VBS/Samok-A

Category: Viruses and Spyware Protection available since:08 Aug 2011 13:54:40 (GMT)
Type: Visual Basic Script worm Last Updated:08 Aug 2011 13:54:40 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

VBS/Samok-A is a worm for the Windows platform that spreads via removable shared drives.

The following registry entries are set:

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoFolderOptions
1

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoRun
1

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
DisableRegistryTools
1

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
DisableTaskMgr
1

HKCR\Folder\shell\explore
(default)
Owned!

HKCR\Folder\shell\open
(default)
b-b2g

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
autoMe
wscript.exe "<Windows>\samok.vbs\"

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy