病毒介紹
該病毒會偽裝成微軟的補丁來誘騙用戶點擊,當病毒運行後會將自身拷貝到系統目錄下為:MSCSGS.EXE、MSCEXEC.EXE、MSCSGS32.EXE,並修改註冊表進行自啟動,用戶可以據此來判斷電腦是否中毒。病毒還會通過郵件系統向外傳送大量的帶毒郵件來阻塞網路,並且終止幾十家反病毒軟體的運行。以下是病毒郵件的詳細信息:
病毒郵件使用的虛假郵件傳送地址為:
[email protected]
[email protected]等
病毒郵件的標題為:
Windows Update
MSN Messenger Update
MSN Messenger vulnerability等
郵件內容為:
Attention All Microsoft Users: A patch has been issued to correct a
vulnerability in MSN Messenger which can be performed by a malicious
user in order to gain unauthorized access to compromised computers.
Windows users who have MSN Messenger 4.x and higher versions are
affected by this vulnerability and must download and install the
patch labeled
附屬檔案為:Msn_inst.exe
專家建議
反病毒專家建議:建立良好的安全習慣,不打開可疑郵件和可疑網站;關閉或刪除系統中不需要的服務;很多病毒利用漏洞傳播,一定要及時給系統打補丁;安裝專業的防毒軟體進行實時監控,平時上網的時候一定要打開防病毒軟體的實時監控功能。