, .. , . "". , "" , .. , , .
, , , , . -. .
(.1):
.com .exe, , . , , . , . , . , AUTOEXEC.BAT CONFIG.SYS, . | |
. | , , BOOT-. , .. . . , . , ( , ). |
, DEVICE CONFIG.SYS. , . , , , . DOS (MSDOS.SYS IO.SYS) , . |
, . , . . , . , , , .
|
|
.
. 1
: , , , , , Flash- ( BIOS) ( ""), , .
, , . . . , , Dr.Weber , , , ,
C:\WINDOWS. .
, . , , , . , , (, "OneHalf-3544","Yankey-2C").
.
( .com .exe). , .
, , "PicturesForYou.jpg", , . , , 42 .exe. : "PicturesForYou.jpg.exe". , . , , , . , - , " ". "".
Internet Explorer, Outlook Express, Microsoft Office. "-". , . , , , . , :.html,.htm - Internet Explorer,.doc,.xls,.xlw,.txt,.prt, - Microsoft Office . .. , , , . , , . , , , "" . IP- Babilon5 . . , . - . , , , . , , , -, Microsoft Word. , .doc . , , , . , .
|
|
, Win32.HLLM.Klez. . , , , , . , , Windows, ICQ . , , Internet Explorer, ( ) Outlook Outlook Express.
, .
- . "", , BIOS ( , , ). . , , . , , , .
. . - , , . . .
, . "" , ( ) . , , . , , "Dr.Weber", .
"" "Stelth". , , , DOS ( ) () . "" . - "" .
|
|
Randon 2003 . IRC- Windows2000 Windows XP. IRC-, , 445 . Random Apher, , , Web- . Randon Windows, . HideWindows, . , Randon Windows. IRC-.
[1], , 2003.(.2 .1)
2.
(%) | |
1. I-Worm.Klez | 37,60% |
2. I-Worm.Sobig | 10,75% |
3. I-Worm.Lentin | 9,03% |
4. I-Worm.Avron | 3,30% |
5. Macro.Word97.Thus | 2,62% |
6. I-Worm.Tanatos | 1,38% |
7. Macro. Word97.Marker | 1,21% |
8. Worm.Win32.Opasoft | 1,13% |
9. I-Worm.Hybris | 1,04% |
10. Win95.CIH | 0,69% |
11. Worm.Win32.Randon | 0,58% |
12. VBS.Redlof | 0,57% |
13. Backdoor.Death | 0,51% |
14. Win95.Spaces | 0,51% |
15. I-Worm.Roron | 0,49% |
16.Trojan.PSW.Gip | 0,49% |
17. Backdoor.NetDevil | 0,48% |
18. Win32.HLLP.Hantaner | 0,45% |
19. TrojanDropper.Win32.Delf | 0,42% |
20. TrojanDropper.Win32.Yabinder | 0,41% |
* | 26,33% |
* 20
. 2