病毒名称(中文):
文件杀手
病毒别名:
威胁级别:
★☆☆☆☆
病毒类型:
木马程序
病毒长度:
57344
影响系统:
Win9xWinMeWinNTWin2000WinXPWin2003
病毒行为:
这是一个通过网络传播的病毒,该病毒运行时会删除计算机上所有的文件,并且会尝试把病毒本书拷贝到EMule的共享文件下,以便传播自己.
1.生成文件:
%WindowsRoot%\autoclean.exe
%System%\autoclean.exe
C:\DocumentsandSettings\AllUsers\「檫始」功能表\程式集
2.病毒运行时,会运行一个删除脚本,脚本如下:
cmd/cdel/f/s/qc:cmd/cdel/f/s/qd:cmd/cdel/f/s/qe:cmd/cdel/f/s/qf:cmd/cdel/f/s/qg:cmd/cdel/f/s/qh:cmd/cdel/f/s/qi:cmd/cdel/f/s/qg:cmd/cdel/f/s/qk:cmd/cdel/f/s/ql:cmd/cdel/f/s/qm:cmd/cdel/f/s/qn:cmd/cdel/f/s/qo:cmd/cdel/f/s/qp:cmd/cdel/f/s/qq:cmd/cdel/f/s/qr:cmd/cdel/f/s/qs:cmd/cdel/f/s/qt:cmd/cdel/f/s/qu:cmd/cdel/f/s/qy:cmd/cdel/f/s/qw:cmd/cdel/f/s/qx:cmd/cdel/f/s/qy:cmd/cdel/f/s/qz:\
