W32/Doep.A

Descripción

W32/Doep.A, es un gusano que se difunde a través de recursos compartidos en la red y programas de intercambio de archivos como KaZaa, eMule, eDonkey2000, Lphant y Overnet.

Luego intenta copiarse a si mismo dentro de la carpeta INF que se encuentra en %system%, utilizando los siguientes nombres:

• Full Downloader
• LAST Official Patch
• ALL Cracks
• KeyGen
• NOCD
• Crack
• I LiKe SuRFing on THe Web
• Aprende a programar virus en 7 dias
• More than 300 Game Cracks (astalavista.com Group)
• How to crack Windows Xp and Office XP
• Windows XP Password Recovery - Unlock Administrator
• Mahjongg Deluxe
• Pamela Anderson Multimedia Screen Saver
• 3d Studio Max All Cracks
• All Panda Editions Cracks
• NetsKy && Sasser Patch WIN XP Anti Virus
• All Codecs (XVID, DIVX, OGG, OGM, AC3) for WIN Media Player
• All Codecs (XVID, DIVX, OGG, OGM, AC3)
• XVID Codec For Windows Media Player
• Windows XP Pro Serial Key Changer
• Adobe Photoshop CS 8
• All Windows (95, 98, Me, Nt, 2000, Xp)
• Service Pack 1 & 2 WIN XP
• Windows Xp Sp2 Service Pack
• Windows Xp Sp1 Service Pack
• WindowsXP-KB835732-x86-ESN
• Patch Sasser FixTool
• Gran Turismo 4
• Gran Turismo 3
• City of Heroes
• Metal Gear Solid 3 - Snake Eater
• EverQuest 2
• EverQuest
• The Sims (all expansions)
• The Sims 2
• Halo 2
• Metal Gear Acid
• Metal Gear Solid
• CSI
• Psi - Ops
• Black Window
• Empire Earth Art of Conquest
• Empire Earth
• Halflife 2
• Halflife
• Lord of the Rings - The Two Towers
• Lord of the Rings - Return of the King
• Lord of the Rings - Fellowship of The Ring
• Dynomite
• World of Warcraft (play online free)
• Star Wars Galaxies (how to play free online)
• Ragnarok Online
• Warcraft Online
• Dungeon keeper 2
• Diablo
• Diablo 2
• Diablo 2 Lord Of Destruction
• Unreal Tournament 2003
• Unreal 2 - The Awakening
• Unreal Tournament
• Unreal 2
• Quake 4
• Quake 3
• Battlefield Vietnam
• Battlefield 1942 - Secret Weapons of WWII
• Battlefield 1942 - Road To Rome
• Battle Realms
• Battle Realms - Winter of Wolf
• Baldurs Gate
• Baldurs Gate 2
• Baldurs Gate 2 - Throne of bhaal
• Counter Strike - Condition Zero
• Counter Strike (serials for internet)
• Command & Conquer - Renegade
• Commandos
• Commandos 2
• Commandos 3 - Destination Berlin
• Colin McRae Rally 3
• Civilization 3 - Conquests
• Civilization 3
• ChampionShip Manager
• Call of Duty PRIVATE SERVER
• Principe de Persia - Sand of time
• Pc Futbol
• Pc Real Madrid
• Phantasy Star Online
• Alien Vs Predator 2
• Alien Vs Predator
• Age of Mythology - The Titans Expansion
• Age of Mythology
• Age of Empires - The Conquerors
• Age of Empires - The age of Kings
• Age of Empires - Rise of Rome
• Age of Empires 2
• Universal Combat
• Battlecruiser Millennium Gold
• PainKiller
• Warcraft 3 - Reign Of Chaos
• Warcraft 3 - Frozen Throne
• Call of Duty
• Splinter Cell Pandora Tomorrow
• Splinter Cell
• Starcraft BroodWar
• BattleField 1942
• Age of Empires
• - -. DIVX .-
• www.CompressedXXXVideos.com
• DIVX 5.1.1
• - --The Best Compressed videos DIVX 5--
• - --Video Collection--
• - -. Self-Extracting .-
• HENTAI
• Anime
• Norton
• Shaved
• - -. MONICA .-
• fucked
• Girl
• amateur
• espa
• olas
• preteen
• ANIME .- Hentai -.
• cumshot
• casting
• 13 years
• Sylvia Saint
• Pamela Anderson
• Merrit Cabal && Pamela Anderson
• playboy
• 3000 photos
• video
• hidden camera
• couple
• bed
• naked
• Sucks
• fucking
• fuck
• sex
• sybian
• sister
• porn
• adult
• incest
• rape
• bitch
• slut
• french
• cute
• young
• teen
• qwerty
• pussy
• lolita
• britney spears
• lesbian
• upskirt
• sexe
• porno
• photos
• 019.-.Nikki.-.fuckingmachines.com.-(on-sex-machines-sybian-lesbian-dildo-penetration-vibrator)-.shadow
• Young.Blonde.Lesbians...#129..-..Candy.Films..HOT!.CD.Girls.Als.Porn.Lesbian.xxx.breasts.vibrator.sybian.dildo.piss.pissing.fisting
• cdgirls_movie-.sybian-.aria.giovanni.HOT.orgasm
• BEST.young.teen.underage.anal.rape.sex.hot.fucking.blond.porn.xxx.-.COMPLETE.10megs
• Teen.Anal.Sex.Pornos.Videos.Pics.Pictures.Movies.Mpegs.Mpgs.Avis.Black.Asian.Gay.Lesbian.Hardcore.Girls.Teens.Nude.Fucki.mpg
