Archives - win32 worm


Ruftar doesn’t slow down

The first sample of this huge ISF (information stealing family) of Trojans has been received from our customers at the year of 2011. Since then multiple variants of this family have been released, but most of them have been successfully detected by our product and system infection has been prevented. It has been three years […]

New worm infects removable drives.

Yet another worm that infects removable drives was discovered. The Win32/SillyAutorun.FTW was recently found in the wild. The worm is written with Microsoft Visual Studio and uses injection engine – worm’s code overwrites the original code in memory. When it runs on infected machine, it firstcopies itself to  %ApplicationData%E-73473-3674-74335msnrsmsn.exe; where %ApplicationData% is application data folder […]

Worm Win32/VBDoc – Evolution

The first variants of Win32/VBDoc worm appeared about half year ago, and this worm has been active since. The description of Win32/VBDoc.H is available on Total Defense Labs Encyclopedia.Many variants of this worm are known, they are released quite frequently by one or more malware writers. When older variant becomes known and detected by antiviruses, […]