| 词条 | w97m_class_d病毒 |
| 释义 | § w97m_class_d病毒 病毒名称:w97m_class_d 别名:W97M/Class.D,Word97Macro.Class 在五月到十二月的十四日如果运行被感染文件,就会又一个信息框会显示出来,内容如下: - Class.Poppy X I Think " (word97 reg. User name) " is a big stupid jerk! OK 同时病毒在以下位置修改登录用户和登录组织的信息: HKLM/Software/Microsoft/Windows/CurrentVersion RegisteredOwnder="VicodinES/VB/TNN" RegisteredOrganization="-(Dr. Diet Mountain Dew) 该病毒和KRIZ.3836病毒很相似,不同的是增加了一些程序,而且,如果SoftIce调试程序安装在系统中的时候,病毒的破坏程序会被激活;病毒含有的字符串也有不同,这个病毒的字符串是:T-2000 / Immortal Riot 。 当一个被该病毒感染的程序文件执行时,病毒首先感染KERNELL32.DLL,在此后,每次启动Windows病毒立即变为常驻内存的,并感染每一个Win32的可执行程序。 病毒在每次感染前都查找文件,如果与下列文件名匹配,感染就不会发生。(AVP32.EXE,AVPM.EXE,ALERTSVC.EXE,AMON.EXE,AVP32.EXE,AVPM.EXE,N32SCANW.EXE,NAVAPSVC.EXE,NAVAPW32.EXE,NAVLU32.EXE,NAVRUNR.EXE,NAVWNT.EXE,NOD32.EXE,NPSSVC.EXE,NSCHEDNT.EXE,NSPLUGIN.EXE,SCAN.EXE,SMSS.EXE) 该病毒具有相当破坏性的有效载荷,当12月25日病毒被触发,它将毁坏CMOS数据,向染毒机器的所有文件写入垃圾数据并破坏Flash BIOS。该病毒使用秘密技术来加密它的代码,在解密以后,你会在病毒体中发现下面的文本: =( 【c】 1999 【t】 )= YOU CALL IT RELIGION, YOU'RE FULL OF SHIT YOU NEVER KNEW, YOU NEVER DID, YOU NEVER WILL YOU'RE SO FULL OF SHIT, I DON'T WANT TO HEAR IT ALL YOU DO IS TALK ABOUT YOURSELF I DON'T WANNA HEAR IT, COZ I KNOW NONE OF IT'S TRUE I'M SICK AND TIRED OF ALL YOUR GODDAMN LIES LIES IN THE NAME OF GOD WHEN ARE YOU GOING TO REALIZE THAT I DON'T WANT TO HEAR IT?! I KNOW YOU'RE SO FULL OF SHIT, SO SHUT YOUR FUCKING MOUTH YOU KEEP ON TALKING, TALKING EVERYDAY FIRST YOU'RE TELLING STORIES, THEN YOU'RE TELLING LIES WHEN THE FUCK ARE YOU GOING TO REALIZE THAT I DON'T WANT TO HEAR IT!! AH, SHUT THE FUCK UP... |
| 随便看 |
百科全书收录594082条中文百科知识,基本涵盖了大多数领域的百科知识,是一部内容开放、自由的电子版百科全书。