Virus-like program that spreads automatically to other computers by sending itself out by email or by any other means. A program that propagates itself by attacking other machines and copying itself to the affected machine.
Worms have self-replicating code that travels from machine to machine by various means. A worms first objective is merely propagation. Worms can be destructive depending on what payload they have been given. Worms may replace files, but do not insert themselves into files.
This email worm will copy itself to a shared folder on your hard drive. For instance this was found in this directory.C:\Program Files\funwebproducts\Shared. Funwebproducts and this worm are UNRELATED. This was just an example as to where we found this.
It will use the following filenames:
windown longhorn beta leak.exe
xxx hardcore images.exe
adobe photoshop 9 fu??.exe
winamp 5 pro keygen crack update.exe
ahead nero 7.exe
windows sourcecode update.doc.exe
winamp 6 new!.exe
matrix 3 revolution english subtitles.exe
opera 8 new!.exe
CAUTION: DO NOT delete the file names listed above even if you find them on your computer. Use a cleaning application to identify infection and remove it. You can find a freeware cleaner that picks up this infection at http://www.xblock.com/installer.shtml.
Delete the exception made by the Worm.
1.Click on "Start" and then Click on "Run".
2.Type in "regedit" then click ok.
3.On the left pane scroll down to
4.On the Right pane right click on "C:\WINDOWS\vcualts32.exe" and click delete.
5.Close the registry editor.
6.Scan using XCleaner.