Aliases: W32/Kueight Worm
Variants: N/A

Classification: Malware
Category: Computer Worm

Status: Active & Spreading
Spreading: Slow
Geographical info: North America
Removal: Easy
Platform: W32
Discovered: 05 Apr 2007
Damage: Low

Characteristics: The worm W32.Kueight propagates by copying itself to removable drives. It also downloads other malicious files to the infected computer. The worm copies itself into a computer as alg.exe, wmplayer.exe, or nvidia.exe. It is able to run every Windows startup.

More details about W32.Kueight

W32.Kueight is a worm that spreads using removable media and mapped network drives. When the worm is executed, it copies itself in the Windows folder using the file names: alg.exe, wmplayer.exe, or nvidia.exe. It downloads and installs other malware programs including adware and Trojans. The worm copies itself as cmd.com in the Windows System and regedit.com in the Windows folder. It then copies itself in drives D: to K: using the filenames: alg.exe, wmplayer.exe, or nvidia.exe along with an Autorun.inf. It also modifies the registry to make sure it loads itself every time Windows starts. In addition, the worm modifies the Internet Explorer homepage and downloads and executes files from certain URLs. It accesses malicious websites and downloads other parasites. The worm hides its files and folders to avoid detection.

According to IT experts, the W32.Kueight program may start working along with the startup of the computer. It may also use other tools like a keylogger or screenshot taker to steal passwords. It normally saves the recorded data to a certain file in the infected computer. This data may be sent to its master through an email. Its creator will probably assess the file’s content and look for possible passwords or other account information there. Meanwhile, some studies point out that the W32.Kueight program may not only steal passwords. It may also be capable of uncovering registration details, IP addresses, email clients, and system details like disk space, operating system, and memory.