W32/Delbot-G

Category:	Viruses and Spyware	Protection available since:	14 Feb 2007 00:00:00 (GMT)
Type:	Win32 worm	Last Updated:	14 Feb 2007 00:00:00 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

W32/Delbot-G is an IRC worm with backdoor functionality which allows a remote intruder to gain access and control over the computer.

W32/Delbot-G spreads:

- to computers vulnerable to common exploits, including: Symantec (SYM06-010) and SRVSVC (MS06-040)
- to MSSQL servers protected by weak passwords W32/Delbot-G is an IRC worm with backdoor functionality which allows a remote intruder to gain access and control over the computer.

W32/Delbot-G spreads:

- to computers vulnerable to common exploits, including: Symantec (SYM06-010) and SRVSVC (MS06-040)
- to MSSQL servers protected by weak passwords

When first run W32/Delbot-G copies itself to <System>\jwmngr.exe.

The following registry entry is created to run jwmngr.exe on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
JW Manager
<System>\jwmngr.exe

Try Sophos products for free
Download now

W32/Delbot-G

Free Mac Anti-Virus

Popular topics