jammer2nd.exe - Dangerous
jammer2nd.exe
Manual removal instructions:
Antivirus Report of jammer2nd.exe:
jammer2nd.exe
The W32.Netsky.Z@mm worm is a Netsky variant that scans for the email addresses on all non-CD-ROM drives on an infected computer.
Scans drives C through Z (excluding CD-ROM drives) and retrieves the email addresses from any files with the predefined extensions.
Then, the worm uses its own SMTP engine to send itself to the email addresses that it finds to jamainlbbbsdef@yahoo.com
The From line of the email is spoofed, and its Subject, Message, and Attachment vary. The attachment has a .zip extension.
Also known as W32/Netsky.z@MM
Copies itself as %WinDir%\Jammer2nd.exe.
Creates a zip file containing the worm to %Windir%\PK_ZIP_ALG.LOG.
Listens on TCP port 665 for an attacker to send an executable file.
The worm will automatically run the executable when it is downloaded.
If the date of the system clock is between May 2, 2004 and May 5, 2004, the worm will attempt to perform Denial of Service (DoS) attack against the following Web sites:
www.nibis.de; www.medinfo.ufl.edu; www.educa.ch
Manual removal:
Navigate to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
and delete the value: "Jammer2nd" = %WinDir%\JAMMER2ND.EXE
jammer2nd.exe | Malware |
jammer2nd.exe | Dangerous |
jammer2nd.exe | High Risk |
Scans drives C through Z (excluding CD-ROM drives) and retrieves the email addresses from any files with the predefined extensions.
Then, the worm uses its own SMTP engine to send itself to the email addresses that it finds to jamainlbbbsdef@yahoo.com
The From line of the email is spoofed, and its Subject, Message, and Attachment vary. The attachment has a .zip extension.
Also known as W32/Netsky.z@MM
Copies itself as %WinDir%\Jammer2nd.exe.
Creates a zip file containing the worm to %Windir%\PK_ZIP_ALG.LOG.
Listens on TCP port 665 for an attacker to send an executable file.
The worm will automatically run the executable when it is downloaded.
If the date of the system clock is between May 2, 2004 and May 5, 2004, the worm will attempt to perform Denial of Service (DoS) attack against the following Web sites:
www.nibis.de; www.medinfo.ufl.edu; www.educa.ch
Manual removal:
Navigate to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
and delete the value: "Jammer2nd" = %WinDir%\JAMMER2ND.EXE
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.