W32/Stap-C

Category:	Viruses and Spyware	Protection available since:	16 May 2007 00:00:00 (GMT)
Type:	Win32 worm	Last Updated:	16 May 2007 00:00:00 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

W32/Stap-C is a worm for the Windows platform.

W32/Stap-C has the functionalities to:

- spread by network shares
- send mail to email addresses found on the infected computer W32/Stap-C is a worm for the Windows platform.

W32/Stap-C has the functionalities to:

- spread by network shares
- send mail to email addresses found on the infected computer

When first run W32/Stap-C copies itself to:

<Root>\Chikka.exe
<Startup>\Office_viewer.exe
<Program Files>\Versekulo\readme.exe
<Program Files>\Versekulo\src.dll
<Program Files>\Versekulo\verse.exe
<Program Files>\Versekulo\wers.ocx
<Program Files>\msdtc.exe
<Program Files>\kernel32.exe
<Root>\kernel32.exe
<Root>\Yahoo Mgr 2.0_zip.exe
<Root>\Star Wars_zip
<Root>\Pictures_zip
<Root>\Yahoo Mgr 2.0_zip
<Root>\Zuma DEluxe 1.0_zip
<Root>\The Mystery_zip

and creates the file <Root>\plog.tmp. This file can be deleted.

The following registry entries are created to run W32/Stap-C on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Mstask
<Root>\kernel32.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
verse
<Program Files>\Versekulo\verse.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ccrss
<Program Files>\msdtc.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
rundll32
<Program Files>\kernel32.exe

Registry entries are created under:

HKLM\SOFTWARE\Microsoft

Try Sophos products for free
Download now

W32/Stap-C

Free Mac Anti-Virus

Popular topics