W32.Selfish


Aliases: N/A
Variants: N/A

Classification: Malware
Category: Computer Virus

Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 11 Dec 2006
Damage: Low

Characteristics: The W32.Selfish application is a virus that contaminates executable or .exe files. The virus also gets files from predetermined sites.

More details about W32.Selfish

The W32.Selfish program is a virus that contaminates executable or .exe files. The virus also gets files from predetermined sites. When the virus is opened, it scans the hard disk and infects any .exe or executable files it searches. When an infected .exe file is opened, it duplicates the original .exe or executable files to “C:\Documents and Settings\[CURRENT USER]\Local Settings\Temp” folder and opens it. The worm connects to some websites and gets malicious files. It is also observed that the W32.Selfish program connects to remote servers. It will then download files into the system. These files are commonly unwanted programs. They may be adware, spyware, or Trojan applications. They are installed and executed without the user’s consent. They may also be spread to other machines.

The W32.Selfish application uses rootkit functions to hide its operation on the computer. The program utilizes a rootkit tool to rename its core components to appear as legitimate Windows processes. The rootkit technology used by the application disables security utilities on the computer such as personal firewalls and anti-virus programs.