1. /
  2. Security Response/
  3. VBS.Potok@mm


Risk Level 2: Low

July 30, 2001
February 13, 2007 11:58:26 AM
Also Known As:
Bloodhound.VBS.Worm, VBS.Potok.A [Computer Associat, VBS.Stream.A, VBS/Stream, VBS/Vdrive@MM, VBS/Potok@MM [McAfee], I-Worm.Potok [Kaspersky], VBS_POTOK.A [Trend], VBS/Potok-A [Sophos]
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP

The VBS.Potok@mm worm is a simple Visual Basic script that exploits a little-known feature of Windows NT/2000 to spread. It sends itself to the first 50 recipients in the Microsoft Outlook Address Book. It attempts to add a new user to the infected computer and grant the user Administrator rights. The sample of this worm the Symantec AntiVirus Research Center (SARC) received has bugs that prevent it from operating correctly.

Antivirus Protection Dates

  • Initial Rapid Release version July 30, 2001
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version July 30, 2001
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date July 30, 2001
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Jimmy Shah

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report