W32/RpcSpybot-A

Aliases	Win32:RPCexploit Backdoor.Sdbot.au TrojanDropper.Win32.Small.bd Exploit-DcomRPC WORM_RPCSDBOT.A W32.Randex.E
Category	Viruses and Spyware
Type	Worm
What to do	If you've received an alert for a virus or spyware, then follow the instructions for removing the threat.
Prevalence	low high

Summary

Summary
Action
More Information


Protection available since	28 September 2003 09:47:20 (GMT)
Detected by	All Sophos products

Free virus scan
Download the Threat Detection Test

Free virus, spyware, and adware scan
Test your existing anti-virus protection
Find threats your anti-virus missed

Action

Summary
Action
More Information

Please follow the instructions for removing worms.

Download and install the Microsoft patch mentioned above.

More Information

Summary
Action
More Information

W32/RpcSpybot-A is a worm that exploits the RPC/DCOM vulnerability on computers running the Windows operating system to spread. The worm has a backdoor component that allows a malicious user remote access to an infected computer.

Microsoft issued a patch for the vulnerability exploited by this worm on July 16, 2003. The patch is available from www.microsoft.com/technet/security/bulletin/MS03-026.asp.

Get reports about the latest virus and spyware threats delivered to your computer

In this section

W32/RpcSpybot-A

Summary

Action

More Information