Home Education E-BooksTravel Troubleshooting Linux Contact Us About Us
Troubleshooting Tips And Steps
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
Windows & Hardware Tips
Software Troubleshooting
Information About DOS
Different DOS Commands
Windows Troubleshooting
Hardware Troubleshooting
Information On Viruses
Virus Database
Trojan Removal Techniques
Virus Tools And Softwares
Miscellaneous
Download Free Ebooks
Game Development Company
Submit Your Query

virus file

VIRUS NAME : W32/Denis.worm

VIRUS NAME : W32/Denis.worm

Internet Worm Characteristics

This worm browses the network connections to spread to other machines that allow passwordless write access to open shares over NetBIOS, and copies itself into the folder with one of the following names :

trojan.exe
pager.exe
crack.exe
lines99.exe
worm.exe
draw.exe
mpeg.exe
low.exe
byte.exe
visual.exe
word.exe
done.exe
horse.exe
express.exe
toy.exe
com.exe
friday.exe

After the worm gets executed, it copies itself into %Windir%\System\ with one of filenames mentioned above. It creates these keys in the registry :

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ App Paths\no.exe\@="%VirusPath%"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ Run\%VName%="%VirusPath%"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ Policies\Network\DisablePwdCaching="1"
%VName% is randomly selected from one of these strings:

winapp
netbios
wapihlp
msvxapp
dsgrun
winver32
gk32ctrl
Netvx

Symptoms

Presents of files files mentioned above in %WinDir%\System\ folder.

Method Of Infection

The worm has to be executed manually by a doubleclick. After the worm copies itself to another machine by using an open share, the worm does not get executed automatically on the victim machine.

If you are fed up with any virus and not getting solution of it. mail us on amgroup@skillsheaven.com and please provide all the detail about virus.