Feeds

Nasty virus Winevar insults infected users

What a foolish thing you've done!

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Winevar-A, the latest mass mailing virus, adds insult to injury for infected victims.

As well as attempting to delete files and sending repeating HTTP requests to Symantec's Web site (an unsophisticated DDoS ploy), Winevar also displays a rude message.

The virus normally arrives by email with an infected attachment. If Windows PC users click on the attachment, the virus gets to work screwing up systems.

Winevar-A is a dropper for the W32/Flcss virus and a worm which spreads by emailing itself via SMTP to addresses on the local computer. It also tries to terminate AV and security programs running on a machine.

And there's more.

On system restart Winevar-A displays the message "Make a fool of oneself: What a foolish thing you've done!".

If users press the OK button the worm deletes all deletable files in all folders.

AV vendors have mostly updated their definition files to detect the Winevar, which has not spread widely - yet. Here is AV vendor Sophos's description of the virus. ®

Intelligent flash storage arrays

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.