Polipos.a [F-Secure], P2P-Worm.Win32.Polip.a [Kasper], W32/Polip [McAfee], W32/Polipos-A [Sophos], PE_POLIP.A [Trend Micro]
Category: Computer Virus
Some parts of Asia, Europe, North and South America, Africa and Australia
21 Apr 2006
W32.Polip was discovered on April 21, 2006. This virus is a polymorphic virus that infects particular files, .exe and .scr, once these files are opened or executed in the computer. This virus is also known as Polipos.a, P2P-Worm.Win32.Polip.a, W32/Polip, W32/Polipos-A and PE_POLIP.A. It mostly affects Windows operating systems like the Windows 2000, 95, 98, Me, NT, Server 2003 and XP.
W32.Polip Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
We recommend that you scan your system for malware. Our partner has a computer virus removal tool to automatically clean W32.Polip from your computer.
More details about W32.Polip
Once W32.Polip is executed, the virus begins to spread by infecting .scr and .exe files if they are executed or opened in the computer. The worm then hides its presence by infecting its code into the actively running processes. Next, the worm shares infected files on the Gnutella file sharing network even if that software is not installed in the computer. Finally, it attempts to lower security settings by deleting files related to antivirus software. This would be the payload of the worm trying to block all antivirus programs from its active running.
The W32.Polip program may be installed on a computer through drive-by downloads. Some websites encourage the user to download video codecs or other components that will allow the user to fully view the features of the web page. These components usually display a fake EULA (End User License Agreement) to convince the user that the program is legitimate. The W32.Polip software may be installed together with the plug-in.