| 词条 | Worm.ForBot.a |
| 释义 | § 概述 病毒别名:Backdoor.ForBot.a【AVP】 处理时间:2004-06-11 威胁级别:★★★ 中文名称:混合蠕虫 病毒类型:蠕虫 影响系统:Win9x/WinMe/WinNT/Win2000/WinXP/Win2003 病毒行为: IRCBot 编写工具:Microsoft Visual C++ 6.0 传染条件: 利用IRC 等工具,将自己伪装为共享资源,引诱用户下载使用,及利用漏洞传播 发作条件: § 简介 系统修改: A、在系统安装目录下生成如下文件,并将病毒前一个运行文件删除: %System%smsc.exe smsc并运行这个新生成的文件 B、 1、在注册表主键: HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentversionRunServices HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentversionRun HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentversionRunServices HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentversionRun 下添加如下键值: "Win32 USB 2 Driver" = "smsc.exe" C、创建一个名为"Win32 USB 2 Driver"服务 发作现象: A、对下列网站进行DOS攻击 www.schlund.net www.utwente.nl verio.fr www.1und1.de www.switch.ch www.belwue.de de.yahoo.com www.xo.net www.stanford.edu www.verio.com www.nocster.com www.rit.edu www.cogentco.com www.burst.net nitro.ucsc.edu www.level3.com www.above.net www.lib.nthu.edu.tw www.st.lib.keio.ac.jp www.d1asia.com www.nifty.com yahoo.co.jp B、DOS攻击包括 HTTP FLOOD UPD FLOOD PINF FLOOD SYN FLOOD C、通过IRC进行传播,控制感染机器 D、利用多种微软漏洞进行传播。 E、获取游戏CD-Key Battlefield 1942 Black and White Command and Conquer Counter-Strike FIFA 2002 FIFA 2003 Global Operations Gunman Chronicles Half-Life Hidden and Dangerous 2 IGI2 Covert Strike Industry Giant 2 James Bond 007 Nightfire Medal of Honor Allied Assault Medal of Honor Allied Assault Breakthrough Medal of Honor Allied Assault Spearhead Nascar Racing 2002 Nascar Racing 2003 NHL 2002 NHL 2003 Need For Speed Hot Pursuit 2 Need For Speed Underground Neverwinter Nights Ravenshield Shogun Total War Warlord Edition Soldiers Of Anarchy Soldier Of Fortune 2 The Gladiators Unreal Tournament 2003 F、会对关闭多种杀毒软件的进程 ACKWIN32.EXE ADVXDWIN.EXE AGENTSVR.EXE ALERTSVC.EXE ALOGSERV.EXE AMON9X.EXE ANTI-TROJAN.EXE ANTIVIRUS.EXE ANTS.EXE APIMONITOR.EXE APLICA32.EXE APVXDWIN.EXE ATCON.EXE ATGUARD.EXE ATRO55EN.EXE ATUPDATER.EXE ATWATCH.EXE AUPDATE.EXE AUTODOWN.EXE AUTOUPDATE.EXE AVCONSOL.EXE AVE32.EXE AVGCC32.EXE AVGCTRL.EXE AVGNT.EXE AVGSERV.EXE AVGSERV9.EXE AVGUARD.EXE AVGW.EXE AVNT.EXE AVP.EXE AVP32.EXE AVPCC.EXE AVPDOS32.EXE AVPM.EXE AVPTC32.EXE AVPUPD.EXE AVWIN95.EXE AVWINNT.EXE AVWUPD32.EXE AVWUPSRV.EXE AVXMONITOR9X.EXE AVXMONITORNT.EXE AVXQUAR.EXE AckWin32.EXE AutoTrace.EXE AvSynMgr.AVSYNMGR.EXE AvgServ.EXE Avgctrl.EXE AvkServ.EXE Avsched32.EXE BD_PROFESSIONAL.EXE BIDEF.EXE BIDSERVER.EXE BIPCP.EXE BIPCPEVALSETUP.EXE BISP.EXE BLACKD.EXE BLACKICE.EXE BOOTWARN.EXE BORG2.EXE BS120.EXE BlackICE.EXE CDP.EXE CFGWIZ.EXE CFIADMIN.EXE CFIAUDIT.EXE CFINET.EXE CFINET32.EXE CLAW95CF.EXE CLEAN.EXE CLEANER.EXE CLEANER3.EXE CLEANPC.EXE CMGRDIAN.EXE CMON0EXE CONNECTIONMONITOR.EXE CPD.EXE CPF9X206.EXE CPFNT206.EXE CTRL.EXE CV.EXE CWNB181.EXE CWNTDWMO.EXE Claw95.EXE Claw95cf.EXE DEFWATCH.EXE DEPUTY.EXE DOORS.EXE DPF.EXE DPFSETUP.EXE DRWATSON.EXE DRWEB32.EXE DVP95.EXE DVP95_0.EXE ECENGINE.EXE EFPEADM.EXE ENT.EXE ESAFE.EXE ESCANH95.EXE ESCANHNT.EXE ESCANV95.EXE ESPWATCH.EXE ETRUSTCIPE.EXE EVPN.EXE EXANTIVIRUS-CNET.EXE EXE.AVXW.EXE EXPERT.EXE F-AGNT95.EXE F-PROT.EXE F-PROT95.EXE F-STOPW.EXE FAST.EXE FINDVIRU.EXE FIREWALL.EXE FLOWPROTECTOR.EXE FP-WIN.EXE FP-WIN_TRIAL.EXE FPROT.EXE FRW.EXE FSAV.EXE FSAV530STBYB.EXE 等等。 特别说明: |
| 随便看 |
百科全书收录594082条中文百科知识,基本涵盖了大多数领域的百科知识,是一部内容开放、自由的电子版百科全书。