What is Worm:Win32/Cridex.E? This is the virus that is extremely dangerous for your system. It has the following variants (aliases) – Trojan-Dropper.Win32.Dapato.bjnm according to Kaspersky Labs and Troj/Bredo-ZD according to Sophos Labs. The degree of severity of this malware is extremely high, and thus very threatening for your computer. It is surely recommended that you have the most updated anti-virus databases of security software installed on your system. So, why is Worm:Win32/Cridex.E so dangerous?
Generally speaking, Worm:Win32/Cridex.E stands for a worm – i.e. a self-propagating tool that can be disributed from one PC to another. Worms may be distributed through a variety of different channels for the purpose of compromising new systems. Generally, worms may spread directly by copying themselves to jump (flash) or network drives, or by trying to exploit certain vulnerabilities on targeted systems. Worms also often try to spread through platforms that demand user interaction in order to be executed. They may be spread as an attachment to an email or an instant message, or send a link to a copy of themselves in the body of a message. In such cases the message must be convincing enough to encourage the victim to click on the link or attachment and run or download a copy of the worm.
You may detect the presence of this scam based on the following information:
Availability of the following files:
- c:\documents and settings\administrator\application data\kb00483934.exe
- c:\documents and settings\administrator\local settings\temp\exp7.tmp.bat
Availability of the following registry entries:
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run with data “c:\documents and settings\administrator\application data\kb00483934.exe”
- HKCU\Software\Windows\CurrentVersion\Internet Settings with data “0” in value “GlobalUserOffline”
The main goals of this virus are as follows:
- Obtaining Internet service login credentials (ftp/pop3/imap/http)
- Online cash/transaction information
- Phishing & fraudulence of online banking
If this virus was detected by your available security software then you need to immediately reset your passwords for all applications you use online. To detect this scam and remove it please download our recommended security application below.