Worm:Win32/Phorpiex.M
Worm:Win32/Phorpiex.M is a worm that proliferates via malicious email messages, fixed drives and removable drives. Worm:Win32/Phorpiex.M allows a remote attacker to obtain access and control of the infected computer. When installed, Worm:Win32/Phorpiex.M makes system changes by adding potentially malicious files and making registry modifications. Worm:Win32/Phorpiex.M also adds the registry entry so that it can automatically run every time Windows is started. Worm:Win32/Phorpiex.M downloads a list of email addresses to send itself to from a certain web address. The web address is given by a remote cybercriminal connected to the corrupted PC via IRC. Worm:Win32/Phorpiex.M searches for existing drives with drive letters other than A: and B:. In these drives, Worm:Win32/Phorpiex.M sets all folders in the drive to hidden, system, and read-only. Worm:Win32/Phorpiex.M then creates shortcuts with the same file names similar to these folders. The shortcut file links to a copy of Worm:Win32/Phorpiex.M located in a separate hidden folder.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | winraz.exe | |
| 2. | winsam.exe | |
| 3. | winsvc.exe | |
| 4. | winsvn.exe | |
| 5. | winmgr.exe |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.