W32.SQLExp.Worm is a worm that targets the systems running Microsoft SQL Server 2000, as well as Microsoft Desktop Engine (MSDE) 2000. The worm sends 376 bytes to UDP port 1434, the SQL Server Resolution Service Port.
The worm has the unintended payload of performing a Denial of Service attack due to the large number of packets it sends.
Symantec has provided a tool to remove the infections of W32.SQLexp.Worm. Click here to obtain the tool. Try this tool first, as it is the easiest way to remove this threat. Because the worm resides in memory only and is not written to disk, the virus definitions do not detect this threat. Symantec Security Response recommends that you follow the measures described in this document to deal with this threat.
Please refer to the Technical Details section belowfor information on how to configure the Symantec products to detect this threat.