Win32.Sobig.F@mm Removal Tool free download, Win32.Sobig.F@mm Removal Tool download on software download

Name: Win32.Sobig.F@mm Aliases: W32/Sobig.F@mm Type: Executable Mass Mailer Size: ~70 KB Discovered: 19.08.2000 Spreading: High Damage: Low In The Wild: Yes Symptoms:Registry keys:HKLMSoftwareMicrosoftWindowsRunCurrentVersionTrayX with value:%WINDIR%winppr32.exe /sincHKCUSoftwareMicrosoftWindowsRunCurrentVersionTrayX with value:%WINDIR%winppr32.exe /sincFollowing files in the %WINDIR% folder:Winstt32.datWinppr32.exeWinstf32.dllTechnical description: It arrives in e-mail in the following format:Subject: Randomly chosen from the following list: "Re: Wicked screensaver" "Re: That movie" "Re: Your application" "Re: Approved" "Re: Re: My details" "Re: Details" "Your details&quoBody:Please see the attached file for details.OrSee the attached file for detailsAttachment:Randomly chosen from the following list:"movie0045.pif""wicked_scr.scr""application.pif""document_9446.pif""details.pif""your_details.pif""thank_you.pif""document_all.pif""your_document.pif "After the user opens the attachment the worm copies in the following location:%WINDIR%winppr32.exeand adds the following registry keys:HKLMSoftwareMicrosoftWindowsRunCurrentVersionTrayX with value:%WINDIR%winppr32.exe /sincHKCUSoftwareMicrosoftWindowsRunCurrentVersionTrayX with value:%WINDIR%winppr32.exe /sincIt searches for e-mails in the following file types:html, wab, mht, hlp, txt, eml, htm, dbxThe worm also spreads trough network shares. After the 10.09.2003 it stops spreadingRemoval instructions: The BitDefender Virus Analyse Team has releasead a free removal tool for this particular virus.Important: You will have to close all applications before running the tool (including the antivirus shields) and to restart the computer afterwards. Additionally you'll have to manually delete the infected files located in archives and the infected messages from your mail client. The BitDefender Antisobig-en.exe tool does the following:· it detects all the known Sobig versions;· it deletes the files infected with Sobig;· it kills the process from memory;· it repairs the Windows registryYou may also need to restore the affected files.To prevent the virus from replicating itself from infected machines to clean machines, you should try to disinfect all computers in the network before rebooting any of them, or unplug the network cables.

Win32.Sobig.F@mm Removal Tool Related Software