Win32.Hack.SdBot.ac是一個後門木馬,該病毒運行後,拷貝自身到%system%\poker3.exe,然後添加啟動項,使自身能夠開機啟動;該病毒通過IRC聊天室接受黑客命令;該病毒會盜取一些軟體、遊戲的cd key。
基本介紹
- 中文名:Win32.Hack.SdBot.ac
- 處理時間:2005-09-19
- 病毒類型:黑客程式
- 影響系統:Win 9x/ME,Win 2000/NT
病毒別名:
威脅級別:★
中文名稱:
,Win XP,Win 2003
病毒行為:
1,生成檔案
%system%\poker3.exe
2,添加啟動項
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"Microsoft Windows DLL Services Configuration" = "poker3.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
"Microsoft Windows DLL Services Configuration" = "poker3.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
"Microsoft Windows DLL Services Configuration" = "poker3.exe"
3,盜取下列軟體的cdKey
Command & Conquer Generals
FIFA 2003
NFSHP2
COD
SOF2
NWN
Battlefield 1942 Road To Rome
Battlefield 1942
Project IGI 2
Counter-Strike ( Retail )
Unreal Tournament 2003
Half-Life
