Worm.Netsky.cz

  病毒名称(中文):
  
  病毒别名:
  
  
  威胁级别:
  ★☆☆☆☆
  病毒类型:
  蠕虫病毒
  病毒长度:
  53628
  影响系统:
  Win9xWinMeWinNTWin2000WinXPWin2003
  
  病毒行为:
  这是一个通过邮件传播的蠕虫病毒,该病毒会尝试搜索被感染机器上所以的邮件地址
  然后把病毒本身发送出去。
  1.病毒把自己本是拷贝一份放到P2P软件的共享区,并且以下面随机一个名字命名:
  1001Sexandmore.rtf.exe
  3DStudioMax63dsmax.exe
  ACDSee10.exe
  AdobePhotoshop10crack.exe
  AdobePhotoshop10full.exe
  AdobePremiere10.exe
  AheadNero8.exe
  AltkinsDiet.doc.exe
  AmericanIdol.doc.exe
  ArnoldSchwarzenegger.jpg.exe
  BestMatrixScreensavernew.scr
  Britneysexxxx.jpg.exe
  BritneySpearsandEminemporn.jpg.exe
  BritneySpearsblowjob.jpg.exe
  BritneySpearscumshot.jpg.exe
  BritneySpearsfuck.jpg.exe
  BritneySpearsfullalbum.mp3.exe
  BritneySpearsporn.jpg.exe
  BritneySpearsSexyarchive.doc.exe
  BritneySpearsSongtextarchive.doc.exe
  BritneySpears.jpg.exe
  BritneySpears.mp3.exe
  CloneDVD6.exe
  Cloning.doc.exe
  Cracks&WarezArchiv.exe
  DarkAngelsnew.pif
  DictionaryEnglish2004-France.doc.exe
  DivX8.0final.exe
  Doom3release2.exe
  E-BookArchive2.rtf.exe
  Eminemblowjob.jpg.exe
  Eminemfullalbum.mp3.exe
  EminemPoster.jpg.exe
  Eminemsexxxx.jpg.exe
  EminemSexyarchive.doc.exe
  EminemSongtextarchive.doc.exe
  EminemSpearsporn.jpg.exe
  Eminem.mp3.exe
  Fullalbumall.mp3.pif
  Gimp1.8FullwithKey.exe
  HarryPotter1-6book.txt.exe
  HarryPotter5.mpg.exe
  HarryPotteralle.book.doc.exe
  HarryPotterebook.doc.exe
  HarryPottergame.exe
  HarryPotter.doc.exe
  Howtohacknew.doc.exe
  InternetExplorer9setup.exe
  KazaaLite4.0new.exe
  Kazaanew.exe
  Keygen4allnew.exe
  LearnProgramming2004.doc.exe
  Lightwave9Update.exe
  MagixVideoDeluxe5beta.exe
  Matrix.mpg.exe
  MicrosoftOffice2003Crackbest.exe
  MicrosoftWinXPCrackfull.exe
  MSServicePack6.exe
  netskysourcecode.scr
  NortonAntivirus2005beta.exe
  Opera11.exe
  Partitionsmagic10beta.exe
  PornoScreensaverbritney.scr
  RFCcompilation.doc.exe
  Ringtones.doc.exe
  Ringtones.mp3.exe
  SaddamHussein.jpg.exe
  Screensaver2.scr
  Serialsedition.txt.exe
  Smashingthestackfull.rtf.exe
  StarOffice9.exe
  TeenPorn15.jpg.pif
  TheSims4beta.exe
  UleadKeygen2004.exe
  VisualStudioNetCrackall.exe
  WinLonghornre.exe
  WinAmp13full.exe
  Windows2000Sourcecode.doc.exe
  Windows2003crack.exe
  WindowsXPcrack.exe
  WinXPeBooknewest.doc.exe
  XXXhardcorepics.jpg.exe
  2.搜索以下文件来获取邮件地址:
  HTM,
  HTML,
  EML,
  TXT,
  PHP,
  ASP,
  VBS,
  RTF,
  UIN,
  SHTM,
  CGI,
  DHTM,
  ADB,
  TBB,
  DBX,
  SHT,
  OFT,
  MSG,
  JSP,
  WSH,
  XML
  3.发送邮件的主体为以下任意一个:
  Re:Re:
  Re:EncryptedMail
  Re:ExtendedMail
  Re:Status
  Re:Notify
  Re:SMTPServer
  Re:MailServer
  Re:DeliveryServer
  Re:BadRequest
  Re:Failure
  Re:Thankyoufordelivery
  Re:Test
  Re:Administration
  Re:MessageError
  Re:Error
  Re:ExtendedMailSystem
  Re:SecureSMTPMessage
  Re:ProtectedMailRequest
  Re:ProtectedMailSystem
  Re:ProtectedMailDelivery
  Re:Securedelivery
  Re:DeliveryProtection
  Re:MailAuthentification
  邮件内容以下任意一个:
  Pleaseconfirmmyrequest.
  ESMTP[SecureMailSystem#334]:Securemessageisattached.
  Partialmessageisavailable.
  WaitingforaResponse.Pleasereadtheattachment.
  Firstpartofthesecuremailisavailable.
  Formoredetailsseetheattachment.
  Forfurtherdetailsseetheattachment.
  Yourrequestedmailhasbeenattached.
  ProtectedMailSystemTest.
  SecureMailSystemBetaTest.
  Forwardedmessageisavailable.
  Deliveredmessageisattached.
  Encryptedmessageisavailable.
  Pleasereadtheattachmenttogetthemessage.
  Followtheinstructionstoreadthemessage.
  Pleaseauthenticatethesecuremessage.
  Protectedmessageisattached.
  Waitingforauthentification.
  Protectedmessageisavailable.
  BadGateway:Themessagehasbeenattached.
  SMTP:Pleaseconfirmtheattachedmessage.
  Yougotanewmessage.
  Nowanewmessageisavailable.
  Newmessageisavailable.
  Youhavereceivedanextendedmessage.Pleasereadtheinstructions.
  附件描述以下任意一个:
  Yourdetails.
  Yourdocument.
  Ihavereceivedyourdocument.Thecorrecteddocumentisattached.
  Ihaveattachedyourdocument.
  Yourdocumentisattachedtothismail.
  Authenticationrequired.
  Requestedfile.
  Seethefile.
  Pleasereadtheimportantdocument.
  Pleaseconfirmthedocument.
  Yourfileisattached.
  Pleasereadthedocument.
  Yourdocumentisattached.
  Pleasereadtheattachedfile!
  Pleaseseetheattachedfilefordetails.
  +++Attachment:NoVirusfound
  +++MessageLabsAntiVirus-www.messagelabs.com
  +++Attachment:NoVirusfound
  +++BitdefenderAntiVirus-www.bitdefender.com
  +++Attachment:NoVirusfound
  +++MC-AfeeAntiVirus-www.mcafee.com
  +++Attachment:NoVirusfound
  +++KasperskyAntiVirus-www.kaspersky.com
  +++Attachment:NoVirusfound
  +++PandaAntiVirus-www.pandasoftware.com
  ++++Attachment:NoVirusfound
  ++++NormanAntiVirus-www.norman.com
  ++++Attachment:NoVirusfound
  ++++F-SecureAntiVirus-www.f-secure.com
  ++++Attachment:NoVirusfound
  ++++NortonAntiVirus-www.symantec.de
  附件名称以下任意一个:
  document_all
  message
  exceldocument
  worddocument
  screensaver
  application
  website
  product
  letter
  information
  details
  document
  后缀名称以下任意一个:
  EXE
  SCR
  PIF
  ZIP