Welcome to the Virus Encyclopedia of Panda Security.
|Effects: ||It spreads rapidly through the P2P (peer-to-peer) file sharing applications such as WinMX, KaZaA or Edonkey. It also launches DoS attacks.|
|First detected on:||May 6, 2003|
|Detection updated on:||March 16, 2005|
|Yes, using TruPrevent Technologies
Winur.C is a worm that rapidly spreads through P2P (peer-to-peer) file sharing programs, such as WinMX, KaZaa or Edonkey.
Winur.C copies a large number of files in the default shared directories of these programs. By doing this, the virus author or other users of these file sharing programs will be able to access the files.
The files copied to the shared directories include:
- All the files in the My documents folder.
- All the files with a DOC or RTF extension that are stored in the Temporary directory.
- All the files with an INI or PWL extension that are stored in the Temporary directory.
Winur.C also launches a DoS attack on the website www.whitepower.org and deletes certain antivirus programs from affected computers.
Winur.C is difficult to recognize, as it does not display any warnings or messages that indicate that it has infected a computer.