Download Win32.Sobig.F@mm Removal Tool 1.0 - Win32.Sobig.F@mm FREE Removal Tool - filehoo

Filehoo free downloads

A
B
C
D
E-G
H-K
L-M
N-O
P
Q-R
S
T-V
W
X-Z

Download Categories
	Antivirus Compression tools CD-DVD Tools Office tools Programming Authoring tools File managers Desktop Enhancements Internet Network Tools Multimedia Tweak System Security Others Scheduling Windows Widgets

Antivirus Downloads
	Home > Antivirus > Win32.Sobig.F@mm Removal Tool 1.0 Win32.Sobig.F@mm Removal Tool 1.0 Last Updated:9/18/2007 12:38:56 AM Downloads :119 Add Reviews Download Now Version: 1.0, Size: 55 KB Report Broken User Rating:, License: Freeware Win32.Sobig.F@mm Removal Tool 1.0 description Win32.Sobig.F@mm FREE Removal Tool Name: Win32.Sobig.F@mm Aliases: W32/Sobig.F@mm Type: Executable Mass Mailer Size: ~70 KB Discovered: 19.08.2000 Spreading: High Damage: Low In The Wild: Yes Symptoms: Registry keys: HKLMSoftwareMicrosoftWindowsRunCurrentVersionTrayX with value: %WINDIR%winppr32.exe /sinc HKCUSoftwareMicrosoftWindowsRunCurrentVersionTrayX with value: %WINDIR%winppr32.exe /sinc Following files in the %WINDIR% folder: Winstt32.dat Winppr32.exe Winstf32.dll Technical description: It arrives in e-mail in the following format: Subject: Randomly chosen from the following list: "Re: Wicked screensaver" "Re: That movie" "Re: Your application" "Re: Approved" "Re: Re: My details" "Re: Details" "Your details" "Thank you!" "Re: Thank you!" Body: Please see the attached file for details. Or See the attached file for details Attachment: Randomly chosen from the following list: “.movie0045.pif" "wicked_scr.scr" "application.pif" "document_9446.pif" "details.pif" "your_details.pif" "thank_you.pif" "document_all.pif" "your_document.pif “. After the user opens the attachment the worm copies in the following location: %WINDIR%winppr32.exe and adds the following registry keys: HKLMSoftwareMicrosoftWindowsRunCurrentVersionTrayX with value: %WINDIR%winppr32.exe /sinc HKCUSoftwareMicrosoftWindowsRunCurrentVersionTrayX with value: %WINDIR%winppr32.exe /sinc It searches for e-mails in the following file types: html, wab, mht, hlp, txt, eml, htm, dbx The worm also spreads trough network shares. After the 10.09.2003 it stops spreading Removal instructions: The BitDefender Virus Analyse Team has releasead a free removal tool for this particular virus. Important: You will have to close all applications beforerunning the tool (including the antivirus shields) and to restart thecomputer afterwards. Additionally you ll have to manually delete theinfected files located in archives and the infected messages from yourmail client. The BitDefender Antisobig-en.exe tool does the following: it detects all the known Sobig versions. it deletes the files infected with Sobig. it kills the process from memory. it repairs the Windows registry You may also need to restore the affected files. To prevent the virus from replicating itself from infected machines toclean machines, you should try to disinfect all computers in thenetwork before rebooting any of them, or unplug the netw

Add Review for Win32.Sobig.F@mm Removal Tool 1.0

Subject *
Email *
Nick Name *
Image Confirm*	Refresh

Your Reviews (Max 2000 Chars) *

Home - Contact - Archive - Submit Download

©2007 filehoo.com