Aliases: Win32.Numrok.1478, W32/Numrok, W32.Bluback, Win32.Korn.1478, W32/Numrok-A
Variants: N/A

Classification: Malware
Category: Computer Virus

Status: Dormant
Spreading: Slow
Geographical info: Europe, North and South America, and some parts of Asia and Australia
Removal: Easy
Platform: W32
Discovered: 22 Aug 2003
Damage: Low

Characteristics: W32.Numrok.1478 is a virus that contaminates all the “.exe” files in the current folder as the original file. It attacks Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT and Windows XP platforms. Once opened, it appends itself to all the “.exe” files in the same folder as the original file. It copies itself with the hidden and system files.

More details about W32.Numrok.1478

Reports claim that the W32.Numrok.1478 program is capable of hijacking the user’s browser home pages and producing add-ons to the user’s preferred browser components. These modifications in the browser components reportedly allow the intruder to gain access and control over the computer. Once the intruder had gained access over the affected computer, the intruder can perform various actions on the computer from a remote server. These actions include sending and receiving files, launching and deleting files, running files and displaying notifications. The intruder can also perform malicious actions such as capture personal information, delete information and create system crashes.

The malware is installed without the interaction and control of the user and reportedly exploits weaknesses in the user’s security settings. Typically, the program infects the system through deceptive pretenses or through means that are not known to the user. It is capable of automatically reinstalling itself after the program had been uninstalled from the system. This application is considered by experts as malware because it can compromise system integrity by creating modifications to the system that can be later used for malicious objectives. The program also allows personal and confidential information to be shared to unauthorized parties.