W32.Vote.gen@mm is a mass-mailing worm that is written in Visual Basic. When it is executed, it emails itself to all email addresses in the Microsoft Outlook address book. The worm inserts three .vbs files on the system. It also modifies the Internet Explorer home page. W32.Vote.gen@mm is a variant of W32.Vote.A@mm
. The main difference is that it inserts three VBS scripts instead of two.
Virus definitions dated September 26, 2001 or earlier may detect this as either W32.Vote.A@mm or W32.Vote.B@mm
If the Backdoor.Trojan was successfully installed on the computer, it is possible that your system has been accessed remotely by an unauthorized user. For this reason it is impossible to guarantee the integrity of a system that has had such an infection. The remote user could have made changes to the system, including but not limited to the following:
- Stealing or changing passwords or password files
- Installing remote-connectivity host software, also known as backdoors
- Installing keystroke logging software
- Configuring firewall rules
- Stealing credit card numbers, banking information, personal data, and so on
- Deleting or modifying files
- Sending inappropriate or even incriminating material from a customer's email account
- Modifying access rights on user accounts or files
- Deleting information from log files to hide such activities
To be certain that your organization is secure, you must reinstall the operating system, restore files from a backup that was made before the infection took place, and change all passwords that may have been on the infected computers or that were accessible from it. This is the only way to ensure that your systems are safe. For more information regarding security in your organization, contact your system administrator.
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.