Aliases: I-Worm.Snapper, W32/
[email protected], Win32.HLLM.Mistral.8704, W32/Snapper-A, Win32/Snapper.A,
Variants: WORM_SNAPPER.A, Worm/Snapper.2, Win32:Snapper, I-Worm/Snapper.A,
[email protected],
Classification: Malware
Category: Computer Worm
Status: Active & Spreading
Spreading: Fast
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Hard
Platform: W32
Discovered: 24 Mar 2004
Damage: Medium
Characteristics: The
[email protected] application is a worm that multiplies to all the contacts in the W23 Address Book. It doesn’t send itself as an email attachment. This vulnerability enables
[email protected] to automatically install and download the worm when the email is executed.
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean
[email protected] from your computer.
The
[email protected] program is a worm that multiplies to all the contacts in the W23 Address Book. It doesn’t send itself as an email attachment. This vulnerability enables
[email protected] to automatically install and download the worm when the e-mail is executed. The
[email protected] application is consist of “.dll” file, which can be seen in these locations: “%Windir%\ieload.dll” and “%System%\ieload.dll”. When the “.dll” is added, it duplicates itself as “%System%\ieload.dll”. The .dll registers itself as a “Browser Helper Object”.
This Trojan application connects to remote file servers to be able to download and install unwanted files and programs on the affected computer. These components are said to be codes of malware programs and other files that may decrease the computer’s security. The
[email protected] worm program will probably use additional applications to further compromise the system. It may use a rootkit tool. The application may utilize the rootkit tool to hide or conceal the presence of the downloader Trojan program in the computer. The rootkit tool may hide the files and the downloaded files of the downloader Trojan program. It may also rename the process of the application. This makes the program hard to remove and detect. Rootkit tools may also terminate security application of the computer such as personal firewalls and anti-malware applications.