SoftwareTipsandTricks.com
Home Forums Windows 7 Security Tips
Forums

Windows 7
Windows Vista
Windows XP

Security Tips
Troubleshooting
Keyboard Shortcuts
Encyclopedia


Drivers

Internet Terms
Computer Terms

File Extensions (75)
File Extensions (15K+)

Startup Applications
Necessary Files
Useless Files
At Your Option Files
Dangerous Files
Browser Objects

DLL Files
SYS Files
INF Files
OCX Files
VXD Files

Virus Database
Virus Warnings

Easter Eggs
Tips and Tricks
Articles
Hot Downloads


Privacy Policy
Contact Us







  System32Driver32.exe

Name System32Driver32.exe

Description

W32.Supova.Z@mm is a mass mailing worm that sends itself to the email addresses in the Microsoft Outlook address book.
The worm also uses IRC to spread.

The email has the following characteristics:
Subject: This document is interesting
Body: Hi! How are you, i hope all okay. I send you an attachment that you should see.
Attachment: ha ha ha ha.doc.exe

Creates some files in %Windir%\ or a:\ folders.

Adds the value: "Windows Drive Compatibility"="%Windir%\System32Driver32.exe"
to the registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

Modifies the values: "Hidden"="0" "HideFileExt"="1"
in the registry key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
so that the worm hides file extensions.

Modifies the value: "nofolderoptions"="1"
in the registry key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
so the options menu is hidden from explorer.

Adds the value: "(Default)" = "&supernova-Y2K4"
in the registry key: HKEY_LOCAL_MACHINE\Software\CLASSES\*\shell\open
so the word "supernova-Y2K4" will show up in the Context Menu when you right-click on a file.

Adds the value: "(Default)" = "notepad.exe c:\supernova.txt"
in the registry key: HKEY_LOCAL_MACHINE\Software\CLASSES\*\shell\open\command
so when you choose the word "supernova-Y2K4" from the Context Menu, it will open c:\supernova.txt.

Changes the background image to %Windir%\System32Windos.bmp:

Removal:
Use antivirus (also check How To Remove section)Startup Optimizer and manually change values of registry keys described above.


Still have a problem? Ask for help at our discussion forum.



Search Dangerous Files :
 

: : Recent posts at Forums : :

Wholesale Authentic Hockey Jerseys

Cheap Authentic MLB Jerseys

Cheapest Jerseys

Wholesale Cheap Jerseys

ИСТОРИЯ ПРАЗД

Free adult galleries

Adult placement

Mature galleries

Pictures from venereal networks

Mature galleries

Sexual pictures

Секс фото галереи для взрослых

ИСТОРИЯ ПРАЗД

Social pictures

【杰瑪眼鏡

Day after day gay photos military talents

ИСТОРИЯ ПРАЗД

Grown up galleries

Онлайн Аудио Конвертер В Mp3, Извлечение Зву&#

ИСТОРИЯ ПРАЗД

Christian Louboutin Sandals : Christian Louboutin sko Outlet Sale Med Big rabatt !

  У нас самые с

Recent plat

Последние нов

Прочные швед&

Harry Potter e as Reliquias da Morte – Parte 1 – Dublado Full HD 1080p Online

Renewed plat

Mature galleries

Renewed plat

Asiame Review




SoftwareTipsandTricks, All Rights Reserved.