ruby13.exe - Dangerous
ruby13.exe
Manual removal instructions:
Antivirus Report of ruby13.exe:
ruby13.exe
W32.Mexer.E@mm is a mass-mailing worm that also spreads through several file-sharing networks.
Adds the value: "Dir0"="012345:c:\sysnet\" to the registry keys:
HKEY_CURRENT_USER\Software\Imesh\Client\LocalContent\
HKEY_CURRENT_USER\Software\Kazaa\LocalContent
HKEY_CURRENT_USER\Software\Kazaa\Transfer
to spread using the iMesh and KaZaA peer-to-peer file-sharing networks.
Gathers the email addresses from the files and sends itself to the email addresses found, using its own SMTP engine.
Automatic removal: Use RegRun Startup Optimizer to automatically remove it from startup.
| ruby13.exe | Malware |
| ruby13.exe | Dangerous |
| ruby13.exe | High Risk |
Adds the value: "Dir0"="012345:c:\sysnet\" to the registry keys:
HKEY_CURRENT_USER\Software\Imesh\Client\LocalContent\
HKEY_CURRENT_USER\Software\Kazaa\LocalContent
HKEY_CURRENT_USER\Software\Kazaa\Transfer
to spread using the iMesh and KaZaA peer-to-peer file-sharing networks.
Gathers the email addresses from the files and sends itself to the email addresses found, using its own SMTP engine.
Automatic removal: Use RegRun Startup Optimizer to automatically remove it from startup.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.