It only affects computers that belong to the same local network. It captures and modifies the HTTP-type network packets that are sent from these computers, in such a way that the websites visited by the user will be displayed with alterations. It spreads through the local, removable and mapped drives.

Windows 2003/XP/2000/NT/ME/98/95/3.X

Xorer.O is a worm that only affects computers that belong to the same local network.

Its main aim is to capture and modify the HTTP-type network packets that are sent from the computers.

As a consequence, the websites requested by the user will be displayed with alterations. However, this anomaly will not be displayed in the infected computer.

Xorer.O spreads through the local, removable and mapped drives, making copies of itself in them.

Xorer.O is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.

However, as Xorer.O only affects computers that belong to a local network, there will be symptoms in other computers.

In the computers that are part of the same network as the affected computer, the visited websites will have anomalies, a pop-up window will appear at the bottom right of the website, as in the image below: