Worm

W32.Waledac.C

10 February 2012 0 Comment

W32.Waledac.C is a threat that originates from a group of worms that has common payloads. This worm may open a backdoor and allow a remote attacker to have full access on the infected computer. Once inside the computer, it may control certain settings to lessen security features of Windows. W32.Waledac.C will utilize the compromised PC to mass-mail a link that points to computers actively hosting copies of itself. It also operates as part of botnet with complicated mechanism intended to spread the worm quickly while maintaining own protection. More

W32.Cridex

24 January 2012 0 Comment

W32.Cridex is a computer worm that propagates by dropping a copy of itself to network drives as well as removable media devices like external hard drive and USB flash drive. This worm also opens a backdoor to download and execute malicious codes on to victim’s computer. More

W32.Otpoh

15 November 2011 0 Comment

W32.Otpoh is a computer worm that uses MSN Messenger services to spread a copy of itself over the Internet. The worm may also propagate through removable USB drives and opens a backdoor on the infected computer. More

W32.Masavebe

23 September 2011 0 Comment

 W32.Masavebe is a worm that commonly spread on removable devices and drives. Things like external hard drive, memory and USB Flash disk are types of gadget where W32.Masavebe can duplicate a copy of itself. What’s more devastating about this worm is its ability to make these drives inaccessible to owner. The worm usually utilized an autorun function so that it creates a copy to other drives on the affected computer if any of the infected disks is accessed. More

W32.Queshare

21 September 2011 0 Comment

W32.Queshare is a computer worm that propagates via USB and other removable devices. It also inflicts damages through instant messaging application’s shared folders. W32.Queshare also downloads more harmful files on infected system and steals confidential data.
More

W32.Morto

4 September 2011 0 Comment

W32.Morto spreads by utilizing a Remote Desktop Protocol. Worm W32.Morto embeds several encrypted codes into system registry as part of its a payload. It also replaces various DLL with its own code. It was discovered that this worm may download malicious executable files from a remote location to function as backdoor that allows it to gain unauthorized remote access. More

W32.Yunsip

25 August 2011 0 Comment

W32.Yunsip is a worm that spreads by having a duplicate copy of itself on removable drives. W32.Yunsip is capable of stealing confidential information by recording key presses on the infected computer and later send the data to remote attacker. The worm is crafted to be executed naturally when the compromised drive is accessed. More

W32.Murtinda

15 August 2011 0 Comment

W32.Murtinda is a computer worm that has the capability to connect to a remote server to update itself. Usual propagation of W32.Murtinda is by making a copy of files Love-Story.exe and autorun.inf on any removable drives. Once it enters the system, registry will be compromised so as the start-up process. The worm also disables certain Windows functionalities to prevent manual removal and troubleshooting. 

More

W32.Virauto

28 April 2011 0 Comment

W32.Virauto is a computer worm that propagates by creating a copy of itself on removable devices and shared network drives. W32.Virauto can open a backdoor port on the compromised computer that will provide unauthorized access to a remote attacker. More

W32.Qakbot!job

28 April 2011 0 Comment

W32.Qakbot!job is a detection for malicious job file created by W32.Qakbot family of computer worms through Windows Task Scheduler.  W32.Qakbot!job was made in order to run a randomly named JavaScript file. More