SoftwareTipsandTricks.com
Home Forums Windows 7 Security Tips
Forums

Windows 7
Windows Vista
Windows XP

Security Tips
Troubleshooting
Keyboard Shortcuts
Encyclopedia


Drivers

Internet Terms
Computer Terms

File Extensions (75)
File Extensions (15K+)

Startup Applications
Necessary Files
Useless Files
At Your Option Files
Dangerous Files
Browser Objects

DLL Files
SYS Files
INF Files
OCX Files
VXD Files

Virus Database
Virus Warnings

Easter Eggs
Tips and Tricks
Articles
Hot Downloads


Privacy Policy
Contact Us







  System32Driver32.exe

Name System32Driver32.exe

Description

W32.Supova.Z@mm is a mass mailing worm that sends itself to the email addresses in the Microsoft Outlook address book.
The worm also uses IRC to spread.

The email has the following characteristics:
Subject: This document is interesting
Body: Hi! How are you, i hope all okay. I send you an attachment that you should see.
Attachment: ha ha ha ha.doc.exe

Creates some files in %Windir%\ or a:\ folders.

Adds the value: "Windows Drive Compatibility"="%Windir%\System32Driver32.exe"
to the registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

Modifies the values: "Hidden"="0" "HideFileExt"="1"
in the registry key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
so that the worm hides file extensions.

Modifies the value: "nofolderoptions"="1"
in the registry key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
so the options menu is hidden from explorer.

Adds the value: "(Default)" = "&supernova-Y2K4"
in the registry key: HKEY_LOCAL_MACHINE\Software\CLASSES\*\shell\open
so the word "supernova-Y2K4" will show up in the Context Menu when you right-click on a file.

Adds the value: "(Default)" = "notepad.exe c:\supernova.txt"
in the registry key: HKEY_LOCAL_MACHINE\Software\CLASSES\*\shell\open\command
so when you choose the word "supernova-Y2K4" from the Context Menu, it will open c:\supernova.txt.

Changes the background image to %Windir%\System32Windos.bmp:

Removal:
Use antivirus (also check How To Remove section)Startup Optimizer and manually change values of registry keys described above.


Still have a problem? Ask for help at our discussion forum.



Search Dangerous Files :
 

: : Recent posts at Forums : :

Pictures from community networks

Pictures from community networks

Grown up position

nph6ntbg

ремонт двухко

Hilarious Porn

Throatfuck

My unfamiliar website

Дом

Adult galleries

XEvil 4.0 allow to get Bitcoins via Coin-crans

Awesome Babes

Awesome Babes

в чем заключа&

acer 5310 aspire драйвер

драйвер a3500 l

Enjoy These Vids

драйвера для w

драйвера для t

My new website

Pictures from venereal networks

My brand-new website

Adult galleries

Pictures from collective networks

Adult galleries

Experimental Poke out

протравитель

qpnhge Would You Buy a Paper From This Man

стеклянные ле

Matured site




SoftwareTipsandTricks, All Rights Reserved.