W32.Spybot.IVQ

Risk Level 2: Low

Printer Friendly Page

Discovered: January 26, 2005

Updated: February 13, 2007 12:32:34 PM

Also Known As: Win32.ForBot.LM [Computer Asso, Backdoor.Win32.Wootbot.al [Kas, W32/Sdbot.worm!166912 [McAfee], W32/Forbot-DY [Sophos], WORM_WOOTBOT.FV [Trend Micro]

Type: Worm

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

W32.Spybot.IVQ is a worm that has distributed denial of service and back door capabilities. The worm spreads to network shares, MySQL servers and Microsoft SQL servers protected by weak passwords, and by exploiting system vulnerabilities.

Note: Virus definitions released January 26, 2005 detect this threat as W32.Spybot.Worm.

Protection

Initial Rapid Release version January 27, 2005
Latest Rapid Release version May 10, 2009 revision 034
Initial Daily Certified version January 27, 2005
Latest Daily Certified version May 11, 2009 revision 007
Initial Weekly Certified release date January 27, 2005

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

Wild Level: Low
Number of Infections: 0 - 49
Number of Sites: 0 - 2
Geographical Distribution: Low
Threat Containment: Easy
Removal: Moderate

Damage

Damage Level: Medium

Distribution

Distribution Level: Medium

Writeup By: Hyun Choi

Technical Details

Search Threats

Search by name

_{Example: W32.Beagle.AG@mm}