请输入您要查询的百科知识:

 

词条 Worm.Mytob.dc
释义

Worm.Mytob.dc病毒是一个通过邮件传播的蠕虫病毒。该病毒会连接IRC聊天室,供黑客控制用户主机,是用户机器沦为“肉鸡”。该病毒会屏蔽大量网站,会结束大量进程,并通过搜索特定后缀的文件,获得邮件地址,并发送病毒。

病毒名片

病毒别名:-

处理时间:2005-10-17

威胁级别:★

中文名称:-

病毒类型:蠕虫

影响系统:Win 9x/ME,Win 2000/NT,Win XP,Win 2003

病毒行为

从下列后缀文件中搜索邮件地址

doc

txt

htm

tmp

wab

html

pl

adbh

tbbg

dbxn

aspd

phpq

ls

cgil

jspl

shtl

htmb

不向包含以下字符的邮件地址发送邮件

sandra

adam

frank

linda

julie

jimmy

jerry

helen

debby

claudia

brenda

anna

sales

brent

paul

ted

fred

jack

bill

stan

smith

等等

3

关闭下列进程

NEC.EXE

TASKMGR.EXE

CMD.EXE

_AVPM.EXE

_AVPCC.EXE

_AVP32.EXE

ZONEALARM.EXE

ZONALM2601.EXE

ZATUTOR.EXE

ZAPSETUP301.EXE

ZAPRO.EXE

XPF202EN.EXE

WYVERNWORKSFIREWALL.EXE

WUPDT.EXE

WUPDATER.EXE

WSBGATE.EXE

WRCTRL.EXE

WRADMIN.EXE

WNT.EXE

WNAD.EXE

WKUFIND.EXE

WINUPDATE.EXE

WINTSK32.EXE

WINSTART01.EXE

WINSTART.EXE

WINSSK32.EXE

WINSERVN.EXE

WINRECON.EXE

WINPPR32.EXE

WINNET.EXE

WINMAIN.EXE

WINLOGIN.EXE

WININITX.EXE

WININIT.EXE

WININETD.EXE

WINDOWS.EXE

WINDOW.EXE

WINACTIVE.EXE

WIN32US.EXE

WIN32.EXE

WIN-BUGSFIX.EXE

WIMMUN32.EXE

WHOSWATCHINGME.EXE

WFINDV32.EXE

WEBTRAP.EXE

WEBSCANX.EXE

WEBDAV.EXE

WATCHDOG.EXE

W9X.EXE

W32DSM89.EXE

VSWINPERSE.EXE

VSWINNTSE.EXE

VSWIN9XE.EXE

VSSTAT.EXE

VSMON.EXE

VSMAIN.EXE

VSISETUP.EXE

VSHWIN32.EXE

VSECOMR.EXE

VSCHED.EXE

VSCENU6.02D30.EXE

VSCAN40.EXE

VPTRAY.EXE

VPFW30S.EXE

VPC42.EXE

VPC32.EXE

VNPC300.EXE

VNLAN30.EXE

VIRUSMDPERSONALFIREWALL.EXE

VIR-HELP.EXE

VFSETUP.EXE

VETTRAY.EXE

VET95.EXE

VET32.EXE

VCSETUP.EXE

VBWINNTW.EXE

VBWIN9X.EXE

VBUST.EXE

VBCONS.EXE

VBCMSERV.EXE

UTPOST.EXE

UPGRAD.EXE

UPDATE.EXE

UPDAT.EXE

UNDOBOOT.EXE

TVTMD.EXE

TVMD.EXE

TSADBOT.EXE

TROJANTRAP3.EXE

TRJSETUP.EXE

TRJSCAN.EXE

TRICKLER.EXE

TRACERT.EXE

TITANINXP.EXE

TITANIN.EXE

TGBOB.EXE

TFAK5.EXE

TFAK.EXE

TEEKIDS.EXE

TDS2-NT.EXE

TDS-3.EXE

TCM.EXE

TCA.EXE

TC.EXE

TBSCAN.EXE

TAUMON.EXE

TASKMON.EXE

TASKMO.EXE

TASKMG.EXE

SYSUPD.EXE

SYSTEM32.EXE

SYSTEM.EXE

SYSEDIT.EXE

SYMTRAY.EXE

SYMPROXYSVC.EXE

SWNETSUP.EXE

SWEEP95.EXE

SVSHOST.EXE

SVCHOSTS.EXE

等等

屏蔽下列站点

127.0.0.1 ebay.com

127.0.0.1 www.ebay.com

127.0.0.1 www.moneybookers.com

127.0.0.1 moneybookers.com

127.0.0.1 paypal.com

127.0.0.1 www.paypal.com

127.0.0.1 www.amazon.fr

127.0.0.1 www.amazon.ca

127.0.0.1 www.amazon.co.uk

127.0.0.1 www.amazon.com

127.0.0.1 virustotal.com

127.0.0.1 www.virustotal.com

127.0.0.1 microsoft.com

127.0.0.1 www.microsoft.com

127.0.0.1 www.grisoft.com

127.0.0.1 www.trendmicro.com

127.0.0.1 www.pandasoftware.com

127.0.0.1 pandasoftware.com

127.0.0.1 trendmicro.com

127.0.0.1 rads.mcafee.com

127.0.0.1 customer.symantec.com

127.0.0.1 liveupdate.symantec.com

127.0.0.1 us.mcafee.com

127.0.0.1 updates.symantec.com

127.0.0.1 update.symantec.com

127.0.0.1 www.nai.com

127.0.0.1 nai.com

127.0.0.1 secure.nai.com

127.0.0.1 dispatch.mcafee.com

127.0.0.1 download.mcafee.com

127.0.0.1 www.my-etrust.com

127.0.0.1 my-etrust.com

127.0.0.1 mast.mcafee.com

127.0.0.1 ca.com

127.0.0.1 www.ca.com

127.0.0.1 networkassociates.com

127.0.0.1 www.networkassociates.com

127.0.0.1 avp.com

127.0.0.1 www.kaspersky.com

127.0.0.1 www.avp.com

127.0.0.1 kaspersky-labs.com

127.0.0.1 kaspersky.com

127.0.0.1 www.f-secure.com

127.0.0.1 f-secure.com

127.0.0.1 viruslist.com

127.0.0.1 www.viruslist.com

127.0.0.1 liveupdate.symantecliveupdate.com

127.0.0.1 mcafee.com

127.0.0.1 www.mcafee.com

127.0.0.1 sophos.com

127.0.0.1 www.sophos.com

127.0.0.1 symantec.com

127.0.0.1 securityresponse.symantec.com

127.0.0.1 www.symantec.com

发送的邮件内容为

Dear user %s,

You have successfully updated the password of your %s account.

If you did not authorize this change or if you need assistance with your account, please contact %s customer service at: %s

Thank you for using %s!

The %s Support Team

+++ Attachment: No Virus (Clean)

+++ %s Antivirus - www.%s

Dear user %s,

It has come to our attention that your %s User Profile ( x ) records are out of date. For further details see the attached document.

Thank you for using %s!

The %s Support Team

+++ Attachment: No Virus (Clean)

+++ %s Antivirus - www.%s

Dear %s Member,

We have temporarily suspended your email account %s.

This might be due to either of the following reasons:

1. A recent change in your personal information (i.e. change of address).

2. Submiting invalid information during the initial sign up process.

3. An innability to accurately verify your selected option of subscription due to an internal error within our processors.

See the details to reactivate your %s account.

Sincerely,The %s Support Team

+++ Attachment: No Virus (Clean)

+++ %s Antivirus - www.%s

Dear %s Member,

Your e-mail account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into any future problems with the online service.

If you choose to ignore our request, you leave us no choice but to cancel your membership.

Virtually yours,

The %s Support Team

+++ Attachment: No Virus found

+++ %s Antivirus - www.%s

随便看

 

百科全书收录4421916条中文百科知识,基本涵盖了大多数领域的百科知识,是一部内容开放、自由的电子版百科全书。

 

Copyright © 2004-2023 Cnenc.net All Rights Reserved
更新时间:2024/12/23 10:35:52