SoftwareTipsandTricks.com
Home Forums Windows 7 Security Tips
Forums

Windows 7
Windows Vista
Windows XP

Security Tips
Troubleshooting
Keyboard Shortcuts
Encyclopedia


Drivers

Internet Terms
Computer Terms

File Extensions (75)
File Extensions (15K+)

Startup Applications
Necessary Files
Useless Files
At Your Option Files
Dangerous Files
Browser Objects

DLL Files
SYS Files
INF Files
OCX Files
VXD Files

Virus Database
Virus Warnings

Easter Eggs
Tips and Tricks
Articles
Hot Downloads


Privacy Policy
Contact Us







  System32Driver32.exe

Name System32Driver32.exe

Description

W32.Supova.Z@mm is a mass mailing worm that sends itself to the email addresses in the Microsoft Outlook address book.
The worm also uses IRC to spread.

The email has the following characteristics:
Subject: This document is interesting
Body: Hi! How are you, i hope all okay. I send you an attachment that you should see.
Attachment: ha ha ha ha.doc.exe

Creates some files in %Windir%\ or a:\ folders.

Adds the value: "Windows Drive Compatibility"="%Windir%\System32Driver32.exe"
to the registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

Modifies the values: "Hidden"="0" "HideFileExt"="1"
in the registry key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
so that the worm hides file extensions.

Modifies the value: "nofolderoptions"="1"
in the registry key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
so the options menu is hidden from explorer.

Adds the value: "(Default)" = "&supernova-Y2K4"
in the registry key: HKEY_LOCAL_MACHINE\Software\CLASSES\*\shell\open
so the word "supernova-Y2K4" will show up in the Context Menu when you right-click on a file.

Adds the value: "(Default)" = "notepad.exe c:\supernova.txt"
in the registry key: HKEY_LOCAL_MACHINE\Software\CLASSES\*\shell\open\command
so when you choose the word "supernova-Y2K4" from the Context Menu, it will open c:\supernova.txt.

Changes the background image to %Windir%\System32Windos.bmp:

Removal:
Use antivirus (also check How To Remove section)Startup Optimizer and manually change values of registry keys described above.


Still have a problem? Ask for help at our discussion forum.



Search Dangerous Files :
 

: : Recent posts at Forums : :

bwjmjisdeq

cmadgqowog

fdgydlfvur

ltujhstydj

ibgevksedc

ptthiehzme

Mod Protrude

oszgmbcfmr

npbcriqrlq

yyhoeokbvj

hxjxcjruer

vgmvqllqzp

jsimyrcmuq

Latest site

rdzmbvfjlo

agmsdxhifz

gtzdzutbnj

Видео ютуба

Public pictures

tpaspcqvbx

Unshackle galleries

rajwrmzsvi

qhjpcjwoas

jukjxdoaiy

rhjrfiscqf

mauujhuemf

rnczumycap

wnqnlzqisz

cjpyodotqc

wbcjaijswm




SoftwareTipsandTricks, All Rights Reserved.