病毒预警:光华反病毒资讯(2月5日-2月11日)光华反病毒研究中心近日进行病毒特征码更新,请用户尽快到光华网站http://www.viruschina.com下载升级包,以下是几个重要病毒的简介: 一、邮件病毒:W32.Vutsog.A@mm 危害级别:★★★★★ 根据光华反病毒研究中心专家介绍,这是一个邮件病毒,长度 73,217 字节,感染 Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP 系统,它利用远程执行漏洞传播,当收到、打开此病毒时,有以下危害: A 复制自身到 C:\Program Files\Internet Explorer\iexplore.exe B 复制原来的 C:\Program Files\Internet Explorer\iexplore.exe 到 C:\WINDOWS\system32\dllcache C 创建文件 系统目录\dllcache\svchost.exe:svchost.exe 系统目录\svchost.exe:svchost.exe Win目录%\lsass.exe C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE C:\Program Files\Symantec\LiveUpdate\LUALL.EXE C::\Program Files\McAfee.com\Agent\mcupdate.exe D 生成文件 c:\zyxwvuts.log 系统目录\msfsr.sys 系统目录\drivers\[随机].sys E 增加键值 "SvcHost" = "C:\WINDOWS\system32\svchost.exe:svchost.exe" 到 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 使得病毒每次开机后自动执行 F 增加键值"[随机]" = "[随机]:*:enabled:@xpsp2res.dll,-22019" 到HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy \StandardProfile\AuthorizedApplications\List 使得病毒每次开机后自动执行 G 注册病毒作为以下特性的服务 服务名:SvcHost 显示名: SvcHost 描述: Generic Host Process for Win32 Services. If this service is disabled, any services that explicitly depend on it will fail to start. 位置: C:\WINDOWS\system32\svchost.exe:svchost.exe H 将自身做为以下服务执行 Automatic LiveUpdate Scheduler LiveUpdate I 修改二进制文件附件到 wuaserv 服务上执行 C:\WINDOWS\system32\svchost.exe:svchost.exe J 增加以下服务加载驱动 msfsr.sys 服务名: msfsr 显示名: msfsr K 结束以下进程 Browser lanmanserver McShield navapsvc sharedaccess SymAppCore wscsvc L 关闭系统对 C:\Program Files\Internet Explorer\iexplore.exe 保护 M 修改 system.ini 使得病毒开机后执行 N 连接 IRC 服务器 www.mi5.gov.uk 等待黑客命令 O 利用远程执行漏洞传播 P 收集以下位置的邮件地址簿 用户目录 Local Settings Temporary Internet Files Q 使用自带的邮件引擎发送病毒自身,邮件特性为 发件人(以下之一): updates@McAfee.com updates@Microsoft.com updates@Symantec.com 主题(以下之一): Data format error. Destination host is not responding. Mail quota exceeded. Mail transaction failed. Mail transaction failed. Data format error. Mail transaction failed. Mail quota exceeded. Mail transaction failed. Message is too large. Mail transaction failed. Partial message is available. Mail transaction failed. Service unavailable. Mail transaction failed. Session aborted. Message is too large. Network failure. Service unavailable. Your message could not be delivered. Your message is undeliverable. Your message was not delivered. 附件(以下之一): Alien vs. Predator 2 Angelina Jolie Assassin Auto Assault BioShock Britney Spears CSI: London Carmen Electra Command & Conquer 3: Tiberium Wars Crysis Dragonball Dungeons & Dragons Online: Stormreach Enemy Territory: Quake Wars Extreme Ghouls n' Ghosts Final Fantasy XIII Full Auto Full Auto 2: Battlelines Ghost Recon: Advanced Warfighter Ghost Rider Grey's Anatomy - next season Half-Life 2: Aftermath Halo 3 Hellgate: London Heroes season 2 Hilary Duff Huxley Indiana Jones 4 Jennifer Lopez Jericho season 2 Jessica Alba Jessica Simpson Killzone PS3 Live Free or Die Hard Lost season 4 Metal Gear: Subsistence Neverwinter Nights 2 Pamela Anderson Paris Hilton Premonition Pursuit Force Rainbow Six: Vegas Resident Evil 3 Resident Evil 5 Resistance: Fall of Man Rush Hour 3 Shark season 2 Six Degrees season 2 Smith season 2 Spider-Man 3 Splinter Cell: Double Agent Spore Star Trek: Legacy Star Wars: Empire at War Starcraft: Ghost Studio 60 on the Sunset Strip season 2 Tekken Terminator 4 The Hills Have Eyes II Unreal Tournament 2007 Virtua Fighter 5 Warhammer Online Age Of Reckoning attachment casino details document gaming instructions letter message myspace myspacedetails onlinecasino onlinegaming onlinepoker poker pokerstrategy pokertechnique readme s Creed transcript your SSN etc your bank account details your financial details your financial information your personal details your personal information your tax returns yourmyspacedetails yoursite yourwebsite yousite youtube-you 附件扩展名(以下之一): .gif .html .jpeg .mp3 .rtf .txt .wav .wma R 搜索以下路径复制病毒自身 BearShare Collections Downloads my shared folder share shared upload uploads S 复制病毒为以下名称之一 10,000 B.C. 28 Weeks Later 30 Days of Night Across the Universe Alien vs. Predator 2 Alpha Dog American Gangster Angel-A Angelina Jolie Are We Done Yet? Atonement August Rush Balls of Fury Because I Said So Beowulf Black Book Blades of Glory Breach Britney Spears Captivity Carmen Electra Dallas Death at a Funeral Delta Farce Disturbia Dragonball Eastern Promises El Cantante Enchanted Epic Movie Evening Fantastic Four 2 Firehouse Dog Fly Me to the Moon Foodfight! Fracture Fragile Freedom Writers Full of It Ghost Rider God Grew Tired of Us Grind House Hairspray Halloween Halo Hannibal Rising Hilary Duff His Dark Materials-The Golden Compass Horton Hears a Who Hostel 2 Hot Fuzz Hot Rod In the Land of Women Inkheart Iron Man Jennifer Lopez Jessica Alba Jessica Simpson Journey 3-D Jumper Kung Fu Panda La Vie en Rose Live Free or Die Hard Lucky You Lust, Caution Master of Time and Space Next No Reservations Ocean's Thirteen Offside Opus-The Last Christmas Pamela Anderson Paris Hilton Pathfinder Perfect Stranger Premonition Pride Pride & Glory Prom Night (2007) Reservation Road Resident Evil 3 Rocket Science Rogue Romeo & Juliet-Sealed with a Kiss Rush Hour 3 Seven Day Itch Severance Shoot 'Em Up Shooter Silk Skinwalkers Slow Burn Smokin' Aces Southland Tales Spider-Man 3 Spring Breakdown Stardust Stomp the Yard Strange Wilderness Strangers Sunshine Super Bad Surf's Up Talk to Me Terminator 4 The Assassination of Jesse James The Astronaut Farmer The Dark Is Rising The Flock The Half Life of Timofey Berezin The Hills Have Eyes II The Hitcher The Hoax The Host The Ice at the Bottom of the World The Invasion The Invisible The Kingdom The Last Legion The Last Sin Eater The Lives of Others The Messengers The Namesake The Number 23 The Reaping The Simpsons The Spiderwick Chronicles The TV Set The Transformers The Ultimate Gift The Valet The Waterhorse This Christmas Trade Trick 'r Treat Underdog Untraceable Vacancy Vantage Point Whisper Wild Hogs Wonder Woman Zodiac 扩展名为以下名称之一 .scr .avi.com .mp4.com .iso.exe .zip.exe - Full.exe - Keygen.exe 光华反病毒软件已经对这种病毒进行了处理,请用户升级后,使用光华反病毒软件清除。 二 木马病毒 Trojan.Killwma 危害级别:★★☆☆☆ 根据光华反病毒研究中心专家介绍,Trojan.Killwma 是一个木马病毒,长度 90,112 字节,感染 Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP 系统,破坏硬盘上的 .wma 文件。当收到、打开此病毒时,主要有以下危害: A 生成文件[木马].exe B 停止当前所有计划任务 C 增加一个计划任务,在五分钟后启动自身 D 搜索所有的 .wma 文件 E 破坏文件头,使得这些文件不能播放 F 有时重启计算机 北京日月光华软件公司网站(http://www.viruschina.com)每日进行病毒特征码更新,光华反病毒研究中心专家提醒您:请尽快到光华安全网站在线订购光华反病毒软件来防范病毒的入侵,时刻保护您的电脑安全。光华反病毒软件用户升级到2月5日的病毒库(免费下载地址为:http://www.viruschina.com/html/update.htm)就可以完全查杀这些病毒。
|
|
热门文章
|
本周
|
本月
|
全部
|