|
本周提醒广大用户谨防病毒Email-Worm.Win32.Bagz.f,该病毒属邮件蠕虫类,主要通过发送含有病毒附件的邮件传播,通过邮件的主题、正文来诱骗用户下载、运行病毒附件。
病毒运行后会复制自身到:System%\sysinfo32.exe、%System%\trace32.exe。病毒还会修改hosts文件,在hosts文件中添加一些反病毒及安全软件的网站地址,继而阻止用户访问反病毒及安全公司的网站。病毒通过查找感染主机中某些扩展名文件,获取其中的email地址,从而发送含有病毒附件的邮件。
该Email-Worm.Win32.Bagz.f病毒发送的病毒邮件可能含有以下信息:
病毒邮件主题可能为:
Allert!
Amirecans
Att
attach
attachments
best regards
contract
Have a nice day
Hello
Money
office
please responce
re: Andrey
re: order
re: please
Read this
Russian's
......
病毒邮件正文可能为:
Hi
I was supposed to send you this document yesterday.
Sorry for the delay, please forward this to your family if possible.
It contains important info for both of you.
Hi
Sorry, I forgot to send an important document to you in that last email. I had an important phone call.
Please checkout attached doc file when you have a moment.
Best Regards
I resent this email as attachment because it was previously blocked by your email filters.
Please read the attachment and respond.
Thanks
I apologize, but I need you to verify that I have the correct contact info for you.
My system crashed last weekend and I lost most of my friends and work contacts.
Please check the attached (.pdf) and please let me know if your info is current.
......
病毒附件名可能为:
archivator.doc .exe
archivator.zip
archives.doc .exe
archives.zip
ataches.doc .exe
ataches.zip
backup.doc .exe
backup.zip
docs.doc .exe
docs.zip
documentation.doc .exe
documentation.zip
help.doc .exe
help.zip
inbox.doc .exe
inbox.zip
manual.doc .exe
manual.zip
outbox.doc .exe
outbox.zip
payment.doc .exe
payment.zip
photos.doc .exe
photos.zip
rar.doc .exe
......
若接收到含有以上信息的电子邮件,还请广大用户多多留意。
因此安天应急处理小组郑重提醒用户的是:
1.不要轻易打开来历不明的邮件,尤其是邮件的附件,防止系统被邮件蠕虫、网络蠕虫等病毒感染,不要随便登录不明网站。
2.即时安装木马防线,木马防线全自动升级,可以为你的系统提供透明的保护。
|
内容:
病毒上报信箱: