W32.Floopy.A


Aliases: N/A
Variants: N/A

Classification: Malware
Category: Computer Virus

Status: Inactive
Spreading: Slow
Geographical info: Some parts of Asia, Europe, North and South America, Africa and Australia
Removal: Easy
Platform: W32
Discovered: 20 Sep 2006
Damage: Medium

Characteristics: Another virus termed as W32.Floopy.A was discovered last September 20, 2006. It primarily deletes system files. System files are files that have the system characteristic which is mostly not displayed in a normal file searches or folder views. System files like msdos.sys and ntdetect.com are deleted by this virus.

More details about W32.Floopy.A

The W32.Floopy.A virus deletes file system by copying itself to some particular files located in the local disk drive or drive C. It modifies few values in the system registry subkey. Then, the virus replicates itself to the Floppy Disk Drive every time the computer user attempts to access the disk drive. Once a Word Document is displayed with the following text: Body: Empty – headed, the computer automatically shuts down when the user tries to open applications that have the strings Command Prompt, Registry Editor, System Configuration Utility, Warning or Application Data. Through the windows task scheduler, the virus deletes all files that are named as .job and from %Windir%\*.* and %System%\*.*.

The W32.Floopy.A program may have several modes of installation. It may exploit security flaws. The application takes advantage programming errors and weak security passwords to install itself in the computer. It may also come via drive-by downloads. The download process executes when the user visits an unreliable websites. These websites may prompt the user to download a codec in order to continue viewing the site. The W32.Floopy.A application may come bundled with the codec.