 | WinBagleALmm free removal toolWin32.Bagle.AL@mm free removal tool 1.0 Free removal tool for Win32.Bagle.AL@mm |
| Download | |
WinBagleALmm free removal tool Ranking & Summary
Advertisement
WinBagleALmm free removal tool Tags
- Bagle.E antivirus Bagle.E Bagle.C antivirus Bagle.C Bagle.BK antivirus Bagle.BK Bagle.B antivirus Bagle.B Bagle.AA antivirus Bagle.AA Bagle.AH antivirus Bagle.AH Win32.Bagle Remover Detect Bagle Win32.Bagle Bagle Bagle.A antivirus erase Bagle.A Bagle.A Bagle.AI Detect Win32.Bagle Remove F-Bagle F-Bagle Al Pacino Clean Bagle Cure Bagle
WinBagleALmm free removal tool Description
Free removal tool (Kaspersky Virus Removal Tool 2010) for Win32.Bagle.AL@mm Symptoms: - Presence of file %SYSTEM%WINdirect.exe. - Presence of file %SYSTEM%windll.exe. - Presence of registry key HKLMSOFTWAREMicrosoftWindowsCurrentVersionRunwin_upd.exe = %SYSTEM%WINdirect.exe or HKCUSOFTWAREMicrosoftWindowsCurrentVersionRunwin_upd.exe = %SYSTEM%WINdirect.exe. - Presence of registry key HKCUSOFTWAREMicrosoftWindowsCurrentVersionRu1n. Technical description: The worm comes in the form of a small file, that drops another file ( namely WINDirect.exe) in the %SYSTEM% directory. This file then tries to raise it's privilege level and then starts a thread in which it keeps looking at all the processes and when it finds one within a list ( in order to prevent updating an AV product or the use of a firewall ) it tries to terminate it. Then it starts another thread that tries to download the main part of the massmailer from a list of addresses, each 10 hours.
WinBagleALmm free removal tool Related Software