Den Virennamen in Google einzugeben muss wirklich schwer sein.
http://www.google.com/search?q=BDS%2...utf-8&oe=utf-8
Zitat:
WORM_MOEGA.A
Aliases: W32.HLLW.Moega, W32/Sdbot.worm.gen, Backdoor:IRC/SdBot.gen!, Backdoor.SdBot.gen, BDS/Sdbot.Gen.3
Description:
This memory-resident worm has backdoor capabilities and propagates by scanning for target hosts with weak passwords in the affected host’s domain.
It opens port 139 and connects to a remote Internet Relay Chat (IRC) server and joins a channel there. It allows the malicious user to send any of the following commands to process on the affected system:
* Get the IP of the affected host
* Enumerate all shares
* Terminate the malware process
* Flood a target host with SYN packet
* Connect to a specfied IRC Server
* Generate a random nickname
* Steal the CD keys of several popular computer games from the registry
* Get connection type of the affected host
* Get system information such as OS version, CPU speed and RAM size
* Open a file remotely
* Uninstall the malware
* Download an update from the Internet
* Visit a specified web site
It runs on windows NT, 2000 and XP systems.
|
30.01.2004, 14:02
Baum-Darstellung