The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Special Forums > Security > Malware Advisories (RSS)
Worm_gael.b Worm_gael.b
Google UNIX.COM
Forums Portal Register Rules & FAQContribute Members List Arcade Search Today's Posts Mark Forums Read


Malware Advisories (RSS) Malware Security Advisories Via RSS

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 06-28-2008
iBot's Avatar
RSS Robot Girl
  

Join Date: Sep 2000
Posts: 14,302
Worm_gael.b
This worm arrives via removable drives.
It drops a copy of itself in the Windows system folder. The dropped copy uses the same file name as the originally executed worm. It uses the icon of the normal Windows folder to trick users that it is a legitimate folder.
This worm adds a registry entry to enable its automatic execution at every system startup.
It propagates by dropping copies of itself in all removable drives using the file name of its originally executed copy. It also drops an AUTORUN.INF file to automatically execute its dropped copies when the said drives are accessed.


More...
Reply With Quote
Google UNIX.COM
Forum Sponsor
Reply

« Troj_bobos.ad | Troj_agent.qpf »
Thread Tools
Display Modes
Linear Mode Linear Mode




All times are GMT -7. The time now is 11:41 AM.

The UNIX and Linux Forums RSS Feeds - Contact Us - The UNIX and Linux Forums - Archive - Top

Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited.
The UNIX and Linux Forums Content Copyright ©1993-2008 The CEP Blog All Rights Reserved -Ad Management by RedTyger Visit The Global Fact Book

Content Relevant URLs by vBSEO 3.2.0