shāo xiāng bìng dú biàn zhǒng spoclsv.exe
xióng māo bìng dú dà xiǎo: 22,886 zì jié
jiā ké fāng shì: upack
yàng běn md5: 9749216a37d57cf4b2e528c027252062
yàng běn sha1: 5d3222d8ab6fc11f899eff32c2c8d3cd50cbd755
fā xiàn shí jiān: 2006.11
gēngxīn shí jiān: 2006.11
guān lián bìng dú:
chuán bō fāng shì: tōng guò 'è yì wǎng yè chuán bō, qí tā mù mǎ xià zài, kě tōng guò jú yù wǎng、 yí dòng cún chǔ shè bèi děng chuán bō
jì shù fēn xī
==========
yòu shì “ xióng māo shāo xiāng ” fuckjacks.exe de biàn zhǒng, hèzhī qián de biàn zhǒng yī yàng shǐ yòng bái dǐ xióng māo shāo xiāng tú biāo, bìng dú yùn xíng hòu fù zhì zì shēn dào xì tǒng mù lù xià:
%system%driversspoclsv.exe
chuàng jiàn qǐ dòng xiàng:
[hkey_current_usersoftwaremicrosoftwindowscurrentversion
un]
"svcshare"="%system%driversspoclsv.exe"
xiū gǎi zhù cè biǎo xìn xī gān rǎo“ xiǎn shì suǒ yòu wén jiàn hé wén jiàn jiā” shè zhì:
[hkey_local_machinesoftwaremicrosoftwindowscurrentversionexploreradvancedfolderhiddenshowall]
"checkedvalue"=dword:00000000
zài gè fēn qū gēn mù lù shēng chéng fù běn:
x:setup.exe
x:autorun.inf
autorun.inf nèi róng:
[autorun]
open=setup.exe
shellexecute=setup.exe
shellautocommand=setup.exe
cháng shì guān bì xià liè chuāng kǒu:
qqkav
qqav
virusscan
symantecantivirus
duba
windows
esteemprocs
systemsafetymonitor
wrappedgiftkiller
winsockexpert
msctls_statusbar32
pjf(ustc)
icesword
jié shù yī xiē duì tóu de jìn chéng:
mcshield.exe
vstskmgr.exe
naprdmgr.exe
updaterui.exe
tbmon.exe
scan32.exe
ravmond.exe
ccenter.exe
ravtask.exe
rav.exe
ravmon.exe
ravmond.exe
ravstub.exe
kvxp.kxp
kvmonxp.kxp
kvcenter.kxp
kvsrvxp.exe
kregex.exe
uihost.exe
trojdie.kxp
frogagent.exe
logo1_.exe
logo_1.exe
rundl132.exe
jìn yòng yī xì liè fú wù:
schedule
sharedaccess
rsccenter
rsravmon
rsccenter
rsravmon
kvwsc
kvsrvxp
kavsvc
avp
mcafeeframework
mcshield
mctaskmanager
navapsvc
wscsvc
kpfwsvc
sndsrvc
ccproxy
ccevtmgr
ccsetmgr
spbbcsvc
symanteccorelc
npfmntor
mskservice
firesvc
shān chú ruò gān 'ān quán ruǎn jiàn qǐ dòng xiàng xìn xī:
ravtask
kvmonxp
kav
kavpersonal50
mcafeeupdaterui
networkassociateserrorreportingservice
shstatexe
ylive.exe
yassistse
shǐ yòng netshare mìng lìng shān chú guǎn lǐ gòng xiǎng:
netsharex$/del/y
netshareadmin$/del/y
netshareipc$/del/y
biàn lì mù lù, gǎn rǎn chú yǐ xià xì tǒng mù lù wài qí tā mù lù zhōng de exe、 com、 scr、 pif wén jiàn:
x:windows
x:winnt
x:systemvolumeinformation
x:
ecycled
%programfiles%windowsnt
%programfiles%windowsupdate
%programfiles%windowsmediaplayer
%programfiles%outlookexpress
%programfiles%internetexplorer
%programfiles%
etmeeting
%programfiles%commonfiles
%programfiles%complusapplications
%programfiles%messenger
%programfiles%installshieldinstallationinformation
%programfiles%msn
%programfiles%microsoftfrontpage
%programfiles%moviemaker
%programfiles%msngaminzone
jiāng zì shēn kǔn bǎng zài bèi gǎn rǎn wén jiàn qián duān, bìng zài wěi bù tiān jiā biāo jì xìn xī:
.whboy{ yuán wén jiàn míng }.exe.{ yuán wén jiàn dà xiǎo }.
yǔ zhī qián biàn zhǒng bù tóng de shì, zhè gè bìng dú tǐ suī rán shì 22886 zì jié, dàn shì kǔn bǎng zài wén jiàn qián duàn de zhǐ yòu 22838 zì jié, bèi gǎn rǎn wén jiàn yùn xíng hòu huì chū cuò, ér bù huì xiàng zhī qián biàn zhǒng nà yàng shì fàng chū { yuán wén jiàn míng }.exe de yuán shǐ zhèng cháng wén jiàn。
lìng wài hái fā xiàn bìng dú huì fù gài shǎo liàng exe, shān chú .gho wén jiàn。
bìng dú hái cháng shì shǐ yòng ruò mì mǎ fǎng wèn jú yù wǎng nèi qí tā jì suàn jī:
password
harley
golf
pussy
mustang
shadow
fish
qwerty
baseball
letmein
ccc
admin
abc
pass
passwd
database
abcd
abc123
sybase
123qwe
server
computer
super
123asd
ihavenopass
godblessyou
enable
alpha
1234qwer
123abc
aaa
patrick
pat
administrator
root
sex
god
foobar
secret
test
test123
temp
temp123
win
asdf
pwd
qwer
yxcv
zxcv
home
xxx
owner
login
login
love
mypc
mypc123
admin123
mypass
mypass123
administrator
guest
admin
root |
|
|