Aliases: N/A
Variants: N/A

Classification: Malware
Category: Computer Virus

Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 01 May 2009
Damage: Low

Characteristics: The W32.Sens.A is a virus that could infect files on the infected computer. It can steal sensitive info and may also get files from a removable location.

More details about W32.Sens.A

Once the W32.Sens.A is opened, the virus drops the “%System%\seus.dll” file. The virus changes a registry entry, so that it opens each time the Windows starts. Once opened, the virus creates the files “%System%\drvcfg.dat”, “%System%\dx.vxd”, “%System%\thumb01.dat”, and “%Temp%\~DF39DA0.tmp”. For example, if the date of the infected computer is Monday, the virus then creates a file “%Temp%\~DF5J4E9.tmp”. The W32.Sens.A virus tries to collect info from all files placed in “%ProgramFiles%”, “%SystemDrive%\Document and Settings”, and all drives on the infected computer.

The W32.Sens.A application may exploit security flaws in the system. The application takes advantage of programming errors and security loopholes. It may also utilize weak security passwords of the system. This provides the user a more convenient way of manipulating the computer. The W32.Sens.A application installs itself in the computer without the user’s consent. The remote hacker of the application may rename the program sends it to other computers. It may come via peer-to-peer (P2P) file sharing networks. The application may also come via spam e-mails from unreliable sources. The downloader Trojan program may also propagate by creating a copy of itself in the shared folders of the computer.