Welcome to the Virus Encyclopedia of Panda Security.
It modifies the configuration of the computer and the home page of Internet Explorer. It attempts to end processes belonging to several security tools, and spreads via e-mail.
|First detected on:||Feb. 23, 2005|
|Detection updated on:||March 4, 2005|
Assiral.A is a worm that modifies the settings of the affected computer: it prevents users from accessing the Windows Registry Editor, the Run option in the Start menu and the command line. It also prevents drives from being listed in the Windows Explorer.
Additionally, Assiral.A modifies the home page of the browser Internet Explorer.
This worm also attempts to end processes belonging to antivirus programs and firewalls. If successful, this would leave the affected computer vulnerable to the attack of other malware.
Assiral.A spreads via e-mail.
This worm can only affect the computer if two specific DLLs (Dynamic Link Library) belonging to the C++ Builder runtime are installed on the affected computer.
Assiral.A is easy to recognize, as it reaches the computer in an e-mail message with the following characteristics:
Additionally, once it has affected a computer, Assiral.A displays the following message on screen when it is run:
The user can also notice an MS-DOS window that appears briefly while Windows is starting up.