Selected viruses, spyware, and other threats: sorted alphabetically
Short descriptionWin32/Small.AG is a worm that spreads by copying itself into the root folders of available drives.
InstallationWhen executed the worm copies itself in the following locations:
In order to be executed on every system start, the worm sets the following Registry entries:
The worm displays a fake error message:
"systray" = "%windir%\system234.exe"
- [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\
"run" = "%windir%\temp\mexica.exe"
SpreadingThe worm copies itself into the root folders of the following drives A:\ - G:\ using the following name: