1. /
  2. Security Response/
  3. VBS.Potok@mm

VBS.Potok@mm

Risk Level 2: Low

Discovered:
July 30, 2001
Updated:
February 13, 2007 11:58:26 AM
Also Known As:
Bloodhound.VBS.Worm, VBS.Potok.A [Computer Associat, VBS.Stream.A, VBS/Stream, VBS/Vdrive@MM, VBS/Potok@MM [McAfee], I-Worm.Potok [Kaspersky], VBS_POTOK.A [Trend], VBS/Potok-A [Sophos]
Type:
Worm
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP


The VBS.Potok@mm worm is a simple Visual Basic script that exploits a little-known feature of Windows NT/2000 to spread. It sends itself to the first 50 recipients in the Microsoft Outlook Address Book. It attempts to add a new user to the infected computer and grant the user Administrator rights. The sample of this worm the Symantec AntiVirus Research Center (SARC) received has bugs that prevent it from operating correctly.

Antivirus Protection Dates

  • Initial Rapid Release version July 30, 2001
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version July 30, 2001
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date July 30, 2001
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 50 - 999
  • Number of Sites: 3 - 9
  • Geographical Distribution: Medium
  • Threat Containment: Easy
  • Removal: Moderate

Damage

  • Damage Level: Low

Distribution

  • Distribution Level: High
Writeup By: Jimmy Shah

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver