W32.Joydotto
W32.Joydotto is a computer worm that propagates by creating a copy of itself to removable media drives. W32.Joydotto will also download and execute more threats coming from a remote server. More
Worm
W32.Yalove.F
W32.Yalove.F is a computer worm that typically propagates via Yahoo! Instant Messenger program. It copies itself to all hard drives and removable drives of the infected computer. W32.Yalove.F may also connect to a remote location to download more threats and disable certain Windows system tools. More
W32.Ackpra.A
W32.Ackpra.A is a computer worm that may fetch additional malicious files from a remote server and execute on compromised system. Typically, W32.Ackpra.A spreads by creating a duplicate of itself on all removable drives and unsecured network shares. More
W32.Chod.S
W32.Chod.S is a worm that can reduce security settings on the infected computer. The worm will spread via Microsoft Instant Messenger as malicious links sent to contacts gathered on compromised system. W32.Chod.S also opens a backdoor that will give remote attacker to gain unauthorized access on victim’s PC. It can block access to legitimate security web sites by modifying entries on Windows hosts file. More
W32.Mabezat.B
W32.Mabezat.B is a computer worm. It can infect executable files and encrypt data files. W32.Mabezat.B may spread via removable drives and shared folder. It will make changes to Windows registry that may result to disability of certain functions. This worm will take advantage of the Autorun feature in Windows to execute itself when the drive is accessed. The same task is applied to spread a copy on network computer and drop a copy on network shares. More
W32.Mabezat.A
W32.Mabezat.A can propagate via unsecured network shares and removable storage devices. The worm will drop autorun.in file so that it will run whenever the drive is accessed. It was identified as a blended threat of polymorphic worm, virus and Autorun worm. W32.Mabezat.A will display a message if the logged on user has an administrative privilege:
“You are Admin!!! Your Computer Will Not Be Infected!!!”
W32.Baki.A
W32.Baki.A is a worm that can lower security settings on the infected system by ending security-related process. It can spread by copying itself to local and removable drives. W32.Baki.A will also add on entry on Windows registry to run itself when the system is booted. More
W32.Linkfars
W32.Linkfars propagates by duplicating itself on removable media drives, unsecured shared folders and file-sharing applications. W32.Linkfars will delete the original files so that the infected ones will be executed by the users. Then it will display a Persian message that contains the title “SALAM-DOSTE-MAN.” More