¿Necesita ayuda? Pregunte a la comunidad o contrate a un experto.
Ir a Avira Answers
Alias:Backdoor.SdBot.gen (AVP), Backdoor/IRC.SdBot (RAV), Mindjail, W32.HLLW.Cult.C@mm (Symantec)
Damage:Spreads by email and IRC. 
VDF Version:  

DistributionThe email sent by the worm looks as below:

Subject: Hi, I sent you an eCard from BlueMountain.com

Body: To view your eCard, open the attachment If you have any comments or questions, please visit http://www.bluemountain.com/customer/index.pd Thanks for using BlueMountain.com.

Attachment: BlueMountaineCard.pif

The Trojan connects to the IRC port to receive instructions for Denial of Service attacks or for downloading and executing programs.

Technical DetailsWhen the attachment is opened, the local system is infected.
The worm is copied in Windows System directory (%SysDir%) as iexplorer.exe and the following registry autostart entry is made:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ Run "sysconfig" = iexplorer.exe
Descripción insertada por Crony Walker el martes, 15 de junio de 2004

Volver . . . .