Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Security / Virus alerts

Virus alerts

Infection Distributed on Removable Drives

Windows Vista users protected?

By Bogdan Popa, Security and Search Engines Editor

9th of November 2007, 10:11 GMT

Adjust text size:


The USB Flash drives could support the worm distribution
Enlarge picture
A new worm discovered by security company Trend Micro aims to install on any removable drive connected to the computer and copy itself on another system's physical drives. According to the advisory published by the security firm, WORM_VB.GAW affects most Windows platforms including Windows 98, ME, NT, 2000, XP and Server 2003. As you can see, there's no Vista among them so the latest flavor of
Microsoft's operating system is probably the only safe one. Trend Micro rated the "Overall risk rating" with low but it sustained the distribution potential is medium.

In the past, there were several reports concerning this type of threats, many of them targeting the removable drives connected to the PC. The worm propagates pretty easy as it is installed on new computers every time an infected storage drive is connected to a clean system.

"This worm may be downloaded from remote sites by other malware. It may be dropped by other malware. It may also be downloaded unknowingly by a user when visiting malicious Web sites," Trend Micro wrote in the security advisory.

The interesting aspect of the worm is actually its behavior once installed on a clean computer. It appears that it copies itself in the Windows Startup folder but it also creates an Autorun.inf file to be executed once new drives are connected to the system. Pretty smart don't you think?

"Upon execution, this worm drops a copy of itself in the common Windows Startup folder to enable its automatic execution at every system startup. This worm propagates by dropping copies of itself in all physical and removable drives. It also drops an AUTORUN.INF file to automatically execute its dropped copies when the said drives are accessed," Trend Micro continued.

In case you're infected with the WORM_VB.GAW, you should look for the malicious process, close it but don't forget to remove the additional autorun files created by the worm. But avoid doing this if you're not sure the deleted files are not vital for the operating system. As an alternative, you can install an antivirus solution, Trend Micro sustaining it's one of those which manage to block the dangerous file.

TAGS:

 worm | usb | drive | infection


Rating:
Fair (2.5/5) 6 vote(s) so far    

Read by 532 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Malware Author Apologizes for Windows Worm

The HIV Virus Is Now Spreading Through USB Sticks

Next Gen Hybrid Web Worm Coming to IE, Firefox and Safari

Worm Creators Trialed

Windows Vista Immune to Skype Worm by Default

BitDefender Reports on Threats

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive