| 订阅 | 在线投稿
分享
 
 
 

Win32.Hack.NetDoor.s

2008-08-14 22:36:51 编辑來源:互联网 国际版 评论
 
 
本文为【Win32.Hack.NetDoor.s】的汉字拼音对照版显示拼音
  bingdumingcheng(zhongwen):

  

  bingdubieming:

  

  

  weixiejibie:

  

  bingduleixing:

  heikechengxu

  bingduchangdu:

  743669

  yingxiangxitong:

  Win9xWinMeWinNTWin2000WinXPWin2003

  

  bingduxingwei:

  zheshiyigeheikehoumenbingdugaibingdudezhuyaoweihaishizaiyonghuzhujiliuxiahoumengongheikedeyuanchenglianjiekongzhibingxiazaiqitabingduganranjisuanjigaibingduweitupiantubiaofazuoshihuizhendedakaiyigetupianlaimihuoyonghuerzaihoutaijinxingganranyonghuzhujigaibingduhuanhuijieshudaliangsharuanjinchengjiangdixitongdeanquandengji

  1shengchengwenjian

  %widndows%\SYN.exe

  %system%\drivers\npf.sys

  %system%\MyPic.jpg

  %system%\Packet.dll

  %system%\WanPacket.dll

  %system%\wpcap.dll

  %widndows%\HLP.exe

  C:\ProgramFiles\WindowsNT\svchost.exe

  C:\ProgramFiles\WindowsNT\lsass.exe

  C:\ProgramFiles\WindowsNT\ICWUT.DLL

  2tianjiaqidongxiang

  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Internet

  "ImagePath"=""C:\ProgramFiles\WindowsNT\lsass.exe"ServiceStart"

  3shezhixialiexiangdezhucebiaozhi

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{EF6205C1-3F17-4829-BCB5-1336ED89E356}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{E689D735-1487-420D-9049-16ED198FE411}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{E4F500BF-C1A3-11D6-9697-0090961B771E}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{DDA166FA-B3EA-4A3B-8EE2-4F552CDEEE81}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{DA984A6D-508E-11D6-AA49-0050FF3C628D}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{BA52B914-B692-46C4-B683-905236F6F655}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{B5A34A93-D538-43A7-8371-864CB6148D12}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{9BDBC41E-C335-4263-83C0-ECE78EE28A33}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{7584C670-2274-4EFB-B00B-D6AABA6D3850}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{74D05D43-3236-11D4-BDCD-00C04F9A3B61}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{6E5A37BF-FD42-463A-877C-4EB7002E68AE}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{644E432F-49D3-41A1-8DD5-E099162EEEC5}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{6414512B-B978-451D-A0D8-FCFDF33E833C}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{5DD731E6-D4F0-11D3-BE3F-00105A6FDA50}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{2359626E-7524-4F87-B04E-22CD38A0C88C}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{17492023-C23A-453E-A040-C7C580BBF700}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}

  HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{0C568603-D79D-11D2-87A7-00C04FF158BB}

  "CompatibilityFlags"=0x400

  4shanchuxialiesharuanqidongxiang

  HKLM\Software\Microsoft\Windows\CurrentVersion\Run

  SKYNETPersonalFireWall

  RavTask

  RavMon

  RavTimer

  RfwMain

  URLLSTCK.exe

  ccApp

  KAVPersonal50

  Kavrun

  KavPFW

  KavStart

  iDubaPersonalFireWall

  KVFW

  KvXP

  KvMonXP

  5shanchuxialiefuwu

  SYSTEM\CurrentControlSet\Services\RsCCenter

  SYSTEM\CurrentControlSet\Services\RsRavMon

  SYSTEM\CurrentControlSet\Services\RfwProxySrv

  SYSTEM\CurrentControlSet\Services\RfwService

  SYSTEM\CurrentControlSet\Services\SymantecCoreLC

  SYSTEM\CurrentControlSet\Services\SPBBCSvc

  SYSTEM\CurrentControlSet\Services\SNDSrvc

  SYSTEM\CurrentControlSet\Services\SAVScan

  SYSTEM\CurrentControlSet\Services\NSCService

  SYSTEM\CurrentControlSet\Services\navapsvc

  SYSTEM\CurrentControlSet\Services\comHost

  SYSTEM\CurrentControlSet\Services\ccSetMgr

  SYSTEM\CurrentControlSet\Services\ccProxy

  SYSTEM\CurrentControlSet\Services\ccISPwdSvc

  SYSTEM\CurrentControlSet\Services\ccEvtMgr

  SYSTEM\CurrentControlSet\Services\kavsvc

  SYSTEM\CurrentControlSet\Services\KWatchSvc

  SYSTEM\CurrentControlSet\Services\KPfwSvc

  SYSTEM\CurrentControlSet\Services\IDriverT

  SYSTEM\CurrentControlSet\Services\KVWSC

  SYSTEM\CurrentControlSet\Services\KVSrvXP

  SYSTEM\CurrentControlSet\Services\srservice

  SYSTEM\CurrentControlSet\Services\BITS

  SYSTEM\CurrentControlSet\Services\wuauserv

  SYSTEM\CurrentControlSet\Services\SharedAccess

  SYSTEM\CurrentControlSet\Services\wscsvc

  6jieshuxialiejincheng

  UpdateAssist.exe

  PFWLiveUpdate.exe

  PFW.exe

  RavQuick.exe

  RavCopy.exe

  RavUSB.exe

  rfwcfg.exe

  RavHDBak.exe

  ScanBD.exe

  MakeBoot.exe

  RegClean.exe

  RavStore.exe

  SmartUp.exe

  RsConfig.exe

  RsAgent.exe

  Rav.exe

  RegGuide.exe

  RavTask.exe

  RavTimer.exe

  RavStub.exe

  rfwmain.exe

  RavMon.exe

  rfwproxy.exe

  CCenter.exe

  RavMonD.exe

  rfwsrv.exe

  LUCOMS~1.EXE

  LUALL.EXE

  NMain.exe

  ccApp.exe

  SPBBCSvc.exe

  ccSetMgr.exe

  ccProxy.exe

  SNDSrvc.exe

  ccEvtMgr.exe

  symlcsvc.exe

  navapsvc.exe

  ccPwdSvc.exe

  SAVScan.exe

  NSCSRVCE.EXE

  comHost.exe

  kav.exe

  kavsvc.exe

  KAVLog2.EXE

  Rescue.EXE

  KRecycle.EXE

  Update.EXE

  KSAMain.EXE

  KATMain.EXE

  KASMain.EXE

  KAVPFW.EXE

  KAV32.EXE

  KMailMon.EXE

  KPFW32.EXE

  KAVStart.EXE

  KWatch.EXE

  KPFWSvc.EXE

  VirusBox.kxp

  kvupload.exe

  KVStub.kxp

  KVScan.kxp

  KvReport.kxp

  KVLSUI.kxp

  KVHiStory.kxp

  kvdisk.kxp

  KvDetect.exe

  KVOL.exe

  KVCenter.kxp

  KRegEx.exe

  kvinit.exe

  kvfw.exe

  KvXP.kxp

  TrojDie.kxp

  KvMailMag.kxp

  KVMonXP.kxp

  UIHost.exe

  IDriverT.exe

  kvwsc.exe

  KVSrvXP.exe

  agentsvr.exe

  SymantecCoreLC

  SPBBCSvc

  SNDSrvc

  SAVScan

  NSCService

  navapsvc

  comHost

  ccSetMgr

  ccProxy

  ccISPwdSvc

  ccEvtMgr

  kavsvc

  KWatchSvc

  KPfwSvc

  IDriverT

  KVWSC

  KVSrvXP

  srservice

  BITS

  wuauserv

  SharedAccess

  wscsvc

  8qita

  %system%\drivers\npf.sys%system%\Packet.dll%system%\WanPacket.dll%system%\wpcap.dllweiyizuwangluogongjuchengxufeibingduyonghukeyizijishanchu原文
 
 
病毒名称(中文): 病毒别名: 威胁级别: ★☆☆☆☆ 病毒类型: 黑客程序 病毒长度: 743669 影响系统: Win9xWinMeWinNTWin2000WinXPWin2003 病毒行为: 这是一个黑客后门病毒。该病毒的主要危害是在用户主机留下后门,供黑客的远程连接控制,并下载其它病毒感染计算机。该病毒为图片图标,发作时会真的打开一个图片来迷惑用户,而在后台进行感染用户主机。该病毒还会结束大量杀软进程,降低系统的安全等级。 1,生成文件 %widndows%\SYN.exe %system%\drivers\npf.sys %system%\MyPic.jpg %system%\Packet.dll %system%\WanPacket.dll %system%\wpcap.dll %widndows%\HLP.exe C:\ProgramFiles\WindowsNT\svchost.exe C:\ProgramFiles\WindowsNT\lsass.exe C:\ProgramFiles\WindowsNT\ICWUT.DLL 2,添加启动项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Internet "ImagePath"=""C:\ProgramFiles\WindowsNT\lsass.exe"ServiceStart" 3,设置下列项的注册表值 HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{EF6205C1-3F17-4829-BCB5-1336ED89E356} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{E689D735-1487-420D-9049-16ED198FE411} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{E4F500BF-C1A3-11D6-9697-0090961B771E} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{DDA166FA-B3EA-4A3B-8EE2-4F552CDEEE81} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{DA984A6D-508E-11D6-AA49-0050FF3C628D} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{BA52B914-B692-46C4-B683-905236F6F655} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{B5A34A93-D538-43A7-8371-864CB6148D12} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{9BDBC41E-C335-4263-83C0-ECE78EE28A33} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{7584C670-2274-4EFB-B00B-D6AABA6D3850} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{74D05D43-3236-11D4-BDCD-00C04F9A3B61} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{6E5A37BF-FD42-463A-877C-4EB7002E68AE} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{644E432F-49D3-41A1-8DD5-E099162EEEC5} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{6414512B-B978-451D-A0D8-FCFDF33E833C} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{2359626E-7524-4F87-B04E-22CD38A0C88C} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{17492023-C23A-453E-A040-C7C580BBF700} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} HKLM\SOFTWARE\Microsoft\InternetExplorer\ActiveXCompatibility\{0C568603-D79D-11D2-87A7-00C04FF158BB} "CompatibilityFlags"=0x400 4,删除下列杀软启动项 HKLM\Software\Microsoft\Windows\CurrentVersion\Run SKYNETPersonalFireWall RavTask RavMon RavTimer RfwMain URLLSTCK.exe ccApp KAVPersonal50 Kavrun KavPFW KavStart iDubaPersonalFireWall KVFW KvXP KvMonXP 5,删除下列服务 SYSTEM\CurrentControlSet\Services\RsCCenter SYSTEM\CurrentControlSet\Services\RsRavMon SYSTEM\CurrentControlSet\Services\RfwProxySrv SYSTEM\CurrentControlSet\Services\RfwService SYSTEM\CurrentControlSet\Services\SymantecCoreLC SYSTEM\CurrentControlSet\Services\SPBBCSvc SYSTEM\CurrentControlSet\Services\SNDSrvc SYSTEM\CurrentControlSet\Services\SAVScan SYSTEM\CurrentControlSet\Services\NSCService SYSTEM\CurrentControlSet\Services\navapsvc SYSTEM\CurrentControlSet\Services\comHost SYSTEM\CurrentControlSet\Services\ccSetMgr SYSTEM\CurrentControlSet\Services\ccProxy SYSTEM\CurrentControlSet\Services\ccISPwdSvc SYSTEM\CurrentControlSet\Services\ccEvtMgr SYSTEM\CurrentControlSet\Services\kavsvc SYSTEM\CurrentControlSet\Services\KWatchSvc SYSTEM\CurrentControlSet\Services\KPfwSvc SYSTEM\CurrentControlSet\Services\IDriverT SYSTEM\CurrentControlSet\Services\KVWSC SYSTEM\CurrentControlSet\Services\KVSrvXP SYSTEM\CurrentControlSet\Services\srservice SYSTEM\CurrentControlSet\Services\BITS SYSTEM\CurrentControlSet\Services\wuauserv SYSTEM\CurrentControlSet\Services\SharedAccess SYSTEM\CurrentControlSet\Services\wscsvc 6,结束下列进程 UpdateAssist.exe PFWLiveUpdate.exe PFW.exe RavQuick.exe RavCopy.exe RavUSB.exe rfwcfg.exe RavHDBak.exe ScanBD.exe MakeBoot.exe RegClean.exe RavStore.exe SmartUp.exe RsConfig.exe RsAgent.exe Rav.exe RegGuide.exe RavTask.exe RavTimer.exe RavStub.exe rfwmain.exe RavMon.exe rfwproxy.exe CCenter.exe RavMonD.exe rfwsrv.exe LUCOMS~1.EXE LUALL.EXE NMain.exe ccApp.exe SPBBCSvc.exe ccSetMgr.exe ccProxy.exe SNDSrvc.exe ccEvtMgr.exe symlcsvc.exe navapsvc.exe ccPwdSvc.exe SAVScan.exe NSCSRVCE.EXE comHost.exe kav.exe kavsvc.exe KAVLog2.EXE Rescue.EXE KRecycle.EXE Update.EXE KSAMain.EXE KATMain.EXE KASMain.EXE KAVPFW.EXE KAV32.EXE KMailMon.EXE KPFW32.EXE KAVStart.EXE KWatch.EXE KPFWSvc.EXE VirusBox.kxp kvupload.exe KVStub.kxp KVScan.kxp KvReport.kxp KVLSUI.kxp KVHiStory.kxp kvdisk.kxp KvDetect.exe KVOL.exe KVCenter.kxp KRegEx.exe kvinit.exe kvfw.exe KvXP.kxp TrojDie.kxp KvMailMag.kxp KVMonXP.kxp UIHost.exe IDriverT.exe kvwsc.exe KVSrvXP.exe agentsvr.exe SymantecCoreLC SPBBCSvc SNDSrvc SAVScan NSCService navapsvc comHost ccSetMgr ccProxy ccISPwdSvc ccEvtMgr kavsvc KWatchSvc KPfwSvc IDriverT KVWSC KVSrvXP srservice BITS wuauserv SharedAccess wscsvc 8,其它 %system%\drivers\npf.sys、%system%\Packet.dll、%system%\WanPacket.dll、%system%\wpcap.dll为一组网络工具程序,非病毒,用户可以自己删除。
󰈣󰈤
日版宠物情人插曲《Winding Road》歌词

