词条 | Worm.Mytob.dc |
释义 | Worm.Mytob.dc病毒是一个通过邮件传播的蠕虫病毒。该病毒会连接IRC聊天室,供黑客控制用户主机,是用户机器沦为“肉鸡”。该病毒会屏蔽大量网站,会结束大量进程,并通过搜索特定后缀的文件,获得邮件地址,并发送病毒。 病毒名片病毒别名:- 处理时间:2005-10-17 威胁级别:★ 中文名称:- 病毒类型:蠕虫 影响系统:Win 9x/ME,Win 2000/NT,Win XP,Win 2003 病毒行为从下列后缀文件中搜索邮件地址doc txt htm tmp wab html pl adbh tbbg dbxn aspd phpq ls cgil jspl shtl htmb 不向包含以下字符的邮件地址发送邮件sandra adam frank linda julie jimmy jerry helen debby claudia brenda anna sales brent paul ted fred jack bill stan smith 等等 3 关闭下列进程NEC.EXE TASKMGR.EXE CMD.EXE _AVPM.EXE _AVPCC.EXE _AVP32.EXE ZONEALARM.EXE ZONALM2601.EXE ZATUTOR.EXE ZAPSETUP301.EXE ZAPRO.EXE XPF202EN.EXE WYVERNWORKSFIREWALL.EXE WUPDT.EXE WUPDATER.EXE WSBGATE.EXE WRCTRL.EXE WRADMIN.EXE WNT.EXE WNAD.EXE WKUFIND.EXE WINUPDATE.EXE WINTSK32.EXE WINSTART01.EXE WINSTART.EXE WINSSK32.EXE WINSERVN.EXE WINRECON.EXE WINPPR32.EXE WINNET.EXE WINMAIN.EXE WINLOGIN.EXE WININITX.EXE WININIT.EXE WININETD.EXE WINDOWS.EXE WINDOW.EXE WINACTIVE.EXE WIN32US.EXE WIN32.EXE WIN-BUGSFIX.EXE WIMMUN32.EXE WHOSWATCHINGME.EXE WFINDV32.EXE WEBTRAP.EXE WEBSCANX.EXE WEBDAV.EXE WATCHDOG.EXE W9X.EXE W32DSM89.EXE VSWINPERSE.EXE VSWINNTSE.EXE VSWIN9XE.EXE VSSTAT.EXE VSMON.EXE VSMAIN.EXE VSISETUP.EXE VSHWIN32.EXE VSECOMR.EXE VSCHED.EXE VSCENU6.02D30.EXE VSCAN40.EXE VPTRAY.EXE VPFW30S.EXE VPC42.EXE VPC32.EXE VNPC300.EXE VNLAN30.EXE VIRUSMDPERSONALFIREWALL.EXE VIR-HELP.EXE VFSETUP.EXE VETTRAY.EXE VET95.EXE VET32.EXE VCSETUP.EXE VBWINNTW.EXE VBWIN9X.EXE VBUST.EXE VBCONS.EXE VBCMSERV.EXE UTPOST.EXE UPGRAD.EXE UPDATE.EXE UPDAT.EXE UNDOBOOT.EXE TVTMD.EXE TVMD.EXE TSADBOT.EXE TROJANTRAP3.EXE TRJSETUP.EXE TRJSCAN.EXE TRICKLER.EXE TRACERT.EXE TITANINXP.EXE TITANIN.EXE TGBOB.EXE TFAK5.EXE TFAK.EXE TEEKIDS.EXE TDS2-NT.EXE TDS-3.EXE TCM.EXE TCA.EXE TC.EXE TBSCAN.EXE TAUMON.EXE TASKMON.EXE TASKMO.EXE TASKMG.EXE SYSUPD.EXE SYSTEM32.EXE SYSTEM.EXE SYSEDIT.EXE SYMTRAY.EXE SYMPROXYSVC.EXE SWNETSUP.EXE SWEEP95.EXE SVSHOST.EXE SVCHOSTS.EXE 等等 屏蔽下列站点127.0.0.1 ebay.com 127.0.0.1 www.ebay.com 127.0.0.1 www.moneybookers.com 127.0.0.1 moneybookers.com 127.0.0.1 paypal.com 127.0.0.1 www.paypal.com 127.0.0.1 www.amazon.fr 127.0.0.1 www.amazon.ca 127.0.0.1 www.amazon.co.uk 127.0.0.1 www.amazon.com 127.0.0.1 virustotal.com 127.0.0.1 www.virustotal.com 127.0.0.1 microsoft.com 127.0.0.1 www.microsoft.com 127.0.0.1 www.grisoft.com 127.0.0.1 www.trendmicro.com 127.0.0.1 www.pandasoftware.com 127.0.0.1 pandasoftware.com 127.0.0.1 trendmicro.com 127.0.0.1 rads.mcafee.com 127.0.0.1 customer.symantec.com 127.0.0.1 liveupdate.symantec.com 127.0.0.1 us.mcafee.com 127.0.0.1 updates.symantec.com 127.0.0.1 update.symantec.com 127.0.0.1 www.nai.com 127.0.0.1 nai.com 127.0.0.1 secure.nai.com 127.0.0.1 dispatch.mcafee.com 127.0.0.1 download.mcafee.com 127.0.0.1 www.my-etrust.com 127.0.0.1 my-etrust.com 127.0.0.1 mast.mcafee.com 127.0.0.1 ca.com 127.0.0.1 www.ca.com 127.0.0.1 networkassociates.com 127.0.0.1 www.networkassociates.com 127.0.0.1 avp.com 127.0.0.1 www.kaspersky.com 127.0.0.1 www.avp.com 127.0.0.1 kaspersky-labs.com 127.0.0.1 kaspersky.com 127.0.0.1 www.f-secure.com 127.0.0.1 f-secure.com 127.0.0.1 viruslist.com 127.0.0.1 www.viruslist.com 127.0.0.1 liveupdate.symantecliveupdate.com 127.0.0.1 mcafee.com 127.0.0.1 www.mcafee.com 127.0.0.1 sophos.com 127.0.0.1 www.sophos.com 127.0.0.1 symantec.com 127.0.0.1 securityresponse.symantec.com 127.0.0.1 www.symantec.com 发送的邮件内容为Dear user %s, You have successfully updated the password of your %s account. If you did not authorize this change or if you need assistance with your account, please contact %s customer service at: %s Thank you for using %s! The %s Support Team +++ Attachment: No Virus (Clean) +++ %s Antivirus - www.%s Dear user %s, It has come to our attention that your %s User Profile ( x ) records are out of date. For further details see the attached document. Thank you for using %s! The %s Support Team +++ Attachment: No Virus (Clean) +++ %s Antivirus - www.%s Dear %s Member, We have temporarily suspended your email account %s. This might be due to either of the following reasons: 1. A recent change in your personal information (i.e. change of address). 2. Submiting invalid information during the initial sign up process. 3. An innability to accurately verify your selected option of subscription due to an internal error within our processors. See the details to reactivate your %s account. Sincerely,The %s Support Team +++ Attachment: No Virus (Clean) +++ %s Antivirus - www.%s Dear %s Member, Your e-mail account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into any future problems with the online service. If you choose to ignore our request, you leave us no choice but to cancel your membership. Virtually yours, The %s Support Team +++ Attachment: No Virus found +++ %s Antivirus - www.%s |
随便看 |
百科全书收录4421916条中文百科知识,基本涵盖了大多数领域的百科知识,是一部内容开放、自由的电子版百科全书。