SoftwareTipsandTricks.com
Home Forums Windows XP Vista
Forums

Windows XP
Windows Vista

Easter Eggs
Tips and Tricks
Articles


Virus Warnings
Hot Downloads

Drivers

Internet Terms
Computer Terms

File Extensions (75)
File Extensions (15K+)

Startup Applications
Necessary Files
Useless Files
At Your Option Files
Dangerous Files
Browser Objects

DLL Files
SYS Files
INF Files
OCX Files
VXD Files

Virus Database

Newsletters
Tell a Friend

Site Map
Link to Us
Contact Us







  %SysDir%\NvCpl.EXE

Name %SysDir%\NvCpl.EXE

Description

 Worm W32.Yanz.B@mm
It is a mass-mailing worm that uses its own SMTP engine for spreading.
1. Adds to Windows startup.
It masks to NVIDIA control panel application NvCpl.exe.
2. Creates the files
%System%\Dong_Shi.exe
%System%\NvCpl.EXE
C:\Yanzi.htm
%Windir%\Sun_YanZI.zip (a zip file that contains a file Sun_Yan_Zi-Shen_Q1.mp3.pif - it is a copy of the worm)
%System%\Huai_Tian_Q1.sys ( an MIME-encoded zip file that contains a file Sun_Yan_Zi-Shen_Q1.mp3.pif - it is a copy of the worm)
%System%\I_am_Sun_Yanzi.sys. (an MIME-encoded worm)
YanZi.vbs. (this file is created in the current folder and it creates the file sun.exe)
When the file sun.exe runs, it creates three .jpg files under %Temp% folder. The file names have "SuN" as prefix.
One of these files is a Trojan that exploits the Microsoft GDI+ Library JPEG Segment Length Integer Underflow vulnerability (described in the Microsoft Security Bulletin MS04-028) to download and execute a file named m00.exe, from the domain sunyanzi.fastmail.cn. This file is also a Trojan.



Search Dangerous Files :
 

: : Recent posts at Forums : :
Windows explorer error - ntdll.dll HELP!!

No sound after reformatting XP Home

Screen goes dark soon after the computer finishes booting

Access denied when trying to access one partition from another

Intel 82801EB ICH5 - AC'97 Audio Controller

No Sound !!!

hi there every1

Outlook 2007 Error: cannot select web links

Internet Explorer 6 and high CPU Usage

Help DVD Drive not detected

can you delete my account?

Multimedia Audio Controller Problems

Lost windows xp login password

sound drivers Intel(R) 82801BA/BAM AC'97 Audio Controller

Forgotten Windows Vista Password.

unsecured.... people may be able to see your stuff...

another 'no audio device' problem and cant open some files problem!

No Sound.. Says No Audio Device, but drivers are there and enabled "working properly"

sis 7012 driver issue

CD/DVD RW not reading discs (code 19)

NO Sound problem

audio issus

I dont know what my sound driver is

2007 student microsoft office word document in vista

No sound

Multimedia Audio Controller; Missing Driver.

AC97 driver for xp needed!

Audio driver not installed - how to find it?

Cannot Download Service Pack2~!

Skype 4.1


SoftwareTipsandTricks, All Rights Reserved.