3 November 2007 0 Comment
VBS.Runauto.E propagates by duplicating itself to all drives on the infected computer except floppy drive. VBS.Runauto.E will create an autorun.inf file on each drive to execute itself when the drive is accessed. This worm will modify compromised system’s Internet Explorer title to Hacked by Achitasin & ???? ???. More
1 November 2007 0 Comment
W32.Iretsim propagates by copying itself to removable media devices and can stop security-related processes on the infected computer. W32.Iretsim will drop autorun.inf file on located drives so that it will be loaded once the drive is accessed. More
28 October 2007 0 Comment
W32.Minerv.A is a worm that propagates by means of infected removable drives and unsecured network shares. W32.Minera.A will create a copy of itself on drives as Minerva Game.exe and New_Games.exe. This worm will also drop malicious files that will be injected to explorer.exe and record worm’s activity. More
28 October 2007 0 Comment
W32.Racita.A is a worm that will propagate by creating a copy of itself to specified mapped network drives. Affected drives will consist an explicit background image assigned by the worm. W32.Racita.A also reduce security settings on the compromised system by ending security-related process.
23 October 2007 0 Comment
W32.Usbwatch is a worm that propagates by copying itself to removable USB devices and unsecured network drives. W32.Usbwatch steals user name and password from the compromised system and gathers network configuration and information. An autorun.inf file is created to run the worm each time the drive is accessed.
23 October 2007 0 Comment
VBS.Runauto.D is a harmful computer worm that drops autorun.inf file to start itself whenever the affected drive is accessed. VBS.Runauto.D can propagate by making a copy of itself on removable media drives excluding drives A: and B:. More
21 October 2007 0 Comment
WORM_NUWAR.ARC is a worm that was dropped by another threat. This worm can spread via email messages with electronic greeting cards (eCards) which includes a link pointing to malicious web site. Infected browsers will be redirected to “The Laughing Psycho Kitty Cat” website. WORM_NUWAR.ARC also spreads via peer-to-peer networks.
20 October 2007 11 Comments
W32.Sillyban.A propagates by copying itself to unsecured mapped network drives. It may display warning messages if infected computer visited Orkut and YouTube pages. W32.Sillyban.A will create numerous malicious files and modify Windows registry to run itself when Windows is started. It also monitors Internet browser title if it belongs to Mozilla Firefox. The message it will display will contain this text: More
19 October 2007 0 Comment
W32.Voterai can propagate via removable media drives. It displays an image about a presidential candidate Raila Odinga. Once executed, W32.Voterai will make a copy itself inside Windows\System\Driver\ directory. The worm was created as a campaign material for the election in the Republic of Kenya. More
16 October 2007 0 Comment
W32.Debanpass is a worm that can steal sensitive information and send the gathered data to a remote attacker. W32.Debanpass will create a copy of itself on removable media devices and configure itself to automatically run when Windows is started. The worm is specifically designed to steal banking details on the compromised machine. More