Discovered: July 30, 2001
Updated: February 13, 2007 11:58:26 AM
Also Known As: Bloodhound.VBS.Worm, VBS.Potok.A [Computer Associat, VBS.Stream.A, VBS/Stream, VBS/Vdrive@MM, VBS/Potok@MM [McAfee], I-Worm.Potok [Kaspersky], VBS_POTOK.A [Trend], VBS/Potok-A [Sophos]
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
The VBS.Potok@mm worm is a simple Visual Basic script that exploits a little-known feature of Windows NT/2000 to spread. It sends itself to the first 50 recipients in the Microsoft Outlook Address Book. It attempts to add a new user to the infected computer and grant the user Administrator rights. The sample of this worm the Symantec AntiVirus Research Center (SARC) received has bugs that prevent it from operating correctly.
Protection
-
Initial Rapid Release version July 30, 2001
-
Latest Rapid Release version August 20, 2008 revision 017
-
Initial Daily Certified version July 30, 2001
-
Latest Daily Certified version August 20, 2008 revision 016
-
Initial Weekly Certified release date July 30, 2001
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 50 - 999
-
Number of Sites: 3 - 9
-
Geographical Distribution: Medium
-
Threat Containment: Easy
-
Removal: Moderate
Damage
Distribution
Writeup By: Jimmy Shah
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
