system
6
win32:sdbot-194-B → VGREP → http://vil.nai.com/vil/content/v_100454.htm
→
– Update August 11, 2004 –
There are now over 4000 variants of this threat, … and this number continues to grow at a rapid rate.
YAHOOOOO!!!

Avast will soon run out of numbers for naming Win32:SDBOT-xxx,
as they are presently at “Win32:SdBot-982 [Trj]”; I’d guess that most numbers include different variants/packers

a bit OT:
"Many share jumping viruses rely on weak usernames/passwords. …
Such worms often rely on the presence of default, admin shares. It is a good idea to remove the administrative shares (C$, IPC$, ADMIN$) on all systems to prevent such spreading. A simple batch file containing the following commands may be of help, especially when run from a logon script, or placed in the startup folder.
* net share c$ /delete
* net share d$ /delete
* net share e$ /delete
* net share ipc$ /delete
- net share admin$ /delete "
What do you think of this ?
has anybody implemented this somehow ?
