请输入您要查询的百科知识:

 

词条 Worm.Mytob.au
释义

病毒别名:Net-Worm.Win32.Mytob.au[AVP]

处理时间:

威胁级别:★★

中文名称:

病毒类型:蠕虫

影响系统:Win9x / WinNT

病毒行为:

这是一个通过电子邮件传播的蠕虫病毒。该病毒会使用自带的SMTP引擎疯狂向外发送带毒邮件,诱骗邮件接收者打开附件。禁止用户访问某些著名的反病毒网站,从网上下载病毒到本地机器运行,还会在感染机器上留下后门以便攻击者可以通过IRC来控制被感染机器。

1)释放病毒副本LIENVANDEKELDER.EXE到系统目录下

2)添加注册表启动项:

HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunServices

"http://www.lienvandekelder.be"="LienVandeKelder.exe"

HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run

"http://www.lienvandekelder.be"="LienVandeKelder.exe"

3)使用自己的SMTP引擎向外发送邮件:

取下面的某一行做为邮件主题:

*IMPORTANT* Please Validate Your Email Account

*IMPORTANT* Your Account Has Been Locked

Email Account Suspension

Notice: **Last Warning**

Notice:***Your email account will be suspended***

Security measures

Your email account access is restricted

Your Email Account is Suspended For Security Reasons

取下面的某一段做为邮件正文:

Account Information Are Attached!

Once you have completed the form in the attached file , your account records will not be interrupted and will continue as normal.

please look at attached document.

Please see the attachement.

To safeguard your email account from possible termination, please see the attached file.

To unblock your email account acces, please see the attachement.

We have suspended some of your email services, to resolve the problem you should read the attached document.

取下面的某一行做为附件名称:

document_full

email-doc

email-info

email-text

IMPORTANT

info-text

information

your_details

附件可能使用的扩展名:

EXE

PIF

SCR

ZIP

4)通过修改host文件来禁止用户访问下列反病毒网站:

avp.com

ca.com

customer.symantec.com

dispatch.mcafee.com

download.mcafee.com

f-secure.com

kaspersky-labs.com

kaspersky.com

liveupdate.symantec.com

liveupdate.symantecliveupdate.com

mast.mcafee.com

mcafee.com

my-etrust.com

nai.com

networkassociates.com

rads.mcafee.com

secure.nai.com

securityresponse.symantec.com

sophos.com

symantec.com

trendmicro.com

update.symantec.com

updates.symantec.com

us.mcafee.com

viruslist.com

www.avp.com

www.ca.com

www.f-secure.com

www.grisoft.com

www.kaspersky.com

www.mcafee.com

www.my-etrust.com

www.nai.com

www.networkassociates.com

www.sophos.com

www.symantec.com

www.trendmicro.com

www.viruslist.com

5)从网上下载病毒到染毒机器上运行。

随便看

 

百科全书收录4421916条中文百科知识,基本涵盖了大多数领域的百科知识,是一部内容开放、自由的电子版百科全书。

 

Copyright © 2004-2023 Cnenc.net All Rights Reserved
更新时间:2024/12/24 7:59:00