W32/Autorun.worm!ip
W32/Autorun.worm!ip is a Windows platform worm that should be removed upon detection. Once executed, W32/Autorun.worm!ip will inject its malicious code into explorer.exe and then connect to a remote IRC server. W32/Autorun.worm!ip will download a file from the remote server and store it on the compromised PC. The downloaded file is a dialer program which will give user access to a list of long-distance phone numbers that will be utilized by the author of the malware. W32/Autorun.worm!ip will also make modifications to the registry and cause the compromised system's performance to deteriorate.
File System Details
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. | %UserProfile%\x4t4c57w3.exe | |
2. | %SystemDrive%\RELEASE\DEBUG\ghx.exe | |
3. | %SystemDrive %\RELEASE\DEBUG | |
4. | %SystemDrive%\RELEASE |