winlogon.scr - Dangerous
winlogon.scr
Manual removal instructions:
Antivirus Report of winlogon.scr:
winlogon.scr
W32.Netsky.AA@mm is a variant of W32.Netsky.Z@mm that scans for email addresses on all non-CD-ROM drives on the infected computer.
It uses its own SMTP engine to send itself to to xdfggra@yahoo.com the email addresses that it finds.
Its Subject, Message, and Attachment vary. The attachment has a .pif extension.
Also Known As: WORM_NETSKY.AA, W32/Netsky.aa@MM, Win32.Netsky.AA, W32/Netsky-AA
Variants: W32.Netsky.X@mm, W32.Netsky.Y@mm, W32.Netsky.Z@mm
Copies itself as %Windir%\Winlogon.scr.
Adds the value: "SkynetRevenge"="%Windir%\winlogon.scr"
to the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
If the file name does not contain the string "scr", it will display the following message:
Title: Error
Message: Out of system memory
Scans drives (excluding CD-ROM drives) and retrieves email addresses from any files that have predefined extensions.
Use RegRun Startup Optimizer to automatically remove this virus.
| winlogon.scr | Malware |
| winlogon.scr | Dangerous |
| winlogon.scr | High Risk |
It uses its own SMTP engine to send itself to to xdfggra@yahoo.com the email addresses that it finds.
Its Subject, Message, and Attachment vary. The attachment has a .pif extension.
Also Known As: WORM_NETSKY.AA, W32/Netsky.aa@MM, Win32.Netsky.AA, W32/Netsky-AA
Variants: W32.Netsky.X@mm, W32.Netsky.Y@mm, W32.Netsky.Z@mm
Copies itself as %Windir%\Winlogon.scr.
Adds the value: "SkynetRevenge"="%Windir%\winlogon.scr"
to the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
If the file name does not contain the string "scr", it will display the following message:
Title: Error
Message: Out of system memory
Scans drives (excluding CD-ROM drives) and retrieves email addresses from any files that have predefined extensions.
Use RegRun Startup Optimizer to automatically remove this virus.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.