direct.exe - Dangerous
direct.exe
Jeff's Story:
My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.
I sought a solution on the Internet and discovered your product and tried out the trial.
You quickly found the rootkit and SAVED my PC!
I haven't had any problems since, and I'm extremely grateful.
Manual removal instructions:
The email does not contain the worm itself, but a script Trojan which downloads the worm from the Internet.
The worm is coded to infect executable files.
Also, it attempts to terminate antivirus programs and firewalls.
Once launched, the worm copies itself and its components to the Windows system directory under the names: directs.exe; directs.exeopen
and registers directs.exe in the system registry autorun key:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] direct.exe=%System%\direct.exe
The worm searches the system registry for keys installed by other worms (i.e.Netsky) and deletes them.
The worm searches disks for files with e-mail addresses and then sends messages to all addresses found in these files.
The worm uses its own SMTP server to send messages.
Please, remove it with RegRun.