠕虫病毒。病毒在系统目录中创建一个名为os32的目录,将自身复制到该目录,然后病
毒会将病毒文件名改为颇有迷惑性的名字,如标称自己为某种解压程序(xxxUnpacker.exe)、某种黑客程序(xxxhacker.exe),利用用户
的好奇心使其中毒。病毒还创建一些注册表键值,以标明病毒“到此一游”。
1.创建目录%sysem%\os32,并将自身复制的该目录下,命名可能为以下名字之一:
WebsiteHacker.exe
HtmlHacker.exe
BlowfishDecrypter.exe
UpxUnpacker.exe
UpxUnscrambler.exe
UpxDecrypter.exe
UpxEncrypter.exe
PeCompactUnpacker.exe
32liteUnpacker.exe
624Unpacker.exe
aPackUnpacker.exe
aplibUnpacker.exe
avpackUnpacker.exe
axeUnpacker.exe
dietUnpacker.exe
epackUnpacker.exe
lglzUnpacker.exe
lzexeUnpacker.exe
megaliteUnpacker.exe
packUnpacker.exe
pkliteUnpacker.exe
pksmartUnpacker.exe
pmodeUnpacker.exe
pro-packUnpacker.exe
rjcrushUnpacker.exe
ruccUnpacker.exe
syspackUnpacker.exe
vacuumUnpacker.exe
wwpackUnpacker.exe
XEUnpacker.exe
XpackUnpacker.exe
AspackUnpacker.exe
cExeUnpacker.exe
pcshrinkerUnpacker.exe
FsgUnpacker.exe
NeoliteUnpacker.exe
PeDiminisherUnpacker.exe
PetiteUnpacker.exe
GpxUnpacker.exe
GupxUnpacker.exe
WWPack32Unpacker.exe
Hotmailhacker.exe
aimhacker.exe
msnhacker.exe
mirchacker.exe
irchacker.exe
pirchhacker.exe
outlookexpresshacker.exe
outlookhacker.exe
emailhacker.exe
pophacker.exe
smtphacker.exe
sshhacker.exe
telnethacker.exe
windowshacker.exe
doshacker.exe
linuxhacker.exe
unixhacker.exe
machacker.exe
networkhacker.exe
nmapnt32.exe
nmap.exe
win32hacker.exe
win16hacker.exe
hacker.exe
Borlandc++Crack.exe
MicrosoftCCrack.exe
MicrosoftC++Crack.exe
MicrosoftCrack.exe
MacromediaCrack.exe
WindowsCrack.exe
XpCrack.exe
2kCrack.exe
98Crack.exe
EncryptionCrack.exe
Fbihack.exe
CiaHack.exe
WhitehouseCamera.exe
TheSimsSuperstarcheats.exe
WildRidesWaterParkFactorycheats.exe
NextGenerationTennis2003cheats.exe
FindingNemocheats.exe
NavalCampaignsGuadalcanalcheats.exe
SquadBattlesAdvanceoftheReichcheats.exe
EntertheMatrixcheats.exe
RiseofNationscheats.exe
GrandTheftAutoViceCitycheats.exe
Magneticcheats.exe
BigMuthaTruckerscheats.exe
Robocopcheats.exe
Bloodraynecheats.exe
TheSimsSuperstarcrack.exe
WildRidesWaterParkFactorycrack.exe
NextGenerationTennis2003crack.exe
FindingNemocrack.exe
NavalCampaignsGuadalcanalcrack.exe
SquadBattlesAdvanceoftheReichcrack.exe
EntertheMatrixcrack.exe
RiseofNationscrack.exe
GrandTheftAutoViceCitycrack.exe
Magneticcrack.exe
BigMuthaTruckerscrack.exe
Robocopcrack.exe
Bloodraynecrack.exe
2.下载网络文件到本地计算机,保存为c:\Win32.Exe,然后运行该文件。
3.创建注册表键值:
HKEY_CURRENT_USER\Software\Kazaa\Transfer"DlDir0"="<病毒路径>"
HKEY_CURRENT_USER\Software\Kazaa\LocalContent"Dir0"="012345:"
HKEY_CURRENT_USER\Software\Imesh\Client\LocalContent"Dir0"="012345:"
