|
|
Detect and remove hidden rootkits using
UnHackMe
RegRun Security Suite = 24 system utilities for protecting your computer. Try now! |
 %System%\bloodred.exe - Dangerous
1. Copies it body to the following files: %System%\bloodred.exe %System%\Windows_kernel32.exe %Windir%\bloodred.zip (A zipped copy of the worm. The file name within is Urgent_Info.pif.) %System%\base64exe.sys (detected as W32.Netsky.AE@mm!enc) %System%\base64zip.sys (detected as W32.Netsky.AE@mm!enc) 2. Adds the value: "Microsoft Kernel"="%System%\Windows_kernel32.exe" to registry Run key. 3. Infects the HOSTS file. Blocks access to antiviral sites and to Microsoft update. 4. Sends e-mails. Removal: Remove it from startup using RegRun Startup Optimizer. Restore the HOSTS file using RegRun Anti-Spyware. Stop the service and set it to disabled state. Remove files. Removal: %System%\bloodred.exe is removed by RegRun.
Read more... Removal instructions...
Recommended software: RegRun Security Suite - removal and protection. http://www.regrun.com RegRun Reanimator - free removal tool. greatis.com/reanimator
What is hidden in MSDN? Why software developers prefer Win32.FreeTechSecrets.com? All Unix Manuals in Alphabetical Order C# controls for .NET in 3 simple steps. Constantly updated. Last update: June 30 2008
Interesting information about Vista programs... Need consultation? Would you like to add your opinion?
|
|
