We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Virus:Win32/Drowor.B
Aliases: Win32/Trafrox (AhnLab) W32/Seriv.A (Command) Worm.Win32.Trafaret.a (Kaspersky) W32/Troxa.A (Norman) W32/Troxa.A (Avira) Win32.Kunkka.A (BitDefender) Win32.Fortax (Dr.Web) Win32/Troxa.B virus (ESET) IM-Worm.Win32.Sohanad (Ikarus) W32/Cekar (McAfee) Win32.Drowor.A (Rising AV) W32/Drowor-A (Sophos) W32.Drowor.B!inf (Symantec) PE_DROWOR.A (Trend Micro)
Summary
Virus:Win32/Drowor.B is a virus that infects portable executable (PE) files, such as those with EXE, DLL, and SYS files. It stops security processes from running, and overwrites some of their code, which means that you may have to reinstall affected security programs.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:
- Microsoft Security Essentials or, for Windows 8, Windows Defender
- Microsoft Safety Scanner
This virus may overwrite some code in your security program. As a result, you may need to reinstall your security program.
