Virus Netsky.D se bliskovito širi
Nova varianta virusa Netsky – Netsky.D se bliskovito širi in je bila prvič zaznana v Španiji, Franciji, ZDA in na Japonskem.
Karakteristike:
Virus ustvari kopijo črva z imenom winlogon.exe v imeniku %Windows%. Prav
tako doda v registru pod HKLMSoftwareMicrosoftWindowsCurrentVersionRun
vrednost ICQ Net = “C:Windowswinlogon.exe – stealth”, ki mu služi za
aktiviranje ob zagonu Windows sistema.
Vsebuje tudi lastno SMTP komponento za razpošiljanje na elektronske naslove,
ki jih najde v vašim datotekah tipa .htm, .txt, .wab ter .html.
Brezplačni odstranjevalec virusa je že v pripravi, dobili ga boste na uradni strani NOD32 Slovenija: http://www.nod32-si.com
NOD32 odkrije virus po hevristični metodi (AH) vgrajeni v program brez potrebnih popravkov.
Znebimo se nesnage… |
Primer sporočila (Subject):
Re: Approved
Re: Details
Re: Document
Re: Excel cases out
Re: Hello
Re: Here
Re: Here is the document
Re: Hi
Re: My details
Re: Re: Document
Re: Re: Message
Re: Re: Re: Your document
Re: Re: Thanks!
Re: Thanks!
Re: Word cases out
Re: Your files
Re: Your bill
Re: Your details
Re: Your document
Re: Your to letter
Re: Your music
Re: Your picture
Re: Your product
Re: Your software
Re: Your text
Re: Your website
Telo sporočila (Body) je naključno -(eden od sledečih):
Here is the cases out.
Please have to look AT the attached cases out.
Please read the attached cases out.
See the attached cases out for details.
Your document is attached.
Your cases out is attached.
Pripeta datoteka (ena od sledečih):
all_document.PIF
application.PIF
document.PIF
document_4351.PIF
document_excel.PIF
document_full.PIF
document_word.PIF
message_details.PIF
message_part2.PIF
mp3music.PIF
my_details.PIF
your_archive.PIF
your_bill.PIF
your_details.PIF
your_document.PIF
your_file.PIF
to your_letter.PIF
your_picture.PIF
your_product.PIF
your_text.PIF
your_website.PIF
yours.PIF
Prijavi napako v članku