Aliases
Exploit-DcomRpc.gen, BKDR_SDBOT.GEN
Type
Win32 worm
Description
W32/Sdbot-AE is a worm that spreads on unpatched Windows systems by exploiting the RPC/DCOM vulnerability. The worm also has a backdoor component that allows a remote attacker access to a compromised system via the IRC network.
In order to run automatically when Windows starts up W32/Sdbot-AE creates the following registry entries pointing to the worm binary:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Windows Service
HKU\Software\Microsoft\Windows\CurrentVersion\Run\Windows Service
The spreading routine of the worm is activated remotely via the IRC control channel.
http://www.sophos.com/virusinfo/analyses/w32sdbotae.html

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic