Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

WORM_CASPID.B

Feb 24, 2004 12:38AM PST

Virus type: Worm

Destructive: No

Description:


This memory-resident worm propagates via peer-to-peer (P2P) applications and email.

It then drops the following copies of itself in the Windows folder:

EDISPAC.EXE
CAPGEDZAC.PIF
CAPCodB.HTM
CAPBPlan.HTM
It also drops a copy of itself using a random file name with an SCR extension in the Windows system folder.

It takes advantage of the following vulnerabilities:

A known vulnerability that affects Microsoft Outlook Express 5.5 and 6.0
Object Tag Code Base Exploit, which affects Microsoft Internet Explorer 5.01, 5.5, and 6.0
More information on the said vulnerabilities is available at following Microsoft pages:

Microsoft Bulletin MS03-014
Microsoft Bulletin MS02-015

This UPX-compressed malware runs on Windows 95, 98, ME, NT, 2000, and XP.

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_CASPID.B

Discussion is locked