|
 |
|
MUMAWOW.BG-O
|
|
|
First Report:
|
2008-04-30 04:32
|
|
Last Update:
|
2008-05-17 05:42
|
|
|
Aliases:
|
2000
HEUR/Malware
In
ME
NT
PE_MUMAWOW.BG-O
Server
Worm.Win32.AutoRun.dld
XP
|
|
|
|
Information From AntiVirus Vendors
|
|
|
|
|
Below you will find virus information from different antivirus vendors included in this Secunia Virus Profile. Information about the virus along with links to removal tools will be listed below when available.
The information provided is sorted by the date on which the information first became publicy available on the antivirus vendors' websites. The earliest available reports are displayed first. Please note timestamps are in GMT+1.
|
|
|
#1 - TREND MICRO
|
| |
|
|
PE_MUMAWOW.BG-O
|
Severity:
-
|
File Size:
-
|
| |
|
|
Reported:
2008-04-30 04:32
|
Last Update:
2008-05-17 05:42
|
| |
Description:
This file infector may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web site(s).
It drops a copy of itself in the Windows folder.
It creates a registry entry to enable its automatic execution at every system startup. It creates a registry key and entries as part of its installation routine.
It also creates a registry entry for certain application names located under a certain key. The created entry contains a certain data value which specifies the path to the file infector.
This file infector infects .EXE files by appending its code to target host files.
It also connects to a certain Web site. It then deletes itself after execution.
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2008-04-30 05:06
|
Description was changed.
New:
"This file infector may be dropped by other
malware. It may be downloaded unknowingly by
a user when visiting malicious Web site(s).
It drops a copy of itself in the Windows
folder.
It creates a registry entry to
enable its automatic execution at every
system startup. It creates a registry key and
entries as part of its installation routine.
It also creates a registry entry for
certain application names located under a
certain key. The created entry contains a
certain data value which specifies the path
to the file infector.
This file infector
infects .EXE files by appending its code to
target host files.
It also connects to a
certain Web site. It then deletes itself
after execution."
Old:
"N/A"
|
|
|
|
|
|
Please note: The information that this Secunia Virus Profile is based on comes from a third party unless stated otherwise.
The grouping process is done completely automatically, therefore minor inconsistencies may occur. For more information about Secunia Virus Information, please read: About Virus Information.
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
