WORM_SDBOT.DMA
ALIASES:
TrojanDropper:Win32/Loring (Microsoft); [00031be0.EXE]:W32/Sdbot.worm.gen (McAfee); W32.Kwbot.Worm (Symantec); PAK:ASPack, Trojan-Dropper.Win32.Loring (Kaspersky); BehavesLike.Win32.Malware.bsm (vs) (Sunbelt); Trojan.Generic.3298027 (FSecure)
PLATFORM:
Windows 2000, Windows XP, Windows Server 2003
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
Threat Type: Worm
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
TECHNICAL DETAILS
File Size: 326,543 bytes
File Type: EXE
Memory Resident: Yes
Initial Samples Received Date: 10 May 2012
Arrival Details
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Installation
This worm drops the following copies of itself into the affected system:
- %System%\drivers32\Thief 3 No-Cd Crack.exe
- %System%\drivers32\Thief 2 No-Cd Crack.exe
- %System%\drivers32\MVP Baseball 2003 No-Cd Crack.exe
- %System%\drivers32\Madden NFL 2004 No-Cd Crack.exe
- %System%\drivers32\Madden NFL 2003 No-Cd Crack.exe
- %System%\drivers32\NCAA Football 2004 No-Cd Crack.exe
- %System%\drivers32\NCAA Football 2003 No-Cd Crack.exe
- %System%\drivers32\Tiger Woods PGA TOUR 2003 No-Cd Crack.exe
- %System%\drivers32\Tiger Woods PGA TOUR 2002 No-Cd Crack.exe
- %System%\drivers32\NHL 2003 No-Cd Crack.exe
- %System%\drivers32\NHL 2002 No-Cd Crack.exe
- %System%\drivers32\F1 2002 No-Cd Crack.exe
- %System%\drivers32\NASCAR Thunder 2003 No-Cd Crack.exe
- %System%\drivers32\WinZip 8.1 Crack.exe
- %System%\drivers32\WinZip 8.0 Crack.exe
- %System%\drivers32\Ad-aware 6.0 Crack.exe
- %System%\drivers32\Download Accelerator Plus 5.3 Crack.exe
- %System%\drivers32\DAP Plus 5.3 Crack.exe
- %System%\drivers32\WinRAR 3.11 Crack.exe
- %System%\drivers32\WinRAR 3.12 Crack.exe
- %System%\drivers32\RealOne Player 2.0 Crack.exe
- %System%\drivers32\Divx 5.x Crack.exe
- %System%\drivers32\ZoneAlarm 3.7.143 Crack.exe
- %System%\drivers32\ZoneAlarm 3.8 Crack.exe
- %System%\drivers32\ZoneAlarm 3.x Crack.exe
- %System%\drivers32\Adobe Acrobat 5.x Crack.exe
- %System%\drivers32\WS_FTP 5.x Crack.exe
- %System%\drivers32\SolSuite 2003 Crack.exe
- %System%\drivers32\QuickTime 6.x Crack.exe
- %System%\drivers32\Winamp 2.91 Crack.exe
- %System%\drivers32\Winamp 3.x Crack.exe
- %System%\drivers32\Easy CD-DA Extractor 5.1 Crack.exe
- %System%\drivers32\Easy CD-DA Extractor 5.x Crack.exe
- %System%\drivers32\MusicMatch Jukebox 8.0 Crack.exe
- %System%\drivers32\MusicMatch Jukebox 8.x Crack.exe
- %System%\drivers32\Internet Download Manager 3.15 Crack.exe
- %System%\drivers32\Internet Download Manager 3.x Crack.exe
- %System%\drivers32\WinZip 9.x Crack.exe
- %System%\drivers32\PhotoShow 2.0 Crack.exe
- %System%\drivers32\PhotoShow 2.x Crack.exe
- %System%\drivers32\SWiSH 2.0 Crack.exe
- %System%\drivers32\SWiSH 2.x Crack.exe
- %System%\drivers32\ACDSee 2.4.x Crack.exe
- %System%\drivers32\Paint Shop Pro 8.x Crack.exe
- %System%\drivers32\Adobe Photoshop 7.x Crack.exe
- %System%\drivers32\Adobe Photoshop 8.x Crack.exe
- %System%\drivers32\Paint Shop Pro 9.x Crack.exe
- %System%\drivers32\Macromedia Flash MX 6.x Crack.exe
- %System%\drivers32\Ulead PhotoImpact 8.x Crack.exe
- %System%\drivers32\Ulead PhotoImpact 9.x Crack.exe
- %System%\drivers32\Ulead GIF Animator 5.x Crack.exe
