Ha bisogno di assistenza? Chieda alla community oppure consulti un esperto.
Vai ad Avira Answers
Damage:Sent by email 
VDF Version: 

DistributionNEWLOVE worm sends itself to all addresses saved in Outlook. The email it sends looks like this:
Attachment: PKUPLRX00HB0ZGNEMFHUO.txt.vbs

Technical DetailsIf the worm is activated, by double-click on the infectious attachment, it copies itself in Windows and Windows system directories.

It also makes the registry entries:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\

The worm uses random file names or choses the names of existing files from C:\%WINDIR%\APPLOG. If there are no files in the directory, the worm choses a random name, having between 1 and 31 characters and one of the following extensions: DOC XLS MDB BMP MP3 TXT JPG GIF MOV URL HTM.
Then, it overwrites all 0 Byte files on all local and network drives. It spares only the recently used files or the ones blocked by the system. All files will have .vbs extension. There are more .vbs type extensions.
Descrizione inserita da Crony Walker su martedì 15 giugno 2004

Indietro . . . .
https:// Questa finestra è criptata per tua sicurezza.