W32.Changeup.C is a computer worm that usually spreads via removable media devices. It took advantage of the MS Windows Shortcut ‘LNK’ Files Automatic File Execution Vulnerability. W32.Changeup.C also modifies the registry to execute the malicious code each time Windows starts. More
W32.Skyhoo.Worm is a computer worm that is being propagated by means of Yahoo instant messaging and Skype programs. W32.Skyhoo.Worm is embedded as a link in a message sent by a friend usually in a JPG format. This was purposely trying to mislead users into clicking the link that will result to a worm infection. When W32.Skyhoo.Worm infected a computer, it will gather email address and sends the same malicious message to contacts. More
W32.Aemrant is an “autorun” worm that will propagate by creating a duplicate copy of itself to fixed and removable USB drives. W32.Aemrant also lowers security settings on the infected computer by ending security-related process. More
W32.SillyFDC.BDN is a worm that will download additional malicious files on to the infected computer. W32.SillyFDC.BDN will propagate by creating a copy of itself on removable drives and execute it using an Autorun.Inf file. More
WORM_PALEVO.AZA is a worm that will drop its own malicious executable files on target computer. This threat will spread via instant messaging programs like Skype and Yahoo! Instant Messenger. Once it enters the computer, the worm creates its own registry entries to execute itself automatically when Windows starts. More
W32.SillyFDC.BDM is a worm that propagates by creating a copy of itself on removable USB and mapped network drives. W32.SillyFDC.BDM executable usually masquerades as a popular computer games to attract victims into running the file.
Damage Level: Low
Systems Affected: Windows 9x, 2000, XP, Windows Vista
[expand title="Show More Details" swaptitle="Hide Details"]
Characteristics
When executed, W32.SillyFDC.BDM will drop a copy of itself on root drive as an executable game file common to many. The worm also modifies registry to add own entries that will allow self-execution at Windows start-up.
Distribution
To spread W32.SillyFDC.BDM, it will create a duplicate copy on removable USB drive as well as mapped network drives. Random file name is used to avoid duplicate copies and avoid suspicion from infected computer users. For a complete list of file names associated with this worm, please see the “Associated Files and Folder” area.
[cf]regis[/cf]
[cf]files[/cf]
W32.Ptopirate is a worm that will propagate via removable USB drives and unsecured network-shared drives. W32.Ptopirate can create its own registry entry that will allow the worm to run automatically during Windows boot-up. More
W32.Yimfoca is a worm that can reduce infected computer’s security settings by stopping processes belonging to Microsoft Malware Protection Service and Windows Update. W32.Yimfoca will propagate by sending malicious links through Yahoo! Messaging program. Malicious files that originates from this family of computer worms are identified as W32.Yimfoca!gen. This threat can infect every attached drive on the computer. It also intiates start-up by appending a code to autorun.inf file of the infected drive. On some instances, this threat can alter file association on the computer causing some file not to open on intended application. More
W32.Avendog is a worm that propagates by creating a copy of itself to removable and USB drives. It will create a backdoor on infected computer that allows a remote attacker to obtain unauthorized access. W32.Avendog can also inject malicious code on to “Explorer.exe” so that the malicious process loads automatically. More
W32.SillyFDC.BBX is a worm that propagates by creating a duplicate copy of itself to removable USB and unsecured network mapped drives. W32.SillyFDC.BBX also drops more malware and tries to execute additional threats on the compromised machine. Other than that, this worm may also disable security applications and certain system software. It will add a bunch of harmful registry entries to accomplish its task on the targeted computer. More