W32.Sistdi


Aliases: Win32.Ditex, Virus.Win32.Ditex, W32/Idtsys, Win32.Idtsys.32768, W32/Weird-F,
Variants: Win32/Idtsys.A, PE_IDTSYS.A-O, Win32:Ditex, Win32/Ditex, Win32.Idtsys.A,

Classification: Malware
Category: Computer Virus

Status: Active & Spreading
Spreading: Fast
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Hard
Platform: W32
Discovered: 20 Jan 2003
Damage: High

Characteristics: The W32.Sistdi program is a polymorphic, encrypted Windows virus that contaminates Windows PE or Portable Executable files in all the subfolders and folders and on all the mapped network drives and local hard drives. The virus has backdoor abilities that provide an attacker unauthorized access to a contaminated computer.

More details about W32.Sistdi

The W32.Sistdi application is a polymorphic, encrypted Win32 virus that contaminates Windows PE or Portable Executable files in all the subfolders and folders and on all the mapped network drives and local hard drives. The W32.Sistdi virus also has a backdoor ability that provides an attacker unauthorized access to a contaminated computer. When a file infected w/ W32.Sistdi is opened, the virus makes the “C:\%Windir%Tdi.sys” file. The qualities of these files are set to Archive and Hidden. This file is the pure vital part of the virus.

The W32.Sistdi finds all the Windows PE or Portable Executable files w/ the “.exe” extension in all the subfolders and folders and on all the mapped network drives and local hard drives. The W32.Sistdi virus appends its body to the files it searches. The size of the contaminated file rises by 36,864 bytes. The virus opens TCP port to link to the hacker. This enables the hacker to distantly manipulate your computer system and make some action, such as running and uploading files on it. This application may enter a computer through security errors and system vulnerabilities. It may be downloaded by another Trojan application on the computer. The Trojan software may automatically be downloaded on the user’s computer when the user accesses websites that are not secure. This happens when the affected computer is not protected by a security program or a firewall.