PCの修理が必要ですか?
専門家に頼む
????TR/Dldr.Stration.C
????19/10/2006
?????????
?????Downloader
????????
???????
???????
??????????????
??????????????
????????~30.000 ???
VDF???????6.36.00.129
IVDF???????6.36.00.146 - 2006年10月21日土曜日
??????????HEUR/Crypted

 ???? ????
   • ????????????


??
   •  McAfee: W32/Stration.dr
   •  Kaspersky: Email-Worm.Win32.Warezov.dc
   •  Sophos: W32/Stratio-AW
   •  VirusBuster: Trojan.Opnis.EM
   •  Bitdefender: Trojan.Downloader.AOW

????????????????:
     Worm/Marmota.B


????????/OS?
   • Windows 95
   • Windows 98
   • Windows 98 SE
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003


???
   • ?????????????????


????????????????



???????????????????????????????????


 ???? ??????????????????
   • %SYSDIR%\%????????%.exe



???????????????

??????????
   • %?????????????????%\%????????%.tmp




???????????????????

???????????
   • http://www6.vedasetionkderun.com/819/**********
?????????????????????? %TEMPDIR%\~%??% .tmp ???????????????????? ?????????????????????????????????? ?????????????? Worm/Stration.C

 E??? ???????????????????????????????????????????


???
?????????????????(spoof)?


????????



???: sec@%????????%
??: Mail server report.
??:
   • Mail server report.
     Our firewall determined the e-mails containing worm copies are being sent from your computer.
     Nowadays it happens from many computers, because this is a new virus type (Network Worms).
     Using the new bug in the Windows, these viruses infect the computer unnoticeably.
     After the penetrating into the computer the virus harvests all the e-mail addresses and sends the copies of itself to these e-mail addresses
     Please install updates for worm elimination and your computer restoring.
     Best regards,
     Customers support service
??????
   • Update-KB%??% -x86.exe
   • Update-KB%??% -x86.zip



???: secur@%????????%
??: Mail server report.
??:
   • Mail server report.
     Our firewall determined the e-mails containing worm copies are being sent from your computer.
     Nowadays it happens from many computers, because this is a new virus type (Network Worms).
     Using the new bug in the Windows, these viruses infect the computer unnoticeably.
     After the penetrating into the computer the virus harvests all the e-mail addresses and sends the copies of itself to these e-mail addresses
     Please install updates for worm elimination and your computer restoring.
     Best regards,
     Customers support service
??????
   • Update-KB%??% -x86.exe
   • Update-KB%??% -x86.zip



???: serv@%????????%
??: Mail server report.
??:
   • Mail server report.
     Our firewall determined the e-mails containing worm copies are being sent from your computer.
     Nowadays it happens from many computers, because this is a new virus type (Network Worms).
     Using the new bug in the Windows, these viruses infect the computer unnoticeably.
     After the penetrating into the computer the virus harvests all the e-mail addresses and sends the copies of itself to these e-mail addresses
     Please install updates for worm elimination and your computer restoring.
     Best regards,
     Customers support service
??????
   • Update-KB%??% -x86.exe
   • Update-KB%??% -x86.zip


??
??????
   • Error
   • Good day
   • hello
   • Mail Delivery System
   • Mail Transaction Failed
   • picture
   • Server Report
   • Status
   • test



??
???????????????
   • Mail transaction failed. Partial message is available.
   • The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment
   • The message contains Unicode characters and has been sent as a binary attachment


??????
??????????????????????????

–  ????????????????
   • body
   • data
   • doc
   • docs
   • document
   • file
   • message
   • readme
   • test
   • text

    ??????????????????????????????
   • dat
   • elm
   • log
   • msg
   • txt

    ????????????????????
   • bat
   • cmd
   • exe
   • pif
   • scr
   • zip



????????????????????????




 ??????? ??????????
??????????????????????????????????????????????????

説明の挿入者 Alexander Vukcevic の 2006年10月19日木曜日
説明の更新者 Andrei Gherman の 2006年10月20日金曜日

戻る . . . .
https:// このウィンドウは暗号化されています。