Worm.AutoRun.125893

王朝other·作者佚名  2008-08-14
窄屏简体版  字體: |||超大  

病毒名称(中文):

间谍相机蠕虫125893

病毒别名:

威胁级别:

★★☆☆☆

病毒类型:

蠕虫病毒

病毒长度:

125893

影响系统:

Win9xWinMeWinNTWin2000WinXPWin2003

病毒行为:

这是蠕虫病毒,它通过发送带有病毒文件的电子邮件和AUTO病毒的方式传播。该病毒运行后会从网上下载病毒,并监视用户的网络通信,盗取用户的敏感资料。

1、释放文件

C:\WINDOWS\system32\a.jpg内容和autorun.inf相同

C:\WINDOWS\system32\Flower.dll负责执行病毒行为

C:\WINDOWS\system32\vista.exe负责加载Flower.dll

在每个分区的根目录下生成

E:\test.exe

E:\autorun.inf

2、修改注册表文件

映象劫持

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\360rpt.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\360Safe.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\360tray.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\adam.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\AgentSvr.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\appdllman.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\AppSvc32.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\auto.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\AutoRun.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\autoruns.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\avgrssvc.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\AvMonitor.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\avp.comDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\avp.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\CCenter.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\ccSvcHst.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\FileDsty.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\FTCleanerShell.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\guangd.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\HijackThis.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\IceSword.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\iparmo.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\Iparmor.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\isPwdSvc.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\kabaload.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KaScrScn.SCRDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KASMain.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KASTask.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KAV32.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KAVDX.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KAVPFW.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KAVSetup.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KAVStart.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\kernelwind32.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KISLnchr.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KMailMon.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KMFilter.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KPFW32.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KPFW32X.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KPFWSvc.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KRegEx.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KRepair.COMDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KsLoader.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KVCenter.kxpDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KvDetect.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KvfwMcl.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KVMonXP.kxpDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KVMonXP_1.kxpDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\kvol.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\kvolself.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KvReport.kxpDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KVSrvXP.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KVStub.kxpDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\kvupload.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\kvwsc.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KvXP.kxpDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KWatch.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KWatch9x.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\KWatchX.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\loaddll.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\logogo.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\MagicSet.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\mcafee.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\mcconsol.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\mmqczj.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\mmsk.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\NAVSetup.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\nod32krn.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\nod32kui.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\PFW.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\PFWLiveUpdate.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\QHSET.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\Ras.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\Rav.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\RavMon.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\RavMonD.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\RavStub.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\RavTask.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\RegClean.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\rfwcfg.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\RfwMain.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\rfwProxy.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\rfwsrv.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\rfwsrv.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\RsAgent.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\Rsaupd.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\runiep.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\safelive.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\scan32.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\shcfg32.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\SmartUp.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\sos.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\SREng.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\symlcsvc.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\SysSafe.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\taskmgr.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\TrojanDetector.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\Trojanwall.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\TrojDie.kxpDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\UFO.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\UIHost.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\UmxAgent.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\UmxAttachment.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\UmxFwHlp.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\UmxPol.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\UpLive.EXEDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\WoptiClean.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\XP.exeDebugger"C:\WINDOWS\system32\vista.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ImageFileExecutionOptions\zxsweep.exeDebugger"C:\WINDOWS\system32\vista.exe"

3、下载病毒,并发送电子邮件带病毒文件的电子邮件

4、盗取用户的信息,比如不时的对用户机器截屏幕

5、在用户机器上增加病毒自己的协议,监视用户机器的网络数据

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
 
 
© 2005- 王朝網路 版權所有 導航