English 
Deutsch
Español
Français
Portuguese
W32.SillyDC W32.SillyDC
By
Sumo3000 in 
Loading ...
W32.SillyDC Description
W32.SillyDC is a menacing Windows platform worm from the W32.Silly family of worms. W32.SillyDC is able to disperse itself through removable media. Once installed, W32.SillyDC will modify the registry in order for it to execute on every system start-up. W32.SillyDC may cause critical damage to your computer system.
Type: Worms
Aliases: Worm.Win32.AutoRun.afcb (Kaspersky Lab), Downloader-AZN.dr (McAfee), Mal/Autorun-C (Sophos), Trojan.Win32.Glox (Ikarus), Packed/Upack (AhnLab), packed with PE_Patch (Kaspersky Lab).
How Can You Detect W32.SillyDC?
W32.SillyDC Technical Report
As new W32.SillyDC details are reported by our customers and findings from our Threat Research Center, we will update this section.
W32.SillyDC’s Country of Origin:
- China
W32.SillyDC has typically the following processes in memory:
- %Windir%\system\ming9b090423.exe
- %Windir%\system\nb9ming32c090423.dll
W32.SillyDC creates the following registry entries:
- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]
Important Article Disclaimer
This entry was posted on 11/17/09 and is filed under Worms.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
