W32.Opaserv.dam


Aliases: W32/Opaserv.worm.p
Variants: W32.Opaserv.Worm

Classification: Malware
Category: Trojan Horse

Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 29 Oct 2003
Damage: Low

Characteristics: W32.Opaserv.dam is a self copying Trojan. It attacks Windows 95, Windows 98 and Windows Me Operating System. Reports say that is broken and will not always work correctly. However, it does execute files as well as registry keys thus putting too much Central Processing Unit time. This may steal private information on the compromised computer. This information may lead to the hands of the black market. Confidential email messages and or usernames and passwords can also be sold in the Internet.

More details about W32.Opaserv.dam

The worm may also record keystrokes and takes screenshots of your computer. It may also steal or change passwords and or file password, credit card numbers, banking information and personal data. It can also be destructive, having the ability to also download malware on a compromised computer through which it can install remote-connectivity host software, keystroke logging software, modify firewall rules, remove or alter files, access rights on user accounts or files or even send inappropriate or even incriminate material from a customer's email account. These are done so that it can further damage your computer’s system. It copies itself using a file named, “Brasil.exe” in windows directory folders.

The W32.Opaserv.dam program may have disguised itself as a useful and legitimate application to enter a computer system. It is allegedly programmed to gather login credentials, passwords, banking information and other important information classified as personally identifiable. This malware is also believed to have originated from peer-to-peer sharing sites, removable disks, emails, or chats. Usually, the victim does not have any idea that it is a malicious application. It might have hide using a very interesting application like a computer game or a multimedia downloader. It possibly does not have the capability to install itself.