E-Greeting cards had persistently been a victim to malware designers who makes optimum use of it to extensively spread malware. Following the spiteful footprints of Win32.Worm.Waledac, Win32.Worm.Prolaco exploits e-cards by intruding through the inbox of the users over various holidays. Gradually it shows up in devastating stature. An effective and extensively working Antivirus protection is the only call when the system gets affected by this piece of malice.
Below are the scrupulous tactics used by the Win32.Worm.Prolaco for intervening through your inbox and gradually spreading across. Prolaco uses the e-mails to comfortably disseminate. It takes the form of e-mails with attached Zipped files with executable files replicating a .doc, .chm, .pdf, .jpg, or .htm extension. These files also bear names like “card.pdf.exe", "document.chm.exe” which are quite misleading and complicated while trying to trace, particularly when OS as per instructions does not display identified file types.
Prolaco also spreads through USB removable devices as well as file sharing networks. The said virus develops an autorun.inf file and further directs to an exe file. It can also create numerous copies of itself and gets dissimilated in the form of a hidden copy that gets added to the system folder by the name wmimngr.exe, jusched.exe or wfmngr.exe and the other copies spreads itself to different locations costumed for file sharing, they camouflage in the gear of advertising programs.
No sooner than the file is clicked open than the Prolaco pops in through the computer and actively carries out its destructive programs. Win32.Worm.Prolaco executes several customizations over the Windows Registry for immediately peek out as soon as the Windows startup and user logs-in. this is not all as it also opens a communication channel to counterfeit the Windows Firewall. Its malice continues to weaken the local antivirus security settings as it deactivates the notifications as and when programs install software. Moreover it also neutralizes the User Account Control in Windows Vista or 7. No sooner than the local security is screwed, Prolaco automatically infuses malevolently designed code in the iexplore.exe process. Being injected the iexplore.exe process imitates like that of a keylogger thereby keeping track of every keystroke within a file named lsm.dll situated in the Windows folder.
This versatile malicious program is also observed to have been behaving like that of a backdoor as soon as it connects to hop.net for receiving various commands directed by the host. As per the instructions it is capable of modifying registry entries or graphic settings (resolution, frequency), begin or end processes, access drives, scrutinize ports, download/implement files to or from memory, put down antivirus security, infringe passwords from browsers to intrude social networking accounts. It is also enabled with the aptitude to ooze out cookies, attach to ftp servers, get data uploaded to ftp servers, modify service settings or supervise the USB port to get an easy entry and multiply easily.
It is a maliciously multifaceted worm with its ultimate intentions of installation of a remote access device through which it can intrude and master over the infected machine thereby disposing off the piled up data whenever wished. Hence, it is widely and highly recommended that during holydays it is highly important for the computer users to be extremely precautious and alert as and when they share greeting cards among peers. These e-greetings might be loaded with a hamper of malware instead of best wishes. So, keep your system updated with strong and effective antivirus support to combat such potential threats during your merry moments.
Tags: Antivirus Support Antivirus Protection Antivirus Services Antivirus Protection services
Tags: Antivirus Support Antivirus Protection Antivirus Services Antivirus Protection services
