|
|
Detect and remove hidden rootkits using
UnHackMe
RegRun Security Suite = 24 system utilities for protecting your computer. Try now! |
 JAMMER2ND.EXE - Dangerous
Scans drives C through Z (excluding CD-ROM drives) and retrieves the email addresses from any files with the predefined extensions. Then, the worm uses its own SMTP engine to send itself to the email addresses that it finds to jamainlbbbsdef@yahoo.com The From line of the email is spoofed, and its Subject, Message, and Attachment vary. The attachment has a .zip extension. Also known as W32/Netsky.z@MM Copies itself as %WinDir%\Jammer2nd.exe. Creates a zip file containing the worm to %Windir%\PK_ZIP_ALG.LOG. Listens on TCP port 665 for an attacker to send an executable file. The worm will automatically run the executable when it is downloaded. If the date of the system clock is between May 2, 2004 and May 5, 2004, the worm will attempt to perform Denial of Service (DoS) attack against the following Web sites: www.nibis.de; www.medinfo.ufl.edu; www.educa.ch Manual removal: Navigate to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and delete the value: "Jammer2nd" = %WinDir%\JAMMER2ND.EXE Removal: JAMMER2ND.EXE is removed by RegRun.
Read more... Removal instructions...
Recommended software: RegRun Security Suite - removal and protection. http://www.regrun.com RegRun Reanimator - free removal tool. greatis.com/reanimator
What is hidden in MSDN? Why software developers prefer Win32.FreeTechSecrets.com? All Unix Manuals in Alphabetical Order C# controls for .NET in 3 simple steps. Constantly updated. Last update: May 12 2008
Interesting information about Vista programs... Need consultation? Would you like to add your opinion?
|
|
