Nasty virus Winevar insults infected users
PrintWhat a foolish thing you've done!
Posted in Security, 28th November 2002 10:29 GMT
Free whitepaper – PowerEdge M610 technical guidebook
Winevar-A, the latest mass mailing virus, adds insult to injury for infected victims.
As well as attempting to delete files and sending repeating HTTP requests to Symantec's Web site (an unsophisticated DDoS ploy), Winevar also displays a rude message.
The virus normally arrives by email with an infected attachment. If Windows PC users click on the attachment, the virus gets to work screwing up systems.
Winevar-A is a dropper for the W32/Flcss virus and a worm which spreads by emailing itself via SMTP to addresses on the local computer. It also tries to terminate AV and security programs running on a machine.
And there's more.
On system restart Winevar-A displays the message "Make a fool of oneself: What a foolish thing you've done!".
If users press the OK button the worm deletes all deletable files in all folders.
AV vendors have mostly updated their definition files to detect the Winevar, which has not spread widely - yet. Here is AV vendor Sophos's description of the virus. ®
Enabling The Agile Data Center
What Exchange can't do - and Dell can
Analyst Keynote: The Register Agile Data Center Summit
Analyst Keynote: The Register Agile Data Center Summit
Breaching Fort Apache.org - What went wrong?
Snow Leopard security - The good, the bad and the missing
US Dems fill inboxes with 419 scams
BlockMaster SafeStick hardware-encrypted USB drive