|
|
Detect and remove hidden rootkits using
UnHackMe
RegRun Security Suite = 24 system utilities for protecting your computer. Try now! |
 EastAV.exe - Dangerous
This worm spreads via the Internet as an attachment to infected emails. Characteristics of infected messages Message header (chosen at random from the list below) Message body (chosen at random from the texts below) Attachment A file with a .pif extension and a randomly generated name. The worm is activated when the user opens the attached file. Once launched, the worm installs inself to the system and starts propagating. Copies itself to the Windows directory under the name EastAV.exe and registers this file in the system registry auto-run key: [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "EastAV"="%windir%\EastAV.exe" The worm searches for files with the extensions listed below: adb; asp; cfg; cgi; dbx; dhtm; doc; eml; htm; html; jsp; mbx; mdx; mht etc. harvests email addresses and sends copies of itself to all addresses found. The worm uses its own SMTP library to send messages. The worm will attempt to conduct DoS attacks on the following sites in accordance with the system clock local settings: - www.cracks.am - www.emule.de - www.freemule.net - www.kazaa.com - www.keygen.us Use RegRun Startup Optimizer to remove it from startup. Removal: EastAV.exe is removed by RegRun.
Read more... Removal instructions...
Recommended software: RegRun Security Suite - removal and protection. http://www.regrun.com RegRun Reanimator - free removal tool. greatis.com/reanimator
What is hidden in MSDN? Why software developers prefer Win32.FreeTechSecrets.com? All Unix Manuals in Alphabetical Order C# controls for .NET in 3 simple steps. Constantly updated. Last update: June 30 2008
Interesting information about Vista programs... Need consultation? Would you like to add your opinion?
|
|
