Home>Network Worms>Internet Worms>

Worm.Java.Spida.b

Alert Level :	Medium
Discovered:	Jul 13 2002
Tag:	Internet   Worms
Discoverer and Source:	http://www.kaspersky.com/

Malware Behavior and Technical Description

SQL.Spida.b is a new version of the worm SQL.Spida.a. Unlike the previous variant, SQL.Spida.b became quite widespread especially in Far Eastern Asian countries.

When comparing "b" to "a", "b" was improved not to use the sqlpoke clone, and instead uses a Java Script version of the exploit to run commands on vulnerable machines.

Also, the "b" variant does not add the extra sqlagentcmdexec account during the attack, but instead it enables the default guest login and gives it administrative priviledges.

The following comments can be seen in the worm code:

"// sqlprocess v2.5"
"// Greetings to whole Symantec anti-virus department."

0

Removal Worm.Java.Spida.b instructions:

0

Need help? Live computer support via remote at SupportSpace.Help with printer problems, windows, hardware, software, spyware removal and more. - Go Now!

Great Anti-Virus Software : Kaspersky Internet Security 2009 Save 35% Buy Panda Global Protection 2009 and Panda Antiviru Download PandaLabs Reports Free AVG virus removel tools Hunting Down Spyware and Adware Adware and spyware, knowing the basics Adware Spyware Remover from CBAdvance Keeping Your Computer in Good Condition Using Free Spyware A Beware of Covert Online Spies Why the Need to Remove Adware and Spyware