Aliases
Worm.P2P.SpyBot.gen, W32/Spybot.worm.gen, W32.Spybot.Worm
Type
Win32 worm
Description
W32/Spybot-BM is a peer-to-peer worm and backdoor Trojan that copies itself into the Windows system folder using a random name and sets the following registry entries:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\Winsock2 driver
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Winsock2 driver
W32/Spybot-BM creates the folder kazaabackupfiles in the Windows system folder and copies itself there using various filenames.
The worm also sets the following registry entry to point to this folder:
HKCU\Software\Kazaa\LocalContent\Dir0
W32/Spybot-BM terminates regedit.exe, taskmgr.exe, msconfig.exe and netstat.exe. The worm also logs on to a predefined IRC server to wait for backdoor commands.
http://www.sophos.com/virusinfo/analyses/w32spybotbm.html

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic