Heads Up**W32.Lorsis.Worm

Hi Guys..
As per my usual Heads up.. only Higher risk Threats are listed here.. ie Symantec's Cat 2 or higher.. and wher I can I will list links to AV information from other companies..

Symantec Info Page

W32.Lorsis.Worm

This ones entry is due to its damage capability

Statistics

Quote:

---

Wild:- Low
Damage:- High
Distribution:- Low

---

Details of Threat

Quote:

---

W32.Lorsis.Worm is a worm that spreads through the KaZaA file-sharing network. If this worm is executed in February, or from December 6 to 31, it deletes critical system files.

The worm uses several different filenames ending with " .exe" (there are 15 spaces before the .exe extension); see the "Technical Details" section for a complete list.

During execution, the worm repeatedly attempts to copy itself to the A: drive, resulting in noticeable noise from the floppy drive, if one is installed.

W32.Lorsis.Worm is written in Visual Basic and is compressed with Aspack and UPX.




Type: Worm
Infection Length: 78848
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me
Systems Not Affected: Windows 3.x, Macintosh, OS/2, UNIX, Linux

---

All extra details from the Symantec Info Page

thx for heads up man... i wont b able to add for a few days