1. Symantec/
  2. Security Response/
  3. W32.Ifbo.A


Risk Level 2: Low

May 10, 2005
February 13, 2007 12:38:44 PM
Also Known As:
Hacktool.DCOMScan, Win32.Berkor.A [Computer Assoc, Net-Worm.Win32.Padobot.z [Kasp, Exploit-DcomRpc.gen [McAfee], W32/Doxpar-C [Sophos], WORM_KORGO.AG [Trend Micro]
Systems Affected:

W32.Ifbo.A is a worm that spreads by exploiting he Microsoft Windows Local Security Authority Service Remote Buffer Overflow (as described in Microsoft Security Bulletin MS04-011) and disables security services.

Note: Virus definitions dated prior to May 11, 2005 may detect this threat as Hacktool.DCOMScan.

Antivirus Protection Dates

  • Initial Rapid Release version May 11, 2005
  • Latest Rapid Release version August 8, 2016 revision 023
  • Initial Daily Certified version May 11, 2005
  • Latest Daily Certified version August 9, 2016 revision 001
  • Initial Weekly Certified release date May 11, 2005
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Fergal Ladley

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube