Mydoom, varianta 13

Dupa ce nu s-a mai auzit nimic de el cateva saptamani bune, MyDoom s-a intors saptamana aceasta sa terfeleasca mandria catorva motoare de cautare celebre, printre care Google, Yahoo, Altavista si Lycos.

Daca nu folositi un program antivirus si vreti sa verificati daca nu cumva computerul dumneavoastra i-a cazut victima lui MyDoom.M, cautati fisierele %WINDIR%ijava.exe si %WINDIR%iservices.exe.

Dupa ce s-a instalat in directorul Windows, incearca sa opreasca programele: rctrl_renwnd32, ATH_Note si IEFrame.

Apoi cauta adrese de e-mail in Address Book si trimite mesaje infectate avand ca fals expeditor “Postmaster“, “Mail Administrator“, “Automatic Email Delivery Software“, “Post Office“, “The Post Office“, “Bounced mail“, “Returned mail“, “MAILER-DAEMON“, “Mail Delivery Subsystem“.

Mesajele au ca subiect “hello“, “hi“, “error“, “status“, “test“, “report“, “delivery failed“, “Message could not be delivered“, “Mail System Error - Returned Mail“, “Delivery reports about your e-mail“, “Returned mail: see transcript for details“, “Returned

mail: Data format error“ etc.