W32/Sddrop-B

Category: Viruses and Spyware Protection available since:11 Apr 2003 00:00:00 (GMT)
Type: Win32 worm Last Updated:11 Apr 2003 00:00:00 (GMT)
Prevalence: No Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

W32/Sddrop-B is a worm that spreads via KaZaA and iMesh.

W32/Sddrop-B copies itself to C:\<Windows>\System as the file ms_32.exe and to C:\<Windows>\wTemp32 as the following hidden files:
Ad-aware 6.exe
American Flag Screensaver.exe
Anno 1503_crack.exe C&C
AOL_Instant_Messenger.exe
AVIPreview.exe
Battlefield1942_keygen.exe
bf1942 crack (new).exe
Boost XP.exe
C&C G patch (new).exe
C&C Generals Crack 3.0.exe
Cursor XP.exe
Daemon Tools.exe
Diablo 2 Crack.exe
Diet KaZaA.exe
DirectX_9.exe
Divx Bundle +XViD.exe
Divx_Bundle_Package_Crack.exe
Download Accelerator Plus 6.0.exe
DVD RipPlus 2.3.exe
eTrust_EZ_Anti-Virus.exe
GetRight 3.4.exe
Global DiVX Player 3.0.exe
Global DiVx Player.exe
Gothic 2 licence.exe
GotoMyPc.exe
Grokster.exe
GTA3 No CD Crack.exe
ICQ hacks.exe
ICQ Lite.exe
ICQ Pro 2003a beta.exe
iMesh 3.6.exe
iMesh 3.7b (beta).exe
iMesh.exe
IParmor.exe
kazaa 2 ++.exe
KaZaA Hack 2.5.0.exe
Kazaa Hack v2.1.exe
KaZaA Lite (New).exe
KaZaa Lite 1.7.2.exe
Kazaa Lite_Privacy_tool.exe
KaZaA Preview Extractor.exe
KaZooM MP3 Kazaa Accelerator.exe
K-Lite Codec_Pack 5.0.exe
l0pht crack.exe
Microsoft Internet Explorer SP1.exe
Microsoft_Products_Crack.exe
Morpheus.exe
MSN_Messenger 5.0.exe
NAV_2003 Crack.exe
Nero Burning ROM 6.7.8.1.exe
Nero Burning ROM_Keygen.exe
Net Pumper.exe
Never Winter Nights 4.3 crack.exe
Nimo Codec Pack.exe
Pop-Up Stopper.exe
Pornpasswords.exe
Privacy Defender.exe
pTrack FastTrack Manager 4.5.exe
QuickTime.exe
QuickTime_Pro_Crack.exe
RAM Booster.exe Free
RAM XP PRO.exe
Reg Scrub_XP.exe
Renegade_crack.exe
Serials_2003.exe
sof2 Crack.exe
Spam Alarm.exe
Spybot-Search & Destroy.exe
SWiSH.exe
Trillian Pro With Crack.exe
Virtua Girls.exe
Winamp 3.8.exe
Windows Media player 9.5b.exe
Windows_2000_Keygen.exe
Windows_XP_Activation_Crack.exe
Windows_XP_Keygen.exe
WinMX.exe
WinRAR 3.5b.exe
Winrar_Crack.exe
Winzip_Crack.exe
WS_FTP_LE.exe
XBox Emulator.exe
Yahoo Messenger.exe
ZoneAlarmPro_Crack.exe

W32/Sddrop-B can create the following KaZaA and iMesh registry entries in order to share the files it has dropped:

HKCU\Software\iMesh\Client\LocalContent\Dir<1-63>\ HKCU\Software\KaZaA\LocalContent\Dir<0-63>\

Both of these keys are set to point to "012345:C:\<Windows>\wTemp32"

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy