W32.Pipeline

From ITS Wiki - Information Technology Services - University of Rhode Island

Jump to: navigation, search
Poke.png Malware

This page is part of a category. To see more pages like this, go to the Malware index.

W32.Pipeline is a Worm that propagates through AIM. This worm spreads when users click on a link that appears to have been sent to them by someone on their Buddy List. When clicked, the Worm sends an executable file that looks like .jpg (Picture). Once the executable has been run, it can perform a variety of actions, including installing a version of rootkit that is very difficult to remove.

 Hey, is it okay if I add this picture of you to my site? - Picture.exe

One of the more dangerous aspects of the worm is that it can connect to remote file upload sites which can then be used as distribution sites for new virus infections. Once a computer is infected, the program will propogate using the same instant messaging method.

Removal steps:

  1. Update your Anti-Virus application.
  2. Download and install AIMFix.
  3. Run your Anti-Virus application in [Windows, Safe Mode].
  4. Reboot.
  5. Run AIMFix.
  6. Run Disk Cleanup.

Relevant Links:

 Kaspersky Labs: Virus List 
 URI Virus Website