Win32.Troj.Cozit.a是指一種病毒,該病毒通過KaZaA P2P網路傳播,用Borland C++編寫且使用UPX壓縮。它複製自身到Windows目錄,同時修改註冊表,使得其在Windows啟動時自動運行。
基本介紹
- 中文名:Win32.Troj.Cozit.a
- 處理時間:2002-10-17
- 威脅級別:★★
- 病毒類型:木馬
病毒簡介,病毒行為,
病毒簡介
【病毒名稱】:Win32.Troj.Cozit.a
【處理時間】:2002-10-17
【影響系統】:Win9x / WinNT
病毒行為
1.病毒將自己複製到Windows目錄下以Svchost.exe名字存在。
2.如果註冊表鍵:HKEY_CURRENT_USER\Software\Kazaa\LocalContent 存在,病毒會複製自身到KaZaA下載資料夾下,檔案名稱如下:
Unreal 3 Patch.exe
UnrealTournament2003 Demo.exe
UnrealTournament2003 Patch.exe
UnrealTournament2003 Bugfix.exe
UnrealTournament2003 Crack.exe
UnrealTournament2003 Cheat.exe
Unreal 3 Crack.exe
Unreal 3 Bugfix.exe
Unreal 3 Cheat.exe
UT2003 Demo.exe
UT2003 Patch.exe
UT2003 Bugfix.exe
UT Patch.exe
Free Sex.exe
Sex Poker.exe
Wc3 Keygen.exe
Free Porn.exe
Wet Teen.exe
Pamela Andersson Sex.exe
X-Files.exe
Serials.exe
Teens.exe
Naughty Pictures.exe
WinZip.exe
AOL Hacker.exe
AOL Cracker.exe
Hotmail Hacker.exe
Hotmail Cracker.exe
Hacker.exe
Spiderman.exe
Lolitas.exe
DC Hacker.exe
DC Cracker.exe
DC Cheater.exe
DC++ Cracker.exe
DC++ Cheater.exe
DC++ Hacker.exe
DC++ Faker.exe
DC++ Fakeshare.exe
ICQ Hacker.exe
ICQ Cracker.exe
ICQ Nuker.exe
Nuker.exe
WinNuke.exe
Backdoor.exe
Trojan.exe
AD Remover.exe
Jet Li.avi.exe
DivX 5 Codecs.exe
SVCD Codecs.exe
Divx Player.exe
ICMP Nuke.exe
WinZip crack.exe
Naked Girls.exe
KaZaA.exe
Optimize your bandwidth.exe
Getright.exe
Serialz.exe
ScreenSaver.exe
Crack.exe
Jennifer Lopez Sex.exe
Warcraft 3 Patch.exe
Warcraft 3 Bugfix.exe
Warcraft 3 Cheat.exe
Warcraft 3 Serial.exe
Counter-Strike Keygen.exe
Counter-Strike Patch.exe
Counter-Strike Cheats.exe
Getright Keygen.exe
Warcraft 3 Keygen.exe
然後,病毒將註冊表鍵值:
HKEY_CURRENT_USER\Software\Kazaa\LocalContent\DisableSharing
設定為0,使得下載目錄被共享。
3.在12月1日,病毒更改title欄前台視窗顯示的信息為:
"Lucky You [Mooze] Is Not In Bad Mood Today Coz It's Soon Christmas".
(原本為:"[Mooze] By [Mooze / Spawned Vikings]")
