Search Solo Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info SRN Micro Privacy Statement

 


KORGO WORM SPREADS IN THE WILD

Virus Name  : W32.Korgo.H

Alias             : W32/Korgo.Worm.I, W32/Korgo-H, Korgo Worm,  WORM_KORGO.I

Virus type    : Internet worm

Threat level : Medium

Virus details :

                     Korgo is a network Worm,  exploits a remote code execution vulnerability LSASS to infect target systems. It scans for IP addresses and infects unpatched systems. This worm targets Windows 2000, and Windows XP systems. Solo Antivirus can detect and remove Korgo worm and its variants safely.

                     Korgo.H worm copies itself to Windows system folder with random exe file name. Then it modifies registry run section to load automatically on the next startup. The registry modification is given below.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
"Windows Update"= %System%\<random filename>.exe

The worm will also use the registry value
HKLM\Software\Microsoft\Wireless\ID = <random letters>

[ By default, %WINDOWS% will be C:\Windows in case of Windows 95/98/ME/XP, C:\Winnt in case of Windows NT/2000 ]

                     Korgo worm and its variants can be avoided by installing security patches from Microsoft. If you have not installed, you can get a copy at http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx

How can I protect my system?

                   Solo has incorporated W32.Korgo.Worm in its signature file to protect users from this worm attack. Make sure that you have installed registered version of Solo Antivirus to protect your system from all virus threats. 

How to remove this worm?

                   If you are already infected with this worm, download and install security patches from the link http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx Then run Solo anti-virus scanner to remove the worm components.

                   Solo antivirus can detect and remove W32.Korgo.Worm and its variants safely. Use the following link to Download 30 day trial version of Solo antivirus to remove viruses from your computer.

                   Solo anti-virus not only scans for all viruses, it contains a unique System Integrity Checker to protect you from New Internet Worms, Backdoors and malicious VB, Java Scripts. It also effectively removes all existing Internet Worms, File viruses, malicious VB, Java scripts, Trojans, Backdoors, boot sector, partition table and macro viruses.

You can purchase Solo antivirus using the link