W32.Gibe@mm

Risk Level 2: Low

Download Removal Tool | Printer Friendly Page

Discovered: March 4, 2002

Updated: February 13, 2007 11:50:21 AM

Also Known As: W32/Gibe@mm, WORM_GIBE.A, W32/Gibe-A, I-Worm.Gibe, W32/Gibe.A@mm, Win32.Gibe.A, W32/Gibe@MM

Type: Trojan Horse, Worm

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP

W32.Gibe@mm is a worm that uses Microsoft Outlook and its own SMTP engine to spread. This worm arrives in an email message--which is disguised as a Microsoft Internet Security Update--as the attachment Q216309.exe. The worm also attempts to copy itself to all locally mapped remote drives.

It has been discovered that this worm may distribute corrupted copies of itself which are non-functional. Virus definitions dated March 11, 2002 or later will detect these as W32.Gibe.dam. Files detected as such must be deleted.

Protection

Initial Rapid Release version March 5, 2002
Latest Rapid Release version July 19, 2008 revision 019
Initial Daily Certified version March 5, 2002
Latest Daily Certified version January 20, 2009 revision 048
Initial Weekly Certified release date March 6, 2002

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

Wild Level: Medium
Number of Infections: More than 1000
Number of Sites: More than 10
Geographical Distribution: High
Threat Containment: Easy
Removal: Moderate

Damage

Damage Level: Medium

Distribution

Distribution Level: High

Writeup By: Gor Nazaryan

Technical Details

Search Threats

Search by name

_{Example: W32.Beagle.AG@mm}