W32.Debanpass
Aliases: Win32/Debanpass
Variants: Win32/Debanpass.A
Classification: Malware
Category: Computer Worm
Status: Active
Spreading: Slow
Geographical info: Asia, North and South America, Europe and Australia
Removal: Easy
Platform: W32
Discovered: 16 Oct 2007
Damage: Medium
Characteristics: W32.Debanpass is a self-replicating worm that exclusively infects all drives found on the computer. These drives include the executable drives such as the floppy disk and/or CD drives and USB drive. This worm first appeared on October 16, 2007.
W32.Debanpass Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean W32.Debanpass from your computer.
More details about W32.Debanpass
This worm clones itself to be produced on all drives on the user’s computer. Its payload is to attempt to steal sensitive and confidential information. This includes bank details and personal access on different accounts such as email password. Upon execution, the worm creates files such as %System%\crase.exe, %System%\winebay.exe, %System%\url.tmp, %System%\dde.st, C:\tmpsss.log, C:\xxjsnxx.tmp and %DriveLetter%\autorun.inf. Then these files will be added in a certain registry location. The worm has the ability to steal information and details once the host uses his accounts like the bank details on the Internet. It can also monitor Internet Explorer and searches some strings like SIGN IN, EBAY-SIGN IN, IDENTIFICARSE and others. Although its threat level is low, this self-replicating worm allows the attacker for illegal purposes once it is executed on the drives of the computer. The information that is stolen can be used for fraud or any other scam businesses. Identity theft is common nowadays and once your information is collected, you can no longer stop the attacker from using your information.This application also connects to an IRC server. It may use its own mIRC client to do so. The software logs onto a channel specified in its programming. It will appear to other users as another logged-in user. It may also be able to reply to simple commands with pre-determined responses. The worm software waits for commands from other logged-in users. The program then carries them out. The instructions may be IRC-related. The application can be made to join specific channels and post links to infected servers.
Browse for more malware information
- W32.Debanpass
- W32.Debsis.A
- W32.Dedler.Worm
- W32.Delcycer
- W32.Deletemusic
- W32.Demo.Worm
- W32.Denisbee
- W32.Dexter
- W32.Dinkdink.Worm
- W32.Dinoxi
- W32.Doep.A
- W32.Dolly.Mirc.gen
- W32.Donk.Q
- W32.Doomhunter
- W32.Dopbot
- W32.Dosmouse
- W32.Dotex
- W32.Dotor.A@mm
- W32.Downadup
- W32.Draggdor
- W32.Dranyam
- W32.Drivus.A
- W32.Drom
- W32.Dronzho
- W32.Duksten.B@mm
- W32.Dutan.A
- W32.Earlybird@mm
- W32.Ecup
- W32.Egar.int
- W32.Elitper.A@mm
Contact Us
|
Privacy Policy
|
Site Map
Copyright © Uniblue Systems Limited 2007. All rights reserved.