病毒名称(中文):
病毒别名:
威胁级别:
★★☆☆☆
病毒类型:
木马程序
病毒长度:
4608
影响系统:
Win9xWinNT
病毒行为:
病毒利用IE浏览器漏洞进行传播,病毒运行后会关闭一些其他广告木马的进程,并加载自己的广告木马进程,劫持感染机器的浏览器。
尝试关闭以下进程:
services.exe
msxmidi.exe
bitmap.tmp
file.exe
exploit.exe
fucker.exe
winmm64.exe
s-PEPE.exe
PEPEmsPE.exe
lpt.exe
ir.exe
intron.exe
intronet.exe
twink64.exe
usb.exe
teur.exe
host32.exe
sidefind.exe
alchem.exe
powerscan.exe
bdl74125.exe
Installer2.exe
ttgkirnl.exe
bargains.exe
WinClt.exe
Winad.exe
istsvc.exe
actalert.exe
optimize.exe
iinstall.exe
fnnmqi.exe
exdl.exe
printer.exe
printer32.exe
ykyrtws.exe
loadclean.exe
telnet.exe
修改Host文件:
127.0.0.3n-glx.s-redirect.com
127.0.0.3x.full-tgp.net
127.0.0.3counter.sexmaniack.com
127.0.0.3autoescrowpay.com
127.0.0.3www.autoescrowpay.com
127.0.0.3www.awmdabest.com
127.0.0.3www.sexfiles.nu
127.0.0.3awmdabest.com
127.0.0.3sexfiles.nu
127.0.0.3allforadult.com
127.0.0.3www.allforadult.com
127.0.0.3www.iframe.biz
127.0.0.3www.vesbiz.biz
127.0.0.3vesbiz.biz
127.0.0.3www.aaasexypics.com
127.0.0.3aaasexypics.com
127.0.0.3www.virgin-tgp.net
127.0.0.3virgin-tgp.net
127.0.0.1www.5sec.biz
