病毒大百科

该病毒是一个后门程序。该病毒利用Windows的漏洞和SQL、FTP等的密码过于简单的等漏洞来进程传播。建议电脑用户不要将密码设置过于简单，以免给病毒感染造成损失。

1、生成的文件
%SystemRoot%\system32\mdxiicpdw.exe

2、添加启动项
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
"Fire Well servicer1" = "mdxiicpdw.exe"
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
"Fire Well servicer1" = "mdxiicpdw.exe"
KCU\Software\Microsoft\OLE
"Fire Well servicer1" = "mdxiicpdw.exe"

3、该病毒尝试猜解的用户名
administrator
administrador
administrateur
administrat
admins
admin
staff
root
computer
owner
student
teacher
wwwadmin
guest
default
database
dba
oracle
db2

4、该病毒常识猜解的密码
administrator
administrador
administrateur
administrat
admins
admin
adm
password1
password
passwd
pass1234
pass
pwd
007
1
12
123
1234
12345
123456
1234567
12345678
123456789
1234567890
2000
2001
2002
2003
2004
test
guest
none
demo
unix
linux
changeme
default
system
server
root
null
qwerty
mail
outlook
web
www
internet
accounts
accounting
home
homeuser
user
oem
oemuser
oeminstall
windows
win98
win2k
winxp
winnt
win2000
qaz
asd
zxc
qwe
bob
jen
joe
fred
bill
mike
john
peter
luke
sam
sue
susan
peter
brian
lee
neil
ian
chris
eric
george
kate
bob
katie
mary
login
loginpass
technical
backup
exchange
fuck
bitch
slut
sex
god
hell
hello
domain
domainpass
domainpassword
database
access
dbpass
dbpassword
databasepass
data
databasepassword
db1
db2
db1234
sa
sql
sqlpassoainstall
orainstall
oracle
ibm
cisco
dell
compaq
siemens
hp
nokia
xp
control
office
blank
winpass
main
lan
internet
intranet
student
teacher
staff