ACTIVEDS.EXE - Dangerous

Software>Microsoft>Windows>CurrentVersion>Run, Winsrv=%Windows%\winsrv.exe CLICONFG="%Windows%\CLICONFG.EXE" HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>CurrentVersion>RunServices LoadManager="%Windows%\msload.exe" ACTIVEDS="%Windows%\ACTIVEDS.EXE" Use RegRun to automatically remove these registry items. ">

Application database

Startupapps.com recommends you:

Detect and remove hidden rootkits using UnHackMe Free fully functional 30-days trial.

RegRun Security Suite = 24 system utilities for protecting your computer. Try now!

I would like to say that RegRun has helped me on more than 1 occasion when it comes to spyware/adware by letting me know automatically that a piece of it got added to Windows startup. There is so much spyware/addware out there today it's hard to imagine being without RegRun. I like many other features too including the daily registry backups and file protection.

Chris Wagers

ACTIVEDS.EXE - Dangerous

activeds.exe

WORM_OPASERV.T
This memory-resident worm a member of the OPASERV family of worms, spreads via shared network drives.
Its destructive payloads are executed when the system date is between December 24 to 31 or when the year is greater than 2002.
This worm deletes files, overwrites the boot sector and destroys the CMOS.
It also modifies the registry and the configuration file, WIN.INI, so that it automatically executes every Windows startup.
It uses a known exploit that enables malicious users to access shared drives, as discussed in a security bulletin from Microsoft.

Removing autostart entries from the registry prevents the malware from executing during startup:
HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>CurrentVersion>Run
IASHLPR="%Windows%\IASHLPR.EXE"
FONTVIEW="%Windows%\FONTVIEW.EXE"
MPREXE="%Windows%\MPREXE.EXE"
Scr="%System\scr.scr"
BIOS1="%Windows%\BIOS1.EXE"

HKEY_CURRENT_USER>Software>Microsoft>Windows>CurrentVersion>Run,
Winsrv=%Windows%\winsrv.exe
CLICONFG="%Windows%\CLICONFG.EXE"

HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>CurrentVersion>RunServices
LoadManager="%Windows%\msload.exe"
ACTIVEDS="%Windows%\ACTIVEDS.EXE"

Use RegRun to automatically remove these registry items.

Removal: ACTIVEDS.EXE is removed by RegRun.

Download RegRun Suite. Click here.

Unzip downloaded file to any folder on your hard drive.
Open an executable file to start program installation.
Follow the installer instructions.
At the end of installing software on your computer you will be prompted to run "Scan for Viruses".
Wait for a couple seconds to finish scanning.
Click on the "Fix Problems" button.

Is it serious?
The programs is known as malware.

Item name:
ACTIVEDS.EXE

Click on the "Get it out!" button.

We suggest you to reboot your computer to be sure that your computer is clean now.
Do not hesitate to contact us:
Support center

Recommended software:
UnHackMe - easy removal Rootkits/Adware/Spyware.
http://www.unhackme.com

RegRun Security Suite - removal and protection. http://www.regrun.com

RegRun Reanimator - free removal tool. greatis.com/reanimator

RegRun - User's Choice

Vista Programs - full info...

What is hidden in MSDN?
.NET Secrets Revealed

Why software developers prefer Win32.FreeTechSecrets.com?

All Unix Manuals in Alphabetical Order

C# controls for .NET in 3 simple steps.

Constantly updated. Last update: August 25 2008

Interesting information about Vista programs...
Need consultation?

Would you like to add your opinion?

Quick Links: What's new?
RSS Feed
Add to AppDatabase
Ask Experts
Join forum
Links
Articles: Virus or not? SPTD####.sys
What is mc21.tmp, mc22.tmp, mc23.tmp?
Select: Necessary
Useless
At your option
Dangerous