W32.Dalbug.Worm

Risk Level 1: Very Low

Printer Friendly Page

Discovered: July 8, 2002

Updated: February 13, 2007 11:39:32 AM

Also Known As: W32/Ladex.worm [McAfee], Worm.Win32.Ladex.a [KAV], Worm.Win32.Ladex.b [KAV], WORM_LADEX.A [Trend], W32/Ladex-A [Sophos], W32/Ladex-B [Sophos], Win32.Ladex [CA]

Type: Worm

Systems Affected: Microsoft IIS, Windows 2000, Windows NT, Windows XP

W32.Dalbug.Worm will only replicate under NT/2000/XP systems. It spreads by attacking computers that have open user accounts and shares, installing itself remotely as a service on the victim's computer.

NOTE: Definitions dated prior to July 9, 2002 will detect this as WNT.YdalBug.Worm.

Definitions dated prior to July 9, 2002 will detect this as WNT.YdalBug.Worm.

Protection

Initial Rapid Release version July 8, 2002
Latest Rapid Release version August 20, 2008 revision 017
Initial Daily Certified version July 8, 2002
Latest Daily Certified version January 20, 2009 revision 048
Initial Weekly Certified release date July 8, 2002

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

Wild Level: Low
Number of Infections: 0 - 49
Number of Sites: 0 - 2
Geographical Distribution: Low
Threat Containment: Easy
Removal: Easy

Damage

Damage Level: Low

Distribution

Distribution Level: Low

Writeup By: Atli Gudmundsson

Technical Details

Search Threats

Search by name

_{Example: W32.Beagle.AG@mm}