- %System%\drivers32\Ulead GIF Animator 6.x Crack.exe
- %System%\drivers32\Nero Burning ROM 5.5.x Crack.exe
- %System%\drivers32\Nero Burning ROM 6.x Crack.exe
- %System%\drivers32\Network Cable e ADSL Speed 1.x Crack.exe
- %System%\drivers32\Network Cable e ADSL Speed 1.0.6 Crack.exe
- %System%\drivers32\NetPumper 1.03 Crack.exe
- %System%\drivers32\Internet Turbo 2003 5.4 Crack.exe
- %System%\drivers32\Internet Turbo 2003 5.x Crack.exe
- %System%\drivers32\KaZaA Speedup 3.03 Crack.exe
- %System%\drivers32\KaZaA Speedup 3.x Crack.exe
- %System%\drivers32\GetRight 5.0 Crack.exe
- %System%\drivers32\GetRight 5.x Crack.exe
- %System%\drivers32\GetRight 6.x Crack.exe
- %System%\drivers32\mIRC 6.03 Crack.exe
- %System%\drivers32\mIRC 6.x Crack.exe
- %System%\drivers32\Alpha Communicator 5.0 Crack.exe
- %System%\drivers32\Direct Connect 1.x Crack.exe
- %System%\drivers32\ICUII 5.7 Crack.exe
- %System%\drivers32\GeoWhere 2.11 Crack.exe
- %System%\drivers32\GeoWhere 2.x Crack.exe
- %System%\drivers32\LingoWare 3.0 Crack.exe
- %System%\drivers32\FlashGet 1.3 Crack.exe
- %System%\drivers32\FlashGet 1.x Crack.exe
- %System%\drivers32\SnagIt 6.2.2 Crack.exe
- %System%\drivers32\Hex Workshop Hex Editor 4.1 Crack.exe
- %System%\drivers32\UltraEdit-32 10.00b Crack.exe
- %System%\drivers32\UltraEdit-32 10.x Crack.exe
- %System%\drivers32\Armor2net Personal Firewall 3.1 Crack.exe
- %System%\drivers32\WinAce 2.2 Crack.exe
- %System%\drivers32\WinAce 2.x Crack.exe
- %System%\drivers32\CloneCD 4.x Crack.exe
- %System%\drivers32\CloneCD 5.0 Crack.exe
- %System%\drivers32\FlashFXP 1.4 Crack.exe
- %System%\drivers32\FlashFXP 1.x Crack.exe
- %System%\drivers32\WindowBlinds 4.0 Crack.exe
- %System%\drivers32\WindowBlinds 4.x Crack.exe
- %System%\drivers32\IconPackager 2.12 Crack.exe
- %System%\drivers32\IconPackager 2.x Crack.exe
- %System%\drivers32\Microangelo 5.58 Crack.exe
- %System%\drivers32\Microangelo 5.x Crack.exe
- %System%\drivers32\Microangelo 6.x Crack.exe
- %System%\drivers32\Soul Reaver 3 Serial Generator.exe
- %System%\drivers32\Half-Life Serial Generator.exe
- %System%\drivers32\Half-Life II Serial Generator.exe
- %System%\drivers32\Knights of the Temple Serial Generator.exe
- %System%\drivers32\Tomb Raider - The Angel of Darkness Serial Generator.exe
- %System%\drivers32\Age of Mythology - The Titans Serial Generator.exe
- %System%\drivers32\Sniper Elite - Berlin 1943 Serial Generator.exe
- %System%\drivers32\Chrome Serial Generator.exe
- %System%\drivers32\Etherlords II Serial Generator.exe
- %System%\drivers32\Halo Serial Generator.exe
- %System%\drivers32\Dark Age of Camelot - Trials of Atlantis Serial Generator.exe
- %System%\drivers32\Lords of EverQuest Serial Generator.exe
- %System%\drivers32\FireStarter Serial Generator.exe
- %System%\drivers32\Unreal Tournament 2004 Serial Generator.exe
- %System%\drivers32\Unreal Tournament 2003 Serial Generator.exe
- %System%\drivers32\UT 2004 Serial Generator.exe
- %System%\drivers32\UT 2003 Serial Generator.exe
- %System%\drivers32\Kings of War Serial Generator.exe
- %System%\drivers32\Xenus Serial Generator.exe
- %System%\drivers32\Black & White 2 Serial Generator.exe
- %System%\drivers32\FIFA Soccer 2004 Serial Generator.exe
- %System%\drivers32\FIFA Soccer 2003 Serial Generator.exe
- %System%\drivers32\Commandos 3 - Destination Berlin Serial Generator.exe
- %System%\drivers32\Train Simulator 2 Serial Generator.exe
- %System%\drivers32\Flight Simulator - Century of Flight Serial Generator.exe
- %System%\drivers32\Need for Speed Underground Serial Generator.exe
- %System%\drivers32\Metal Gear Solid Serial Generator.exe
- %System%\drivers32\Metal Gear Solid 2 Serial Generator.exe
- %System%\drivers32\Raven Shield Serial Generator.exe
- %System%\drivers32\Rainbow Six 3 - Raven Shield Serial Generator.exe
- %System%\drivers32\Delta Force - Black Hawk Down Serial Generator.exe
- %System%\drivers32\Praetorians Serial Generator.exe
- %System%\drivers32\NASCAR Racing 2003 Serial Generator.exe
- %System%\drivers32\Splinter Cell Serial Generator.exe
- %System%\drivers32\Command & Conquer Generals Serial Generator.exe
- %System%\drivers32\SimCity 4 Serial Generator.exe
- %System%\drivers32\Battlefield 1942 - The Road to Rome Serial Generator.exe
- %System%\drivers32\Elder Scrolls III - Tribunal Serial Generator.exe
- %System%\drivers32\NBA Live 2003 Serial Generator.exe
- %System%\drivers32\NBA Live 2004 Serial Generator.exe
- %System%\drivers32\IL-2 Sturmovik - Forgotten Battles Serial Generator.exe
- %System%\drivers32\Warcraft III - The Frozen Throne Serial Generator.exe
- %System%\drivers32\Warcraft III Serial Generator.exe
- %System%\drivers32\Warcraft 3 Serial Generator.exe
- %System%\drivers32\Grand Theft Auto - Vice City Serial Generator.exe
- %System%\drivers32\Return to Castle Wolfenstein Enemy Territory Serial Generator.exe
- %System%\drivers32\Return to Castle Wolfenstein Serial Generator.exe
- %System%\drivers32\Star Trek - Elite Force II Serial Generator.exe
- %System%\drivers32\Neverwinter Nights - Shadows of Undrentide Serial Generator.exe
- %System%\drivers32\The Sims Superstar Serial Generator.exe
- %System%\drivers32\Tony Hawks Pro Skater 4 Serial Generator.exe
- %System%\drivers32\Counter-Strike - Condition Zero Serial Generator.exe
- %System%\drivers32\Age of Wonders II - Shadow Magic Serial Generator.exe
- %System%\drivers32\Alpha Communicator 5.0 Serial Generator.exe
- %System%\drivers32\NASCAR Thunder 2004 Serial Generator.exe
- %System%\drivers32\Lords of the Realm III Serial Generator.exe
- %System%\drivers32\Civilization III - Conquest Serial Generator.exe
- %System%\drivers32\Conflict - Desert Storm II - Back to Baghdad Serial Generator.exe
- %System%\drivers32\Harry Potter - Quidditch World Cup Serial Generator.exe
- %System%\drivers32\Railroad Tycoon III Serial Generator.exe
- %System%\drivers32\Battlefield 1942 - Secret Weapons of World War II Serial Generator.exe
- %System%\drivers32\DOOM 3 Serial Generator.exe
- %System%\drivers32\DOOM III Serial Generator.exe
- %System%\drivers32\EverQuest 2 Serial Generator.exe
- %System%\drivers32\Freedom - Soldiers of Liberty Serial Generator.exe
- %System%\drivers32\Lord of the Rings - The Two Towers Serial Generator.exe
- %System%\drivers32\Max Payne 2 - The Fall of Max Payne Serial Generator.exe
- %System%\drivers32\Medal of Honor - Allied Assault Breakthrough Serial Generator.exe
- %System%\drivers32\Silent Hill 3 Serial Generator.exe
- %System%\drivers32\Silent Hill III Serial Generator.exe
- %System%\drivers32\SimCity 4 Rush Hour Serial Generator.exe
- %System%\drivers32\SimCity IV Serial Generator.exe
- %System%\drivers32\Star Wars Jedi Knight - Jedi Academy Serial Generator.exe
- %System%\drivers32\Star Wars - Knights of the Old Republic Serial Generator.exe
- %System%\drivers32\Train Simulator II Serial Generator.exe
- %System%\drivers32\Soul Reaver III Serial Generator.exe
- %System%\drivers32\Warlords IV - Heroes of Etheria Serial Generator.exe
- %System%\drivers32\Warlords 4 Serial Generator.exe
- %System%\drivers32\World War II - Frontline Command Serial Generator.exe
- %System%\drivers32\Lord of the Rings - War of the Ring Serial Generator.exe
- %System%\drivers32\Metal Gear Solid 3 Serial Generator.exe
- %System%\drivers32\Metal Gear Solid III Serial Generator.exe
- %System%\drivers32\Hitman 3 Serial Generator.exe
- %System%\drivers32\Hitman III Serial Generator.exe
- %System%\drivers32\Hitman 2 Serial Generator.exe
- %System%\drivers32\Hitman II Serial Generator.exe
- %System%\drivers32\Trinity Serial Generator.exe
- %System%\drivers32\MechWarrior 5 Serial Generator.exe
- %System%\drivers32\MechWarrior 4 Serial Generator.exe
- %System%\drivers32\MechWarrior 3 Serial Generator.exe
- %System%\drivers32\MechWarrior V Serial Generator.exe
- %System%\drivers32\MechWarrior IV Serial Generator.exe
- %System%\drivers32\MechWarrior III Serial Generator.exe
- %System%\drivers32\Midtown Madness 3 Serial Generator.exe
- %System%\drivers32\Midtown Madness III Serial Generator.exe
- %System%\drivers32\Midtown Madness 2 Serial Generator.exe
- %System%\drivers32\Midtown Madness II Serial Generator.exe
- %System%\drivers32\Quake IV Serial Generator.exe
- %System%\drivers32\Quake 4 Serial Generator.exe
- %System%\drivers32\Quake 3 Serial Generator.exe
- %System%\drivers32\Quake III Serial Generator.exe
- %System%\drivers32\Shrek 2 Serial Generator.exe
- %System%\drivers32\Shrek II Serial Generator.exe
- %System%\drivers32\Thief III Serial Generator.exe
- %System%\drivers32\Thief II Serial Generator.exe
- %System%\drivers32\Thief 3 Serial Generator.exe
- %System%\drivers32\Thief 2 Serial Generator.exe
- %System%\drivers32\MVP Baseball 2003 Serial Generator.exe
- %System%\drivers32\Madden NFL 2004 Serial Generator.exe
- %System%\drivers32\Madden NFL 2003 Serial Generator.exe
- %System%\drivers32\NCAA Football 2004 Serial Generator.exe
- %System%\drivers32\NCAA Football 2003 Serial Generator.exe
- %System%\drivers32\Tiger Woods PGA TOUR 2003 Serial Generator.exe
- %System%\drivers32\Tiger Woods PGA TOUR 2002 Serial Generator.exe
- %System%\drivers32\NHL 2003 Serial Generator.exe
- %System%\drivers32\NHL 2002 Serial Generator.exe
- %System%\drivers32\F1 2002 Serial Generator.exe
- %System%\drivers32\NASCAR Thunder 2003 Serial Generator.exe
- %System%\drivers32\WinZip 8.1 Serial Generator.exe
- %System%\drivers32\WinZip 8.0 Serial Generator.exe
- %System%\drivers32\Ad-aware 6.0 Serial Generator.exe
- %System%\drivers32\Download Accelerator Plus 5.3 Serial Generator.exe
- %System%\drivers32\DAP Plus 5.3 Serial Generator.exe
- %System%\drivers32\WinRAR 3.11 Serial Generator.exe
- %System%\drivers32\WinRAR 3.12 Serial Generator.exe
- %System%\drivers32\RealOne Player 2.0 Serial Generator.exe
- %System%\drivers32\Divx 5.x Serial Generator.exe
- %System%\drivers32\ZoneAlarm 3.7.143 Serial Generator.exe
- %System%\drivers32\ZoneAlarm 3.8x Serial Generator.exe
- %System%\drivers32\ZoneAlarm 3.x Serial Generator.exe
- %System%\drivers32\Adobe Acrobat 5.x Serial Generator.exe
- %System%\drivers32\WS_FTP 5.x Serial Generator.exe
- %System%\drivers32\SolSuite 2003 Serial Generator.exe
- %System%\drivers32\QuickTime 6.x Serial Generator.exe
- %System%\drivers32\Winamp 2.91 Serial Generator.exe
- %System%\drivers32\Winamp 3.x Serial Generator.exe
- %System%\drivers32\Easy CD-DA Extractor 5.1 Serial Generator.exe
- %System%\drivers32\Easy CD-DA Extractor 5.x Serial Generator.exe
- %System%\drivers32\MusicMatch Jukebox 8.0 Serial Generator.exe
- %System%\drivers32\MusicMatch Jukebox 8.x Serial Generator.exe
- %System%\drivers32\Internet Download Manager 3.15 Serial Generator.exe
- %System%\drivers32\Internet Download Manager 3.x Serial Generator.exe
- %System%\drivers32\WinZip 9.x Serial Generator.exe
- %System%\drivers32\PhotoShow 2.0 Serial Generator.exe
- %System%\drivers32\PhotoShow 2.x Serial Generator.exe
- %System%\drivers32\SWiSH 2.0 Serial Generator.exe
- %System%\drivers32\SWiSH 2.x Serial Generator.exe
- %System%\drivers32\ACDSee 2.4.x Serial Generator.exe
- %System%\drivers32\Paint Shop Pro 8.x Serial Generator.exe
- %System%\drivers32\Adobe Photoshop 7.x Serial Generator.exe
- %System%\drivers32\Adobe Photoshop 8.x Serial Generator.exe
- %System%\drivers32\Paint Shop Pro 9.x Serial Generator.exe
- %System%\drivers32\Macromedia Flash MX 6.x Serial Generator.exe
- %System%\drivers32\Ulead PhotoImpact 8.x Serial Generator.exe
- %System%\drivers32\Ulead PhotoImpact 9.x Serial Generator.exe
- %System%\drivers32\Ulead GIF Animator 5.x Serial Generator.exe
- %System%\drivers32\Ulead GIF Animator 6.x Serial Generator.exe
- %System%\drivers32\Nero Burning ROM 5.5.x Serial Generator.exe
- %System%\drivers32\Nero Burning ROM 6.x Serial Generator.exe
- %System%\drivers32\Network Cable e ADSL Speed 1.x Serial Generator.exe
- %System%\drivers32\Network Cable e ADSL Speed 1.0.6 Serial Generator.exe
- %System%\drivers32\NetPumper 1.03 Serial Generator.exe
- %System%\drivers32\Internet Turbo 2003 5.4 Serial Generator.exe
- %System%\drivers32\Internet Turbo 2003 5.x Serial Generator.exe
- %System%\drivers32\KaZaA Speedup 3.03 Serial Generator.exe
- %System%\drivers32\KaZaA Speedup 3.x Serial Generator.exe
- %System%\drivers32\GetRight 5.0 Serial Generator.exe
- %System%\drivers32\GetRight 5.x Serial Generator.exe
- %System%\drivers32\GetRight 6.x Serial Generator.exe
- %System%\drivers32\mIRC 6.03 Serial Generator.exe
- %System%\drivers32\mIRC 6.x Serial Generator.exe
- %System%\drivers32\Direct Connect 1.x Serial Generator.exe
- %System%\drivers32\ICUII 5.7 Serial Generator.exe
- %System%\drivers32\ICUII 5.x.exe.exe
- %System%\drivers32\GeoWhere 2.11 Serial Generator.exe
- %System%\drivers32\GeoWhere 2.x Serial Generator.exe
- %System%\drivers32\LingoWare 3.0 Serial Generator.exe
- %System%\drivers32\FlashGet 1.3 Serial Generator.exe
- %System%\drivers32\FlashGet 1.x Serial Generator.exe
- %System%\drivers32\SnagIt 6.2.2 Serial Generator.exe
- %System%\drivers32\Hex Workshop Hex Editor 4.1 Serial Generator.exe
- %System%\drivers32\UltraEdit-32 10.00b Serial Generator.exe
- %System%\drivers32\UltraEdit-32 10.x Serial Generator.exe
- %System%\drivers32\Armor2net Personal Firewall 3.1 Serial Generator.exe
- %System%\drivers32\WinAce 2.2 Serial Generator.exe
- %System%\drivers32\WinAce 2.x Serial Generator.exe
- %System%\drivers32\CloneCD 4.x Serial Generator.exe
- %System%\drivers32\CloneCD 5.0 Serial Generator.exe
- %System%\drivers32\FlashFXP 1.4 Serial Generator.exe
- %System%\drivers32\FlashFXP 1.x Serial Generator.exe
- %System%\drivers32\WindowBlinds 4.0 Serial Generator.exe
- %System%\drivers32\WindowBlinds 4.x Serial Generator.exe
- %System%\drivers32\IconPackager 2.12 Serial Generator.exe
- %System%\drivers32\IconPackager 2.x Serial Generator.exe
- %System%\drivers32\Microangelo 5.58 Serial Generator.exe
- %System%\drivers32\Microangelo 5.x Serial Generator.exe
- %System%\drivers32\Microangelo 6.x Serial Generator.exe
- %System%\drivers32\Half-Life 2 No-Cd Crack.exe
- %System%\drivers32\Half-Life No-Cd Crack.exe
- %System%\drivers32\Half-Life II No-Cd Crack.exe
- %System%\drivers32\Knights of the Temple No-Cd Crack.exe
- %System%\drivers32\Tomb Raider - The Angel of Darkness No-Cd Crack.exe
- %System%\drivers32\Age of Mythology - The Titans No-Cd Crack.exe
- %System%\drivers32\Sniper Elite - Berlin 1943 No-Cd Crack.exe
- %System%\drivers32\Chrome No-Cd Crack.exe
- %System%\drivers32\Etherlords II No-Cd Crack.exe
- %System%\drivers32\Halo No-Cd Crack.exe
- %System%\drivers32\Dark Age of Camelot - Trials of Atlantis No-Cd Crack.exe
- %System%\drivers32\Lords of EverQuest No-Cd Crack.exe
- %System%\drivers32\FireStarter No-Cd Crack.exe
- %System%\drivers32\Unreal Tournament 2004 No-Cd Crack.exe
- %System%\drivers32\Unreal Tournament 2003 No-Cd Crack.exe
- %System%\drivers32\UT 2004 No-Cd Crack.exe
- %System%\drivers32\UT 2003 No-Cd Crack.exe
- %System%\drivers32\Kings of War No-Cd Crack.exe
- %System%\drivers32\Xenus No-Cd Crack.exe
- %System%\drivers32\Black & White 2 No-Cd Crack.exe
- %System%\drivers32\FIFA Soccer 2004 No-Cd Crack.exe
- %System%\drivers32\FIFA Soccer 2003 No-Cd Crack.exe
- %System%\drivers32\Commandos 3 - Destination Berlin No-Cd Crack.exe
- %System%\drivers32\Train Simulator 2 No-Cd Crack.exe
- %System%\drivers32\Flight Simulator - Century of Flight No-Cd Crack.exe
- %System%\drivers32\Need for Speed Underground No-Cd Crack.exe
- %System%\drivers32\Metal Gear Solid No-Cd Crack.exe
- %System%\drivers32\Metal Gear Solid 2 No-Cd Crack.exe
- %System%\drivers32\Raven Shield No-Cd Crack.exe
- %System%\drivers32\Rainbow Six 3 - Raven Shield No-Cd Crack.exe
- %System%\drivers32\Delta Force - Black Hawk Down No-Cd Crack.exe
- %System%\drivers32\Praetorians No-Cd Crack.exe
- %System%\drivers32\NASCAR Racing 2003 No-Cd Crack.exe
- %System%\drivers32\Splinter Cell No-Cd Crack.exe
- %System%\drivers32\Command & Conquer Generals No-Cd Crack.exe
- %System%\drivers32\SimCity 4 No-Cd Crack.exe
- %System%\drivers32\Battlefield 1942 - The Road to Rome No-Cd Crack.exe
- %System%\drivers32\Elder Scrolls III - Tribunal No-Cd Crack.exe
- %System%\drivers32\NBA Live 2003 No-Cd Crack.exe
- %System%\drivers32\NBA Live 2004 No-Cd Crack.exe
- %System%\drivers32\IL-2 Sturmovik - Forgotten Battles No-Cd Crack.exe
- %System%\drivers32\Warcraft III - The Frozen Throne No-Cd Crack.exe
- %System%\drivers32\Warcraft III No-Cd Crack.exe
- %System%\drivers32\Warcraft 3 No-Cd Crack.exe
- %System%\drivers32\Grand Theft Auto - Vice City No-Cd Crack.exe
- %System%\drivers32\Return to Castle Wolfenstein Enemy Territory No-Cd Crack.exe
- %System%\drivers32\Return to Castle Wolfenstein No-Cd Crack.exe
- %System%\drivers32\Star Trek - Elite Force II No-Cd Crack.exe
- %System%\drivers32\Neverwinter Nights - Shadows of Undrentide No-Cd Crack.exe
- %System%\drivers32\The Sims Superstar No-Cd Crack.exe
- %System%\drivers32\Tony Hawks Pro Skater 4 No-Cd Crack.exe
- %System%\drivers32\Counter-Strike - Condition Zero No-Cd Crack.exe
- %System%\drivers32\Age of Wonders II - Shadow Magic No-Cd Crack.exe
- %System%\drivers32\ICUII 5.x.exe
- %System%\drivers32\NASCAR Thunder 2004 No-Cd Crack.exe
- %System%\drivers32\Lords of the Realm III No-Cd Crack.exe
- %System%\drivers32\Civilization III - Conquest No-Cd Crack.exe
- %System%\drivers32\Conflict - Desert Storm II - Back to Baghdad No-Cd Crack.exe
- %System%\drivers32\Harry Potter - Quidditch World Cup No-Cd Crack.exe
- %System%\drivers32\Railroad Tycoon III No-Cd Crack.exe
- %System%\drivers32\Battlefield 1942 - Secret Weapons of World War II No-Cd Crack.exe
- %System%\drivers32\DOOM 3 No-Cd Crack.exe
- %System%\drivers32\DOOM III No-Cd Crack.exe
- %System%\drivers32\EverQuest 2 No-Cd Crack.exe
- %System%\drivers32\Freedom - Soldiers of Liberty No-Cd Crack.exe
- %System%\drivers32\Lord of the Rings - The Two Towers No-Cd Crack.exe
- %System%\drivers32\Max Payne 2 - The Fall of Max Payne No-Cd Crack.exe
- %System%\drivers32\Medal of Honor - Allied Assault Breakthrough No-Cd Crack.exe
- %System%\drivers32\Silent Hill 3 No-Cd Crack.exe
- %System%\drivers32\Silent Hill III No-Cd Crack.exe
- %System%\drivers32\Half-Life 2 Serial Generator.exe
- %System%\drivers32\SimCity 4 Rush Hour No-Cd Crack.exe
- %System%\drivers32\SimCity IV No-Cd Crack.exe
- %System%\drivers32\Star Wars Jedi Knight - Jedi Academy No-Cd Crack.exe
- %System%\drivers32\Star Wars - Knights of the Old Republic No-Cd Crack.exe
- %System%\drivers32\Train Simulator II No-Cd Crack.exe
- %System%\drivers32\Soul Reaver 3 No-Cd Crack.exe
- %System%\drivers32\Soul Reaver III No-Cd Crack.exe
- %System%\drivers32\Warlords IV - Heroes of Etheria No-Cd Crack.exe
- %System%\drivers32\Warlords 4 No-Cd Crack.exe
- %System%\drivers32\World War II - Frontline Command No-Cd Crack.exe
- %System%\drivers32\Lord of the Rings - War of the Ring No-Cd Crack.exe
- %System%\drivers32\Metal Gear Solid 3 No-Cd Crack.exe
- %System%\drivers32\Metal Gear Solid III No-Cd Crack.exe
- %System%\drivers32\Hitman 3 No-Cd Crack.exe
- %System%\drivers32\Hitman III No-Cd Crack.exe
- %System%\drivers32\Hitman 2 No-Cd Crack.exe
- %System%\drivers32\Hitman II No-Cd Crack.exe
- %System%\drivers32\Trinity No-Cd Crack.exe
- %System%\drivers32\MechWarrior 5 No-Cd Crack.exe
- %System%\drivers32\MechWarrior 4 No-Cd Crack.exe
- %System%\drivers32\MechWarrior 3 No-Cd Crack.exe
- %System%\drivers32\MechWarrior V No-Cd Crack.exe
- %System%\drivers32\MechWarrior IV No-Cd Crack.exe
- %System%\drivers32\MechWarrior III No-Cd Crack.exe
- %System%\drivers32\Midtown Madness III No-Cd Crack.exe
- %System%\drivers32\Midtown Madness 3 No-Cd Crack.exe
- %System%\drivers32\Midtown Madness 2 No-Cd Crack.exe
- %System%\drivers32\Midtown Madness II No-Cd Crack.exe
- %System%\drivers32\Quake IV No-Cd Crack.exe
- %System%\drivers32\Quake 4 No-Cd Crack.exe
- %System%\drivers32\Quake 3 No-Cd Crack.exe
- %System%\drivers32\Quake III No-Cd Crack.exe
- %System%\drivers32\Shrek 2 No-Cd Crack.exe
- %System%\drivers32\Shrek II No-Cd Crack.exe
- %System%\drivers32\Thief III No-Cd Crack.exe
- %System%\drivers32\Thief II No-Cd Crack.exe
(Note: %System% is the Windows system folder, which is usually C:\Windows\System32.)
It creates the following folders:
- %System%\drivers32
(Note: %System% is the Windows system folder, which is usually C:\Windows\System32.)
Autostart Technique
This worm adds the following registry entries to enable its automatic execution at every system startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Run
SvcHosts32 = "%System%\svchosts.exe"
Dropping Routine
This worm drops the following files:
- %System%\svchosts.exe
- %System Root%\$$$$$.bat
(Note: %System% is the Windows system folder, which is usually C:\Windows\System32.. %System Root% is the root folder, which is usually C:\. It is also where the operating system is located.)
This report is generated via an automated analysis system.
SOLUTION
Minimum Scan Engine: 9.200
Step 1
Before doing any scans, Windows XP, Windows Vista, and Windows 7 users must disable System Restore to allow full scanning of their computers.
Step 2
Restart in Safe Mode
[ Learn More ]
Step 3
Delete this registry value
[ Learn More ]
Important: Editing the Windows Registry incorrectly can lead to irreversible system malfunction. Please do this step only if you know how or you can ask assistance from your system administrator. Else, check this Microsoft article first before modifying your computer's registry.
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- SvcHosts32 = "%System%\svchosts.exe"
Step 4
Search and delete these components
[ Learn More ]
There may be some components that are hidden. Please make sure you check the Search Hidden Files and Folders checkbox in the "More advanced options" option to include all hidden files and folders in the search result. - %System%\svchosts.exe
- %System Root%\$.bat
• For Windows Vista and Windows 7 users:
- Click Start>Computer.
- In the Search input box, type:
- %System%\svchosts.exe
- %System Root%\$.bat
- Once located, select the file then press SHIFT+DELETE to delete it.
- Repeat the said steps for all files listed.
*Note: Read the following Microsoft page if these steps do not work on Windows 7.
Step 5
Search and delete this folder
[ Learn More ]
Please make sure you check the Search Hidden Files and Folders checkbox in the More advanced options option to include all hidden folders in the search result. - %System%\drivers32
Step 6
Restart in normal mode and scan your computer with your Trend Micro product for files detected as WORM_SDBOT.DMA. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.
Did this description help? Tell us how we did.