¿Necesita ayuda? Pregunte a la comunidad o contrate a un experto.
Ir a Avira Answers
Alias:Backdoor.SdBot.gen (AVP), Backdoor/IRC.SdBot (RAV), Mindjail, W32.HLLW.Cult.C@mm (Symantec)
Type:Worm 
Size:variable 
Origin: 
Date:00-00-0000 
Damage:Spreads by email and IRC. 
VDF Version:  
Danger:Low 
Distribution:Low 

DistributionThe email sent by the worm looks as below:

Subject: Hi, I sent you an eCard from BlueMountain.com

Body: To view your eCard, open the attachment If you have any comments or questions, please visit http://www.bluemountain.com/customer/index.pd Thanks for using BlueMountain.com.

Attachment: BlueMountaineCard.pif

The Trojan connects to the IRC port to receive instructions for Denial of Service attacks or for downloading and executing programs.

Technical DetailsWhen the attachment is opened, the local system is infected.
The worm is copied in Windows System directory (%SysDir%) as iexplorer.exe and the following registry autostart entry is made:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ Run "sysconfig" = iexplorer.exe
Descripción insertada por Crony Walker el martes, 15 de junio de 2004

Volver . . . .
https:// Esta ventana está cifrada para su seguridad.