• hot.drunk.teen.topless.15yr.-.homemade.sister.nude.tits.sex.xxx.qwerty.ddoggprn.topless.rape.incest
• Private-Xxx-Julia.Chanel.1Er.Casting.Hard-Video.DivX.Fr.Teen.Sex.Sexe.avi
• teen.couple.on.bed.naked.having.sex.14.15.16.17.amateur.xxx.girl.boy.tits.ass.lolita.illegal.high.school.voyeur(1)
• Teen.Girl.Gets.Fucked.With.Cock.In.Pussy.And.Sucks.French.Cumshot.(Blowjob).Ass.Anal.Lesbian.Dildo.Cunt.Porno.Dick.Xxx.A
• Birthday.Parties.(Home.Movie;.Mpg;.Self-Extracting)....Incest.Xxx.Fuck.Porn.Sex.Fisting.Oral.Blow.Job.Pre-Teen.Asian
• Young.Teen.Casting.Firts.Time.On.Cam.(Thehunter.10Min).(Teen.Girl.Preteen.Webcam.Sex.Child.Amateur.Voyeur.Boy.Thai.Asian.Nu
• Katherine-young.13.year.old.pre-teen.lolita.bounces.on.a.much.older.mans.
• love.muscle(incest.rape.teen.hardcore.sex.xxx)
• My.Friend's.Hot.Blonde.Wife.Nude.At.A.Party.-.Slutty.XXX.Teen.Slut.Sex.Porn.Fuck.Amateur.Tits.Ass.Pussy.Blowjob(5)
• naughty.college.school.girls.6-best.porn.clip.ever.-.Divx.mpg.avi.Porno.teen.XXX.movie.sex.blonde.redhead.gangbang.cumshot.mpg
• 17yr.boy.doggyfuck.16yr.sister.brother.lolita.child.preteen.1(1)(lolitas,.sex,.porn,.hentai,.manga,.rape,.anime,.tenchi,.britney.spears)
• 18.Year.Old.Being.Taught.By.Daddy.--.Fisting.Incest.Child.Teen.Preteen.Lolita.Young.Gay.Porn
• 18.Year.Old.Girlfriend.Playing.With.Her.Pussy.(Tits.Amateur.Sex.Teen.Lolita.Fuck.Orgasm)
• 16yo.cute.shaved.lolita.spread.legs.-.7ee3.-..bald.pussy.teen.cunt..-.sex.ass.incest.preteen.kiddy.porn.bdsm.bitch.whore
• BAMBINA-Collection_01-Real_Child_Porn!!!(illegal_preteen_underage_lolita_kiddy_incest_little_girl_rape_anal_cum_sex_lesb(1).mpg
• spying.on.my.sister.-.young.teen,.hidden.camera,.exhibitionists,.amateur,.voyeur,.spycams,.movies,.lolita,.lolitas,.ince.mpg
• young.topless.pulling.down.panties...........porn.teen.lolita.young.amatuer.fuck.playboy.pussy.tits.nude.voyeur.girl.sex
• Incest.18Yr.Fucks.His.Mature.Mom.Mpg.Mpeg.Avi.Lolita.Porn.Teen
• Lolita.College.Chick.Sucks.And.Fucks.Cucumber.In.Shaved.Hairless.Pussy.Xxx.Teen.Sex.Porno
• Pussy.Anna.Oman.Virginia.Pussy.Fistfuck.Shaved.Young.Teen.Sex.Fuck.Fist.Anal.Lesbian.Hardcore.Dick.Porno.Lolita
• teen.couple.on.bed.naked.having.sex.14.15.16.17.amateur.xxx.girl.boy.tits.ass.lolita.illegal.high.school.voyeur
• 5.young.student.girls.fucked.by.2.gym.teachers.(Lolita.Teen.Preteen.Porn.Rape.Sex.Nude).QWER
• LOLITA....Italian.teen.-.best.ever....(xxx.porn.sex)
• Young.Cute.French.Slut.Bitch.Practically.Rape.Incest.Sex.Xxx.Porno.Preteenage.Lolita.Hardcore.Fuck.Anal.Blow.Job.Fuck.Ki
• 3000.fotos.photos.porno.XXX.sexe_upskirt_lesbian_britney.spears_lolita_pussy_qwerty_teen_young

La extensión del archivo puede ser un .exe, .avi o un archivo .zip que contiene una de las dos extensiones previas.

También modifica la configuración en el registro del sistema de los programas que comparten archivos como el KaZaa, eMule, eDonkey2000, Lphant y Overnet, para que la nueva carpeta compartida de dichos programas sea %system%\inf

Finalmente intentará eliminar las siguientes entradas:

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\avserve.exe

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\avserve2.exe

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\skynetave.exe

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Program In Windows

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SystemTra

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\VFW Encoder/Decoder Settings

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Protected Storage

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\BagleAV

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Norton Antivirus AV

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ICQ Net

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SysMonXP

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Service Host

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell

• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\drvsys.exe

• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\drvddll.exe

Derechos reservados 1992/2004 HackSoft S.R.L. Lima-Perú