Aliases
Backdoor.IRCBot.gen
Type
Win32 worm
Description
W32/SdBot-MY is a worm which spreads via network shares.
When first run the worm creates a copy of itself named MSIExxx.exe in the Windows system folder and adds the following registry entries to ensure that the copy is run every time Windows starts:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Threaded
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\Threaded
W32/SdBot-MY searches for shared folders with weak passwords and copies itself to the Windows system folder of a vulnerable computer as MSIExxx.exe.
The worm includes backdoor functions which can be controlled by a remote attacker over IRC.
http://www.sophos.com/virusinfo/analyses/w32sdbotmy.html

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic