This application requires Javascript for optimal performance.

W32/Allaple.B!worm.im - Released Dec 23, 2006 - Last Updated Mar 27, 2007

Alias/es

Net-Worm.Win32.Allaple.b, WORM_ALLAPLE.C, W32/Allaple.C

Detection Availability

Active DatabaseExtended Database
FortiGate
low
high
FortiClient
FortiMail N/A

Visible Symptoms

  • The following files exist:
    • urdvxc.exe
    • [7 Random Characters].exe

    Detailed Analysis

  • Drops the following files:
    • urdvxc.exe
    • [7 Random Characters].exe
  • Adds the following registry:
    • key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSWindows
    • value: ImagePath
    • data: %System%\urdvc.exe

    Recommended Action

      FortiGate Systems

    • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the 'Allow Push Update' option.

      FortiClient Systems

    • Quarantine/delete files that are detected and replace infected files with clean backup copies.


    Reference: ID - 315904