Virus Alert! - Watch for the 'Vote' worm (9/25/01)

Question

Virus Alert! - Watch for the 'Vote' worm (9/25/01)

Answer

This question was answered on September 25, 2001. Much of the information contained herein may have changed since posting.

The W32.Vote.A@mm is a mass-mailing worm written in the Visual Basic language and is delivered via e-mail.

When executed, the worm will attempt to email itself to all contacts in the Microsoft Outlook address book.

The email will appear as follows.

Subject: Fwd:Peace BeTweeN AmeriCa and IsLaM!

Message:

Hi

iS iT A waR Against AmeriCa Or IsLaM !?

Let's Vote To Live in Peace!

Attachment: WTC.EXE

If you contract this worm, the following will occur:

- Emails everyone in the Microsoft Outlook address book

- After a reboot, the worm attempts to delete all files in the Windows folder

- All files with the extension "htm" or "html" will be overwritten.

- If the Backdoor.Trojan was successfully downloaded and installed, anyone could gain full access to the computer.

As usual, if you simply refrain from opening e-mail file attachments (especially those that have an *.exe extension) from anyone, including people that you trust, you can avoid this worm.

Be sure to update your anti-virus program at least once a week if you are a frequent e-mail user.

Author

Posted by Ken of Data Doctors on September 25, 2001