Worm.Axam.

病毒名称:

Worm.Axam.

类别： 蠕虫病毒

病毒资料：

破坏方法：

VB写的病毒，通过P2P共享目录和邮件传播

病毒启动后，将复制自身到如下目录：

\KMD\My Shared Folder\AXM_WORM.exe

\Kazaa\My Shared Folder\FlashMXPlayer.exe

\KaZaA Lite\My Shared Folder\XiaoXiao.exe

\Morpheus\My Shared Folder\Bugbear_Removal.exe

\Grokster\My Grokster\SEXisFUN.exe

\BearShare\Shared\setup.exe

\Edonkey2000\Incoming\RA2_Update.exe

\limewire\Shared\FixRUNDLL bugs.exe

\Programs\Accessories\Command Prompt.lnk

\Programs\Accessories\Command Prompt.lnk.exe

\Programs\Accessories\MS-DOS Prompt.pif

\Programs\Accessories\MS-DOS Prompt.lnk

\Programs\Accessories\MS-DOS Prompt.lnk.exe

以及驱动器的的根目录，文件名为：axam_screensaver.scr

病毒通过邮件传播时发送邮件带有如下信息：

WHEN US GOVERNMENT TO STOP THE INVADED IN IRAQ?!

News: US vs Iraq Issue

Strike on Iraq

Hi! ;)

DAA Holding have an Idea for Bussiness man

Great Job for Professional Programmer

Don't missed Logon to DAABussiness.com

Are you a Bussiness man?

How to make a money in one day?

Care to trade world map?

How to prevent from Pirate CD!

Job for you!

Do you have an enough salaries for you job?

Don't waste your money!

HAVE A NICE DAY!

Why US invade on Iraq?

No More Blood!

HOW TO PREVENT YOUR EMAIL FROM VIRUSES?

Let say together! No War for Oil! No Bush is mean the world peace!

Are you tired to get the customer. It is important to know how to make your bussiness more efficient.

To get a tips and more advise. You can download it from the attachment or just Are you tired to get the customer. It is important to know how to make your

bussiness ore efficient.

To get a tips and more advise. You can download it from the attachment or just click here to download

from our FTP site.

等等

病毒也将将替换regedit.exe、msconfig.exe、command.com，修改autoexec.bat文件格式化硬盘。

删除a:\所有文件

并能够终止大部分流行的反病毒软件

病毒的清除法：

使用光华反病毒软件，彻底删除。

病毒演示：

病毒FAQ：

Windows下的PE病毒。

发现日期：

2003-7-11