WinMydoomVmm Free Removal tool

Win32.Mydoom.V@mm Free Removal tool 1.0 Free Removal tool for Win32.Mydoom.V@mm virus
Download

WinMydoomVmm Free Removal tool Ranking & Summary

Advertisement

  • Rating:
  • License:
  • Freeware
  • Publisher Name:
  • Softwin
  • Operating Systems:
  • Windows All
  • File Size:
  • 58 KB

WinMydoomVmm Free Removal tool Tags


WinMydoomVmm Free Removal tool Description

Free Removal tool for Win32.Mydoom.V@mm virus Symptoms: Presence of files Documents and SettingsAdministratorStart MenuProgramsStartuprx32hh00.exe and %SYSTEM%winspf32.exe. Presence of a file tmp*.tmp with a size of 234496 bytes. Presence of registry key: HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunWinSPF = %SYSTEM%winspf32.exe. HKCUSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsVersion = FrankenShteiN HKLMSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsVersion = FrankenShteiN HKCUSOFTWAREMicrosoftWindowsCurrentVersionInternet Settings5.0User Agent HKLMSOFTWAREMicrosoftWindowsCurrentVersionInternet Settings5.0User Agent This is a mass-mailer that also drops a backdoor. The file is downloaded from one the following urls: "http://www.llc.unibo.it" "http://www.surrenderzeeland.nl" "http://www.mercyships.de" "http://www.hiw.kuleuven.ac.be" "http://www.ach.ch" "http://vugs.geog.uu.nl" "http://www.planetboredom.net" and is downloaded to a temporary file ( with a temporary name ). This file's size is 234496 bytes. It seems that there are more versions of this worm, which are just recompilations of the same source. The worm creates a mutex called 'qwedefacedRDE'. It uses threads for searching for e-mail addreses in the following file types: wab,xls,vbs,uin,txt,tbb,stm,sht,php,msg,mht,jsp,htm,eml,dht,dbx,cgi,cfg,asp. It sends mail using it's own SMTP engine.


WinMydoomVmm Free Removal tool Related Software

About SoftwareSea