Discovered: April 7, 2003
Updated: February 13, 2007 11:45:25 AM
Also Known As: Worm.P2P.SdDrop.b [KAV], Worm.P2P.SdDrop.c [KAV], Worm.P2P.SdDrop.d [KAV], W32/Sddrop.worm.g [McAfee], WORM_SDDROP.A [Trend], WORM_SDDROP.C [Trend], W32/Sddrop-B [Sophos], W32/Sddrop-D [Sophos], W32/KWBot-E [Sophos], Win32.Sddrop.B [CA], Win32.Sddrop.C [CA], Win32.Sddrop.D [CA]
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
The W32.Kwbot.F.Worm is:
- A worm that attempts to spread across file-sharing networks, such as KaZaA and iMesh. This worm drops and runs Backdoor.Sdbot.
- Packed with ASPack v2.12.
- A variant of W32.Kwbot.Worm.
Protection
-
Initial Rapid Release version April 7, 2003
-
Latest Rapid Release version April 28, 2008 revision 039
-
Initial Daily Certified version April 7, 2003
-
Latest Daily Certified version April 28, 2008 revision 040
-
Initial Weekly Certified release date April 9, 2003
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Medium
-
Number of Infections: More than 1000
-
Number of Sites: More than 10
-
Geographical Distribution: High
-
Threat Containment: Easy
-
Removal: Moderate
Damage
Distribution
-
Distribution Level: Medium
Writeup By: Serghei Sevcenco
