W32.Icabdi.A
Aliases: PE_ICABDI.A, Win32.Icabdi.A, Win32/Icabdi.A, Icabdi.A
Variants: JS/Icabdi, W32/Icabdi-A, Trojan-Dropper.Win32.Agent.akc
Classification: Malware
Category: Computer Virus
Status: Dormant
Spreading: Slow
Geographical info: N/A
Removal: Easy
Platform: W32
Discovered: 05 Mar 2006
Damage: Low
Characteristics: The W32.Icabdi.A belongs to a group of viruses which are commonly called as proof of concept. These viruses are designed by authors not for the delivery of damage to a particular computer system but rather to point out a possible vulnerability in a particular system or application. This specific virus was created precisely to emphasize vulnerabilities in XSN format files. These types of viruses are normally sent to antivirus developers to patch up the loopholes.
W32.Icabdi.A Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a computer virus removal tool to automatically clean W32.Icabdi.A from your computer.
More details about W32.Icabdi.A
XSN format files are primarily cabinet compressed archive files which contain XML format files. This file format is used by specific applications mostly during the installation process. Execution of the W32.Icabdi.A initially creates a temporary folder to be used specifically by the malware. It will then search the current folder for the presence of the XSN format files and places a copy into the malware's temporary folder. The W32.Icabdi.A will attempt to extract the contents of the XSN file and modify its contents. The W32.Icabdi.A will inject malicious codes at the start of the OnLoad function of the XDocument section. The result of this routine is that it will launch the malware each time the infected XSN format file is accessed by the application.The W32.Icabdi.A will refrain from infecting XSN format files that do not have this function or has the iCab text in its body. The malware will create a new text format file where a list of the files that are stored in the original version of the XSN file will be kept. These files will be repacked by the W32.Icabdi.A into a new file using the CAB format. This new file will replace the original XSN to institute the infected script. After completing its infection routine the W32.Icabdi.A will attempt to delete its temporary files and all its contents.
Browse for more malware information
Contact Us
|
Privacy Policy
|
Site Map
Copyright © Uniblue Systems Limited 2007. All rights reserved.