I agree with doggeral, but only to a degree. True, people shouldn't hit the panic button when they discover a virus, even if there is a lot of hysteria about it. The first steps to take are to verify the infection with another scanner and to research the virus. Win32:Spybot-A52 [wrm] is a recent addition to the virus database, so I assume that it is relatively new. I did a search for it at Google, both web and forum, and came up empty; however, I did check with a half dozen on-line databases and found entries for the family. Win32:Spybot-A52 [wrm] didn't show up as an alias, so which variant it is and what its capabilities are isn't clear. Panda Software and Network Associates give the family a low risk assessment, but Computer Associates and Symatec give a medium damage assessment. Once source indicated that there are around 7 dozen of variants with about 5 dozen in the wild. Granted, if it were highly destructive, you couldn't help but trip over information about it, but theft of personal information and DOS attacks could easily go unnoticed, especially by the masses totally uninformed about Internet safety. These are things that should be taken seriously.
From Panda Software:
Common name: RPCSdbot
Technical name: W32/RPCSdbot
Alias: W32/Randex.A, IRC-BBot, WORM_RPCSDBOT.A,
Win32.RPCSdbot.A, W32/Spybot.worm.Iz, Backdoor.SdBot.au,
TrojanDropper.Win32.Small.bd
Effects: It runs programs, deletes and downloads files and launches denial of service attacks.
From F-Secure:
NAME: Sdbot.RPC.A
ALIAS: W32/Spybot.worm.lz, W32.Randex.E, WORM_RPCSDBOT.A
The backdoor code is based on Sdbot. It connects to a predefined IRC server
and joins a channel and waits for commands. Commands it supports provide
full access to the compromised computer.
From Computer Associates:
Win32.Spybot
Win32.Spybot is an open soure irc bot. Due to the open and modular manner
in which the source for this bot is distributed, there are many slightly different
variants of this bot in the wild.
Win32.Spybot may also be able to (depending on the variant):
Download files via the Internet
Keylog (i.e. log keystrokes on the affected machine)
Kill firewall or antivirus software processes to avoid detection
Act as an HTTP server
Regards,
Hornus