W32.Dranyam


Aliases: Worm.AutoRun.ANY, W32.Dranyam, Worm.Win32.AutoRun.cke, Generic.dx, WORM_AUTORUN.GB
Variants: MarcMaynard.exe

Classification: Malware
Category: Computer Worm

Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 18 Jan 2008
Damage: Low

Characteristics: W32.Dranyam is another worm that propagates and runs through autorun.inf. It spreads by infecting USB removable storage drives. Thus, this worm automatically runs itself on the compromised computer every time the window starts. All Windows Operating System platforms can be affected by W32.Dranyam. It automatically creates autorun.inf on all accessible drives.

More details about W32.Dranyam

This worm has the ability to block network-related operation. It monitors strings and domain. This is usually introduced to the network using a USB drive activated by autorun.inf. As such, it creates an autorun.inf file on all mapped drives so that the threat automatically executes when the drive is accessed. It oversees and monitors all the drives connected to the infected computer. Files associated with this worm include “MarcMaynard.exe,”hi.txt,”services.exe” and svchost.exe. Registry keys are also altered. Users should also be aware that all auto play facility in your computer should be disabled to prevent the automatic launching of executable files on network and removable drives. It is also advisable to disconnect the drives when not required. File sharing should also be turned off if it is not needed. Do not always install or turn on computer services popping up in your screen.

The following are some basic symptoms that the user may encounter when the W32.Dranyam application is in place. It shows abusive content or invasive third-party advertisements, displays deceiving or false notices, produces pop up ads while using the computer or even when the application is not executing, synchronously inserts other bundled applications, and it can display unwanted application on the screen.