日版宠物情人2017的插曲,很带节奏感,日语的,女生唱的。 最后听见是在第8集的时候女主手割伤了,然后男主用嘴帮她吸了一下,插曲就出来了。 歌手:Def...

兄弟共妻,我成了他们夜里的美食

老钟家的两个儿子很特别,就是跟其他的人不太一样,魔一般的执着。兄弟俩都到了要结婚的年龄了,不管自家老爹怎么磨破嘴皮子,兄弟俩说不娶就不娶,老父母为兄弟两操碎了心...

网络安全治理:国家安全保障的主要方向是打击犯罪,而不是处置和惩罚受害者

来源:中国青年报 新的攻击方法不断涌现,黑客几乎永远占据网络攻击的上风,我们不可能通过技术手段杜绝网络攻击。国家安全保障的主要方向是打击犯罪,而不是处置和惩罚...

 
 
 
>>返回首页<<
 为你推荐
 
 
 
 转载本文
 UBB代码 HTML代码
复制到剪贴板...
 
 
 热帖排行
 
清纯得让人窒息(7)
清纯得让人窒息(6)
天泽海韵宣传片
赣州文庙
 
 
王朝网络微信公众号
微信扫码关注本站公众号wangchaonetcn
 
  免责声明:本文仅代表作者个人观点,与王朝网络无关。王朝网络登载此文出于传递更多信息之目的,并不意味着赞同其观点或证实其描述,其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
 
 
©2005- 王朝网络 版权所有