Aliases: W32/STD.d.worm
Variants: W32/STD.D

Classification: Malware
Category: Trojan Horse

Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 29 Oct 2002
Damage: Low

Characteristics: The W32.STD.D application is a worm that attempts to utilize the software mIRC (Internet Relay Chat) to spread itself to another mIRC user. It is a detection of virus. Once this was run, files are being produced in the directory of this Windows System.

More details about W32.STD.D

The W32.STD.D application allows a remote user to access an infected computer. Through this application, the remote user can also get information, such as the operating system, the IP (Internet Protocol) address of the affected computer, the RAM (Random Access Memory) and also the programs that are running on the affected machine. This information can by used by third parties to be able to carry out attacks against the compromised computer. Aside from having backdoor capabilities, the W32.STD.D application is also capable of recording the user’s keystrokes. Any information entered on the keyboard may be recorded by the worm application. Reports indicate that the application also steals CD keys from games and passwords for AOL, Yahoo Messenger and Windows. The data gathered from the affected computer is transmitted to a third party. It may be used to perform illegal activities.

The symptoms of W32.STD.D are the existence of error messages that are unexplained or virus message that are shown and the existence of entries of registry and files. This virus amends file for accessible mIRC user installations so it can distribute itself. For the intention of hooking startup system, the modification created to the INI files and/or system Registry will be eliminated successfully if cleaning with suggested DAT combination and engine. When W32.STD.D tries to send itself, two variation of it have been initiated. Both don’t spread through the mIRC and have bugs. This is written in the programming language of the Microsoft Visual Basic. The worm deletes files in the Program Files such as the AntiVirus Folder.