Sosyal Medya Haberleri, Sosyal Medya Yardım, Sorum Var

26-09-2019, 20:40:37

#1
Duygu

Açık Profil bilgileri

Özel Mesaj Gönder

Duygu tarafından gönderilen tüm mesajları bul

Duygu'ı arkadaş olarak ekle
http://www.sophos.com/virusinfo/analyses/w32aozob.html webde ararken buldum. aşagıda ozellikleri var. koyu kırmızı ile işaretledim cumleyi. bilen arkadaşlar el atsalar bu konuya super olur. W32/Aozo-B is a worm that spreads through local remote shares, filesharing networks and an IRC channels. When executed W32/Aozo-B creates a number of copies of itself, as: * notepad.exe in the Windows folder * w00t.exe in the Windows system folder * Config.dll, W32.Darkness.Krew.exe and Windows Update.exe in the Windows system32 folder * Config.dll, Mr_Zer0.exe and Mydoom Patch.exe in the root folder * Windows Update.exe in the Windows Startup folder W32/Aozo-B sets the following registry entries: HKLM\Software\Microsoft\Windows\CurrentVersion\Run \Configuration Loader with the path to the Windows Update.exe file HKLM\Software\Microsoft\Windows\CurrentVersion\Run \Windows Update with the path to the System.exe file HKLM\Software\Microsoft\Windows\CurrentVersion\Run \Msn Messenger with the path to the Mr_Zer0.exe file W32/Aozo-B also changes Internet Explorer settings by changing the following registry entry: HKU\Software\Microsoft\Internet Explorer\Main\Start Page = "http://www.gayporn.com" W32/Aozo-B attempts to copy itself to the root folder shares as All Your Games.exe. W32/Aozo-B attempts to copy itself to the available share folders of peer-to-peer filesharing networks, or to C:\My Shared Folder, with the following filenames: Aim bot 2004 .exe All Vb Codes.exe Credit Card Genarator 2004.exe Darkness_Krew (Mr_Zer0,n1tr0,Mr_Docktor,HeXcoN).exe Ddos Bot 2004.exe Drug Wars 2004.exe Hackers Expert (hack the world!).exe Hotmail Hacker Gold 2004 (Special Edition).exe Hotmail Password Stealer.exe MirC Kick Bot.exe Msblast - Patch.exe Msn Messenger 6x Crasher.exe Msn Messenger 6x Emotion Pack (More Than 1000).exe Msn Webcam Hack (Watch any one with out them knowin!,MUST DOWNLOAD!).exe My Doom (Get Rid Of The Nasty Worm!).exe Mydoom patch! (working).exe Need for Speed Underground (BOTS).exe Norton 2004 (*****).exe Nuker 2004.exe Optix pro 5.exe Pussi-Lover-Game.exe Quake 3 Aim bot.exe Quake 4 (Demo Patch).exe Serials 2004.exe Steal Credit cards (Get them sent to your email!).exe Sub 7 2004.exe Sub 7 Password *****er.exe Syn flooder 2004.exe Visual Basic 6 Decompiler.exe W32.Darkness.krew.exe Windows Keygen (ALL VERSION OF WINDOWS!).exe Yahoo Webcam Hack.exe Yahoo bot 2004 (kick,pw stealer etc).exe aim kicker 2004.exe ebook Visual Basic 6 (Black Book 2004.exe hentai game cd patch.exe W32/Aozo-B may create a mirc.ini script that sends out a copy of the worm with the filename windows~.exe. As a payload W32/Aozo-B pings Symantec.com and download.com and may also share all drives on the infected machine. W32/Aozo-B attempts to terminate a number of processes related to various anti-virus and security applications: _AVP32.EXE _AVPCC.EXE _AVPM.EXE ACKWIN32.EXE ANTI-TROJAN.EXE APVXDWIN.EXE AUTODOWN.EXE AVCONSOL.EXE AVE32.EXE AVGCTRL.EXE AVKSERV.EXE AVNT.EXE AVP.EXE AVP32.EXE AVPCC.EXE AVPDOS32.EXE AVPM.EXE AVPMON.EXE AVPNT.EXE AVPTC32.EXE AVPUPD.EXE AVSCHED32.EXE AVWIN95.EXE AVWUPD32.EXE BLACKD.EXE BLACKICE.EXE CCAPP.EXE CFIADMIN.EXE ESAFE.EXE CFIAUDIT.EXE CFIND.EXE CFINET.EXE CFINET32.EXE CLAW95.EXE CLAW95CF.EXE CLAW95CT.EXE CLEANER.EXE CLEANER3.EXE DV95.EXE DV95_O.EXE DVP95.EXE DVP95_0.EXE TerminateEXE ECENGINE.EXE EFINET32.EXE ESPWATCH.EXE F-AGNT95.EXE FINDVIRU.EXE FPROT.EXE F-PROT.EXE FPROT95.EXE F-PROT95.EXE FP-WIN.EXE FRW.EXE F-STOPW.EXE IAMAPP.EXE IAMSERV.EXE IBMASN.EXE IBMAVSP.EXE ICLOAD95.EXE ICLOADNT.EXE ICMON.EXE ICMOON.EXE ICSSUPPNT.EXE ICSUPP95.EXE ICSUPPNT.EXE IFACE.EXE IOMON98.EXE JED.EXE JEDI.EXE KPF.EXE KPFW32.EXE LOCKDOWN2000.EXE LOOKOUT.EXE LUALL.EXE MOOLIVE.EXE MPFTRAY.EXE N32SCAN.EXE N32SCANW.EXE NAVAPW32.EXE NAVLU32.EXE NAVNT.EXE NAVSCHED.EXE NAVW.EXE NAVW32.EXE VET95.EXE NAVWNT.EXE NISUM.EXE NMAIN.EXE NORMIST.EXE NUPGRADE.EXE NVC95.EXE OUTPOST.EXE PADMIN.EXE PAVCL.EXE PAVSCHED.EXE PAVW.EXE PCCWIN98.EXE PCFWALLICON.EXE PERSFW.EXE RAV7.EXE RAV7WIN.EXE RESCUE.EXE SAFEWEB.EXE SCAN32.EXE SCAN95.EXE SCANPM.EXE SCRSCAN.EXE SERV95.EXE SMC.EXE SPHINX.EXE SWEEP95.EXE TBSCAN.EXE TCA.EXE TDS2-98.EXE TDS2-NT.EXE VCONTROL.EXE VET32.EXE VET98.EXE VETTRAY.EXE VSCAN40.EXE VSECOMR.EXE VSHWIN32.EXE VSSCAN40.EXE VSSTAT.EXE WEBSCAN.EXE WEBSCANX.EXE WFINDV32.EXE ZAPRO.EXE or those containing one of the following strings: zonealarm.EXE mcafee.exe navapsvc.exe zaplus.exe vsmon.exe MS-DOS Prompt Norton Antivirus Registry Editor Windows Task Manager System Configuration Utility close program Norton AntiVirus Professional ZoneAlarm Pro __________________

Ne Bakiyon Tiklasana