Aliases: TROJ_GENETIK.TI, Email-Worm:W32/Waledac.A, Troj/Waled-C, WORM_WALEDAC.C, WORM_WALEDAC.AB
Variants: Iksmas.A.worm, WORM_WALEDAC.AI, W32/Waled-Q

Classification: Malware
Category: Computer Worm

Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 23 Dec 2008
Damage: Medium

Characteristics: The W32.Waledac application is a worm that can send copies of itself via e-mail on your saved e-mail contacts. This malicious infecting worm is known to affect Windows XP, Windows Vista, Windows 2000 and Windows Server 2003. The worm can open up your PC to outside attacks wherein personal data could be stolen. It is suggested to detect worm infections like W32.Waledac with a spy ware scan program in order to be removed completely from your computer.

More details about W32.Waledac

W32.Waledac can employ one or more process to infect your system. This malicious worm is a spyware that could take control of the entire system of your computer. W32.Waledac worm can infect your computer through e-mail attachments, instant messenger applications, and browser security loop holes while you are surfing the internet. W32.Waledac has the ability to recreate, repair and update itself to keep them being deleted. When this worm changes, updates and restores its files, registry keys, DLLs, and process, scanners can only remove some parts of the program permitting other remaining files to perform process to update and repair. In these cases, it could create the malicious worm very difficult to remove.

The W32.Waledac software allows remote users to gain access to the user’s machine. Tasks may be sent for the Trojan program to carry out. Some of these include deletion of files from the affected computer, uploading and downloading data, use the affected computer to attack servers and steal important data from the system. The W32.Waledac application is not capable of spreading itself to other computers. This program can also connect to remote servers to download illicit components.