Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » Kelvir.B

Overview

Threat Risk MEDIUM MEDIUM
Destructivity NONE NONE
Payload
Detection files published 06 Mar 0200 03:00:00
Description created 07 Mar 2005 05:14:00
Description updated 07 Mar 2005 05:14:00
Malware type WORM
Alias
Spreading mechanism OTHER
Summary None

Kelvir.B

Spreading

The worm spreads as a link pointing to the file
http://home.xxxxx.net/~gallery10/omg.pif omg.pif
(the xxxxx's in the URL above replace the original name)
When a user clicks the link, the default webbrowser will open and download the file. If the user open/executes the file, he risks infecting his computer.
The virus will then send a link to the infected file to all users in the MSN contact list, before it downloads and installs a second virus, W32/Spybot.EZO.

Payload Details

n/a

Analysis

n/a

Removal

n/a


Last Updated: 12 Nov 2015 11:06:15