Win32/Parite is a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives.

EliteBar displays pop-up advertisements on the desktop and may take other actions without user consent. It may add its own toolbar in Internet Explorer, for which it may install a browser helper object (BHO). EliteBar may also change the user's Internet Explorer home page and add its own "favorites" URLs to the user's Favorites list. Elitebar employs user-mode rootkit techniques to hide some of its files, processes, and registry entries, so that these resources are not visible in system utilities such as Windows Explorer, Task Manager, and Registry Editor. Elitebar may be installed without notifying the user, and may silently download and install updates or other executable code. 

W97M/Kukudro.A arrives as a macro containing an embedded binary in a Microsoft Word document file. This document file will be detected by the Microsoft AV Engine as W97M/Kukudro.A!CME-745. In Microsoft Word 2003, the macro will not run unless the user has explicitly allowed it or if the user has lowered the default security settings to allow unsigned macros from non-trusted sources to run automatically. In Microsoft Word 97, Microsoft Word 2000, and Microsoft Word 2002, W97M/Kukudro.A exploits a vulnerability which could allow the macro to execute without first seeking permission from the user. A security patch for this vulnerability was provided in June 2001. For further details on the exploit, see Microsoft Security Bulletin MS01-034.

 

If the macro is run, W97M/Kukudro.A drops the embedded binary to C:\666ins_1.exe and executes it. This dropped file is detected as TrojanDownloader:Win32/Small!5C34 by the Microsoft AV Engine.

Win32/Virut.A is a file infecting virus that infects .EXE and .SCR files accessed on infected systems. Win32/Virut.A also opens a backdoor by connecting to an IRC server, allowing a remote attacker to download and run files on the infected computer.

Win32/Parite is a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives.

Win32/Parite is a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives.

W97M/Kukudro.C arrives as a macro containing an embedded binary in a Microsoft Word document file. This document file will be detected by the Microsoft AV Engine as W97M/Kukudro.C!CME-136. In Microsoft Word 2003, the macro will not run unless the user has explicitly allowed it or if the user has lowered the default security settings to allow unsigned macros from non-trusted sources to run automatically. In Microsoft Word 97, Microsoft Word 2000, and Microsoft Word 2002, W97M/Kukudro.C exploits a vulnerability which could allow the macro to execute without first seeking permission from the user. A security patch for this vulnerability was provided in June 2001. For further details on the exploit, see Microsoft Security Bulletin MS01-034.

 

If the macro is run, W97M/Kukudro.C drops the embedded binary to C:\mWChEU.exe and executes it. This dropped file is detected as TrojanDownloader:Win32/Small!4978 by the Microsoft AV Engine.

Win32/Parite is a family of polymorphic file infectors that targets computers running Microsoft Windows. The virus infects .exe and .scr executable files on the local file system and on writeable network shares. In turn, the infected executable files perform operations that cause other .exe and .scr files to become infected.

Virus:Win32/Parite.B.dll is detection for the dll component of the Win32/Parite virus. Win32/Parite is a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives.

Virus:Win32/Parite.B.dll is detection for the dropper component of the Win32/Parite virus. Win32/Parite is a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives.

W97M/Kukudro.B arrives as a macro containing an embedded binary in a Microsoft Word document file. This document file will be detected by the Microsoft AV Engine as W97M/Kukudro.B!CME-476. In Microsoft Word 2003, the macro will not run unless the user has explicitly allowed it or if the user has lowered the default security settings to allow unsigned macros from non-trusted sources to run automatically. In Microsoft Word 97, Microsoft Word 2000, and Microsoft Word 2002, W97M/Kukudro.B exploits a vulnerability which could allow the macro to execute without first seeking permission from the user. A security patch for this vulnerability was provided in June 2001. For further details on the exploit, see Microsoft Security Bulletin MS01-034.

 

If the macro is run, W97M/Kukudro.B drops the embedded binary to C:\dNeL.eXe and executes it. This dropped file is detected as TrojanDownloader:Win32/Small!5C34 by the Microsoft AV Engine.

Win32/Parite is a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives.

Win32/Parite is a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives.

VBS/LoveLetter is a family of mass-mailing worms that targets computers running certain versions of Microsoft Windows. The worm can spread as an e-mail attachment and through an IRC channel. The worm can download, overwrite, delete, infect, and run files on the infected computer.

Win32/Parite is a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives.