Welcome to the Virus Encyclopedia of Panda Security.
|First detected on:||Sept. 10, 2010|
|Detection updated on:||Oct. 19, 2010|
Visal.A is a worm which reduces the protection level of the affected computer, as it prevents many programs related to computer security from being run, like antivirus solutions and firewalls. It also disables several Windows services related to security, like Windows Security Center y Windows Update.
Additionally, it attempts to download several tools which allow it to steal the passwords stored by browsers like Internet Explorer or Firefox, and instant messaging programs, among others.
Visal.A uses the following means to spread:
- email, in messages with subjects like Here you have and which contain a link that points to the download of the worm.
- removable drives, making copies of itself in them.
- networks, attempting to make copies of itself if it finds any accessible computer in the network.
Visal.A is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.
However, when it spreads via email, it uses messages with the following features:
- Subject: it can be any of the following, among others:
Here you have
Just for you
- Message: it contains a link to a website and under the pretext of a document apparently known by users it tries to convince users to click on the link. The content of the message can also make reference to free downloads of porn movies.
In the following image, you can see several examples of the email messages the worm users to spread: