WinBagleALmm free removal tool description
Free removal tool for Win32.Bagle.AL@mm
Symptoms:
- Presence of file %SYSTEM%WINdirect.exe.
- Presence of file %SYS@mm
Symptoms:
- Presence of file %SYSTEM%WINdirect.exe.
- Presence of file %SYSTEM%windll.exe.
- Presence of registry key HKLMSOFTWAREMicrosoftWindowsCurrentVersionRunwin_upd.exe = %SYSTEM%WINdirect.exe or
HKCUSOFTWAREMicrosoftWindowsCurrentVersionRunwin_upd.exe = %SYSTEM%WINdirect.exe.
- Presence of registry key HKCUSOFTWAREMicrosoftWindowsCurrentVersionRu1n.
Technical description:
The worm comes in the form of a small file, that drops another file ( namely WINDirect.exe) in the %SYSTEM% directory.
This file then tries to raise it’s privilege level and then starts a thread in which it keeps looking at all the processes and when it finds one within a list ( in order to prevent updating an AV product or the use of a firewall ) it tries to terminate it. Then it starts another thread that tries to download the main part of the massmailer from a list of addresses, each 10 hours.
April 14th, 2008 at 11:02 pm
plese to download
April 15th, 2008 at 3:27 am
good
April 15th, 2008 at 7:26 am
fine & good
April 15th, 2008 at 6:28 pm
good
April 16th, 2008 at 12:21 am
thanks
April 16th, 2008 at 3:46 am
i need antivirus
May 6th, 2009 at 2:00 pm
i can slove my problem through this antivirus
July 31st, 2009 at 7:27 am
I need antivirus for emergency
August 2nd, 2009 at 10:57 pm
hi
August 24th, 2009 at 1:59 pm
thank for you
October 31st, 2009 at 1:24 pm
give me this pac