這是最新的病毒 Copies itself as %Windir%\services.exe.
drives C through Z
Symantec Security Bulletin - Level 4 Virus W32.Netsk.B@mm
W32.Netsky.B@mm 對此病毒發出全球警告Level 4
W32.Netsky.B@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses it finds when scanning the hard drives and mapped drives. This worm also searches drives C through Z for folder names containing "Share" or "Sharing," and then copies itself to those folders.
The Subject, Body, and email attachment vary.
說明與解毒 十分繁複 要手動改 自己看仔細了 無法自動 沒太子說的簡單 太子抱歉了
http://securityresponse.symantec.com...tsky.b@mm.html
When W32.Netsky@mm runs, it does the following:
Creates a mutex named "AdmSkynetJKIS003." This mutex allows only one instance of the worm to execute.
Displays the following dialog box:
The file could not be opened!
Copies itself as %Windir%\services.exe.
Note: %Windir% is a variable. The worm locates the Windows installation folder (by default, this is C:\Windows or C:\Winnt) and copies itself to that location.