W32.Changeup!gen44
Posted: August 23, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 2/10 |
|---|---|
| Infected PCs: | 12 |
| First Seen: | August 23, 2013 |
|---|---|
| OS(es) Affected: | Windows |
W32.Changeup!gen44 is a new version of the Changeup worm, which creates copies of itself for further distribution while also installing additional PC threats onto any infected computer. W32.Changeup!gen44 lacks many of the traditional defenses that SpywareRemove.com malware researchers associate with similar PC threats, including its apparent removal of polymorphism that was a characteristic of older versions of Changeup. Ironically, these changes, while making W32.Changeup!gen44 more vulnerable to removal by anti-malware products, also may prevent W32.Changeup!gen44 from being detected as a new version of Changeup, and using updated threat databases for your security software is particularly encouraged when dealing with any W32.Changeup!gen44 infection.
How Changing Up a Worm Can Give Your PC New Problems
As a well-developed and still-maintained family of worms, Changeup often undergoes tweaks that allow it to evade analysis or removal – at least, in theory – while its primary payloads remain consistent between versions. W32.Changeup!gen44 is one of the newest versions of Changeup and lacks most of the code-obfuscating techniques Changeup previously was known for using. Since W32.Changeup!gen44 has undergone some significant structural changes in its code, this lack of obfuscation may be an oversight on the part of W32.Changeup!gen44's malware authors, but W32.Changeup!gen44 also has the potential to hinder the accurate identification of W32.Changeup!gen44 as a new variant of Changeup.
Regardless of the reasoning behind its changes, W32.Changeup!gen44 continues to offer the same unpalatable payload that other Changeup variants have implemented. SpywareRemove.com malware experts have outlined two of the most central of W32.Changeup!gen44's attack features as follows:
- W32.Changeup!gen44 may install other malware. Backdoor Trojans, spyware (such as Trojan Zeus) and rogue anti-malware programs all have been seen being installed by W32.Changeup!gen44 and other Changeup variants.
- W32.Changeup!gen44 creates copies of itself to distribute on other vulnerable PCs. Network-accessible systems, archive files (such as ZIP), shared removable HD devices and even P2P download/upload clients all may be exploited by W32.Changeup!gen44. Like most worms, W32.Changeup!gen44 also makes use of the Autorun Windows exploit to install itself automatically.
A Change for the Better without W32.Changeup!gen44 Infesting Your PC
Restricting W32.Changeup!gen44's access to any related PCs and eliminating all copies of W32.Changeup!gen44 should be your two priorities whenever your computer has been compromised by a W32.Changeup!gen44 attack. SpywareRemove.com malware researchers recommend avoiding shared peripheral devices and preventing any unnecessary network access with other computers until all copies of W32.Changeup!gen44 are removed from your computer with suitable anti-malware tools. Any standard W32.Changeup!gen44 infection will include multiple copies of W32.Changeup!gen44, along with any other PC threats that W32.Changeup!gen44 also may have installed.
It also is noteworthy that W32.Changeup!gen44 may compromise archive-packaged files, such as ZIP files, by inserting copies of itself. Be particularly careful to scan any potentially compromised files even after you've dealt with all obvious copies of W32.Changeup!gen44, since they may harbor additional W32.Changeup!gen44 clones that are just as dangerous as the original worm.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.