“Trojan/PopMonster”的意思、由来-中文百科全书

Trojan/PopMonster

病毒长度：变长

病毒类型：木马

危害等级：*

影响平台：Win9X/2000/XP/NT/Me

Trojan/PopMonster是一个不能自动激活的程序，运行时首先会进行安装。

传播过程及特征：

1.修改注册表：

添加下列键值：

HKEY_CURRENT_USER\\Software\\180solutions\\msbb

HKEY_LOCAL_MACHINE\\Software\\iefeatures\\ "lastdate"

HKEY_LOCAL_MACHINE\\Software\\iefeatures\\ "popstate"

HKEY_LOCAL_MACHINE\\Software\\iefeatures\\ "sys"

HKEY_LOCAL_MACHINE\\Software\\iefeatures\\ "userid"

HKEY_LOCAL_MACHINE\\Software\\iefeatures\\ "version"

HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run

"iefeatures" = "%Windir%\\IEFEATURES.exe"

HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run

"msbb" = "%Windir%\\MSBB\\MSBB.EXE"

HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run "MSVersion"

HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\msbb

"DisplayName" = "PAD Lookups by n-CASE "

HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\msbb

"default" = "UninstallString"

HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\CASE

"DisplayName" = "Interstitial Ad Delivery by n-CASE"

HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main

"Start Page" = "http://popnav.com"

HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Main

"Start Page" = "http://popnav.com"

2.生成文件：

%Windir%\\Desktop\\Eliminate Popups.url

%Windir%\\Desktop\\Internet Privacy Software.url

%Windir%\\Desktop\\Yahoo.url

%Windir%\\Favorites\\Ebay.url

%Windir%\\Favorites\\Search Now.url

%Windir%\\Favorites\\Stop Popups.url

%Windir%\\Favorites\\Internet Tools\\Internet Privacy Software.url

%Windir%\\Favorites\\Internet Tools\\Online Virus Scan.url

%Windir%\\Favorites\\Internet Tools\\Popup Blocker.url

%Windir%\\Favorites\\Search\\Search Casinos.url

%Windir%\\Favorites\\Search\\Search Dating.url

%Windir%\\Favorites\\Search\\Search Now.url

%Windir%\\Favorites\\Search\\Search Sports.url

%Windir%\\Favorites\\Shopping\\Best Buy.url

%Windir%\\Favorites\\Shopping\\Buy.com.url

%Windir%\\Favorites\\Shopping\\Ebay.url

%Windir%\\Favorites\\Shopping\\WalMart.url

%System%\\iefeatures.exe

%System%\\MSrdk.xml

%System%\\msbb\\kyf.dat

%System%\\msbb\\msbb.exe

词条	Trojan/PopMonster
释义	Trojan/PopMonster 病毒长度：变长病毒类型：木马危害等级：* 影响平台：Win9X/2000/XP/NT/Me Trojan/PopMonster是一个不能自动激活的程序，运行时首先会进行安装。传播过程及特征： 1.修改注册表：添加下列键值： HKEY_CURRENT_USER\\Software\\180solutions\\msbb HKEY_LOCAL_MACHINE\\Software\\iefeatures\\ "lastdate" HKEY_LOCAL_MACHINE\\Software\\iefeatures\\ "popstate" HKEY_LOCAL_MACHINE\\Software\\iefeatures\\ "sys" HKEY_LOCAL_MACHINE\\Software\\iefeatures\\ "userid" HKEY_LOCAL_MACHINE\\Software\\iefeatures\\ "version" HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run "iefeatures" = "%Windir%\\IEFEATURES.exe" HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run "msbb" = "%Windir%\\MSBB\\MSBB.EXE" HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run "MSVersion" HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\msbb "DisplayName" = "PAD Lookups by n-CASE " HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\msbb "default" = "UninstallString" HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\CASE "DisplayName" = "Interstitial Ad Delivery by n-CASE" HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main "Start Page" = "http://popnav.com" HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Main "Start Page" = "http://popnav.com" 2.生成文件： %Windir%\\Desktop\\Eliminate Popups.url %Windir%\\Desktop\\Internet Privacy Software.url %Windir%\\Desktop\\Yahoo.url %Windir%\\Favorites\\Ebay.url %Windir%\\Favorites\\Search Now.url %Windir%\\Favorites\\Stop Popups.url %Windir%\\Favorites\\Internet Tools\\Internet Privacy Software.url %Windir%\\Favorites\\Internet Tools\\Online Virus Scan.url %Windir%\\Favorites\\Internet Tools\\Popup Blocker.url %Windir%\\Favorites\\Search\\Search Casinos.url %Windir%\\Favorites\\Search\\Search Dating.url %Windir%\\Favorites\\Search\\Search Now.url %Windir%\\Favorites\\Search\\Search Sports.url %Windir%\\Favorites\\Shopping\\Best Buy.url %Windir%\\Favorites\\Shopping\\Buy.com.url %Windir%\\Favorites\\Shopping\\Ebay.url %Windir%\\Favorites\\Shopping\\WalMart.url %System%\\iefeatures.exe %System%\\MSrdk.xml %System%\\msbb\\kyf.dat %System%\\msbb\\msbb.exe
随便看	从海胆到多利羊:探索克隆技术从海盗船逃脱从海底窜出从海防战备前沿到两岸交流前沿从汉风到唐音从汉风到唐音：古中文学演进论稿从汉风到唐音：中古文学演进论稿从汉奸到英雄从荷马到鲍德里亚从核弹到核电从核弹到核电：核能中国从核心扩张从和谐中国到和谐世界从合成蛋白质到合成核酸从合格到卓越从合作到决裂:蒋介石与冯玉祥从河底问好从赫尔利到马歇尔：美国调处国共矛盾始末从赫鲁晓夫到普京从褐色工业到绿色文明从黑土地走来：边疆插队落户生活纪实从横从衡从鸿逵从宏量到微量