Worm.P2P.Surnova.d简介_Worm.P2P.Surnova.d个人资料_Worm.P2P.Surnova.d微博_百科网
A-A+

Worm.P2P.Surnova.d简介_Worm.P2P.Surnova.d个人资料_Worm.P2P.Surnova.d微博

2016-12-01 00:20:24 科学百科 阅读 3 次

概述/Worm.P2P.Surnova.d 编辑

 

病毒别名:
处理时间:2002-07-10
威胁级别:★★
中文名称:
病毒类型:蠕虫
影响系统:Win9x / WinNT

病毒行为:/Worm.P2P.Surnova.d 编辑


该蠕虫通过KaZaA网络及MSN即时聊天工具进行传播。

1.感染此蠕虫后,它首先会将自身以如下名字之一拷贝至Windows文件夹下:
Alles-ist-vorbei.exe
Desktop-shooting.exe
Hello-Kitty.exe
BigMac.exe
Cheese-Burger.exe
Blaargh.exe

2.在注册表的主键:
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun
中添加如下键值:
"Supernova"="%system%<随机字符>.exe"
使得自己随Windows的启动而启动。

3.若病毒第一次运行,它会弹出假的报错对话框:
"Application attempted to read memory at 0xFFFFFFFFh Terminating application"

4.病毒通过设置如下注册表键使得病毒能借助KaZaA网络上的共享文件夹传播:
HKEY_LOCAL_MACHINESoftwareKaZaALocalContent

假如该键值未找到,病毒就会在 C:WindowsMedia 文件夹下创建如下名称的共七十个病毒副本:
Windows XP key generator.exe
Windows XP serial generator.exe
Key generator for all windows XP versions.exe
Warcraft 3 ONLINE key generator.exe
Half-life ONLINE key generator.exe
Quake 4 BETA.exe
Grand theft auto 3 CD1 crack.exe
GTA3 crack.exe
Battle.net key generator (WORKS!!).exe
Warcraft 3 battle.net serial generator.exe
Half-life WON key generator.exe
Star wars episode 2 downloader.exe
Winzip 8.0 + serial.exe
Winrar + crack.exe
Britney spears nude.exe
Macromedia MX key generator (all products).exe
KaZaA media desktop v2.0 UNOFFICIAL.exe
Microsoft key generator, works for ALL microsoft products!!.exe
Microsoft Windows XP crack pack.exe
Hack into any computer!!.exe
DivX codec v6.0.exe
DivX newest version.exe
DivX.exe
DivX pro key generator.exe
Key generator for over 1,000 applications (really!).exe
DivX patch - Increases quality.exe
KaZaA spyware remover.exe
Age of empires 2 crack.exe
Norton antivirus 2002.exe
Macromedia Dreamweaver MX Key Generator.exe
Macromedia Flash MX Key Generator.exe
Neverwinter nights crack.exe
Microsoft Office XP (english) key generator.exe
Microsoft Office XP.iso.exe
CloneCD + crack.exe
CloneCD all-versions key generator.exe
XBOX emulator (WORKS!!).exeGamecube Emulator (WORKS!!).exeXbox.info.exeGrand Prix 4 crack.exe
Nokia simlock remover (includes new models).exe
Norton antivirus 2002.exe
Macromedia Dreamweaver MX Key Generator.exe
Macromedia Flash MX Key Generator.exe
Neverwinter nights crack.exe
Microsoft Office XP (english) key generator.exe
Microsoft Office XP.iso.exe
CloneCD + crack.exe
CloneCD all-versions key generator.exe
XBOX emulator (WORKS!!).exe
Gamecube Emulator (WORKS!!).exe
Xbox.info.exe
Grand Prix 4 crack.exe
Nokia simlock remover (includes new models).exe
Britney spears hard porn (REAL!).exe
Christina Aguilera fuck (REAL!).exe
Kiddy child incest porn.exe
Doom 3 preview!!.exe
Crazy taxi crack.exe
Copy protection remover.exe
Sex.exe
Jedi Knight 2 crack.exe
Warcraft 3 trainer.exe
Cable modem uncapper.exe
Grand theft auto 3 trainer.exe
KaZaA hack.exe
KaZaA lite.exe
Dragonball Z.exe
Dragonball Z COMPLETE episode guide.exe
Dragonball Z shootout.exe
Dragonball Z episode 1.exe
J-LO Nude (REAL!!).exe
Doom 3 screenshots.exe
Resident Evil 【DivX】.exe
Shrek.exe
Starcraft 2 preview!.exe
Starcraft battle.net key generator.exe
Starcraft ONLINE crack.exe

5.病毒同时还会尝试将自身发送给受感染用户的MSN好友,可能以如下形式出现:
Hehe, check this out :-)
Funny, check it out (h)
LOL!! See this :D
LOL!! Check this out :)
Hehe, this is fun :-)

6.病毒还会在Windows文件夹中新建一个文本文件,文件名是由随机生成的数字组成,内容如下:
W32.Supernova - Ban religion
-------------------------------------------------------
Religion = War
Religion = Based on fairytales
Wars based on fairytales?
Ban religion, welcome to the truth
-------------------------------------------------------