 |
 |
 |
 |
 |
 |
 |
 |
|
|
|
Win32.HLLM.MyDoom.based(TR/Dropper.Gen, Net-Worm.Win32.Mytob.gen, I-Worm/Mytob.AHR, TR/Crypt.XPACK.Gen, WORM_MYTOB.PB, Worm/Mytob.LT, W32/Generic.aay!worm, Worm/Mytob.DV, Packer.Enigma.B, I-Worm/Mytob.AMX, Generic.DK, Worm/Mytob.HG, WORM_MYDOOM.GEN, WORM_MYTOB.GI, I-Worm/Mytob.ANQ, WORM_MYTOB.FP, Worm/Mytob.ja, WORM_MYTOB.RC, Win32.Worm.Mytob.P, Worm/Mytob.II, Worm.Mytob.b, Net-Worm.Win32.Mytob.t, I-Worm/Mytob.A, W32/Mytob.ao@MM, I-Worm/Mytob.CA, I-Worm/Mytob.AH, W32/Generic.x, I-Worm/Mytob.AAY)
Virus Type: Mass mailing worms Affected OS: Win95/98/Me/2000/XP Size: can be 29 149 byte, 24 576 byte, 40 480 byte, 44 544 byte, 50 688 byte, 34 568 byte, 37 888 byte, 88 640 byte Packed by: can be packed by UPX, FSG
.adb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
SVRHOST.EXE
ZONEALARM ZONALM2601 ZATUTOR ZAPSETUP3001 ZAPRO XPF202EN WYVERNWORKSFIREWALL WUPDT WUPDATER WSBGATE WRCTRL WRADMIN WNT WNAD WKUFIND WINUPDATE WINTSK32 WINSTART001 WINSTART WINSSK32 WINSERVN WINRECON WINPPR32 WINNET WINMAIN WINLOGIN WININITX WININIT WININETD WINDOWS WINDOW WIN-BUGSFIX WINACTIVE WIN32US WIN32 WIMMUN32 WHOSWATCHINGME WGFE95 WFINDV32 WEBTRAP WEBSCANX WEBDAV WATCHDOG W9X W32DSM89 VSWINPERSE VSWINNTSE VSWIN9XE VSSTAT VSMON VSMAIN VSISETUP VSHWIN32 VSECOMR VSCHED VSCENU6.02D30 VSCAN40 VPTRAY VPFW30S VPC42 VPC32 VNPC3000 VNLAN300 VIRUSMDPERSONALFIREWALL VIR-HELP VFSETUP VETTRAY VET95 VET32 VCSETUP VBWINNTW VBWIN9X VBUST VBCONS VBCMSERV UTPOST UPGRAD UPDATE UPDAT UNDOBOOT TVTMD TVMD TSADBOT TROJANTRAP3 TRJSETUP TRJSCAN TRICKLER TRACERT TITANINXP TITANIN TGBOB TFAK5 TFAK TEEKIDS TDS-3 TDS2-NT TDS2-98 TCM TCA TC TBSCAN TAUMON TASKMON TASKMO TASKMG SYSUPD SYSTEM32 SYSTEM SYSEDIT SYMTRAY SYMPROXYSVC SWEEPNET.SWEEPSRV.SYS.SWNETSUP SWEEP95 SVSHOST SVCHOSTS SVCHOSTC SVC SUPPORTER5 SUPPORT SUPFTRL STCLOADER START ST2 SSGRATE SSG_4104 SS3EDIT SRNG SREXE SPYXX SPOOLSV32 SPOOLCV SPOLER SPHINX SPF SPERM SOFI SOAP SMSS32 SMS SMC SHOWBEHIND SHN SHELLSPYINSTALL SH SGSSFW32 SFC SETUPVAMEEVAL SETUP_FLOWPROTECTOR_US SERVLCES SERVLCE SERVICE SERV95 SD SCVHOST SCRSVR SCRSCAN SCANPM SCAN95 SCAN32 SCAM32 SC SBSERV SAVENOW SAVE SAHAGENT SAFEWEB RUXDLL32 RUNDLL16 RUNDLL RUN32DLL RULAUNCH RTVSCN95 RTVSCAN RSHELL RRGUARD RESCUE32 RESCUE REGEDT32 REGEDIT REGED REALMON RCSYNC RB32 RAY RAV8WIN32ENG RAV7WIN RAV7 RAPAPP QSERVER QCONSOLE PVIEW95 PUSSY PURGE PSPF PROTECTX PROPORT PROGRAMAUDITOR PROCEXPLORERV1.0 PROCESSMONITOR PROCDUMP PRMVR PRMT PRIZESURFER PPVSTOP PPTBC PPINUPDT POWERSCAN PORTMONITOR PORTDETECTIVE POPSCAN POPROXY POP3TRAP PLATIN PINGSCAN PGMONITR PFWADMIN PF2 PERSWF PERSFW PERISCOPE PENIS PDSETUP PCSCAN PCIP10117_0 PCFWALLICON PCDSETUP PCCWIN98 PCCWIN97 PCCNTMON PCCIOMON PCC2K_76_1436 PCC2002S902 PAVW PAVSCHED PAVPROXY PAVCL PATCH PANIXK PADMIN OUTPOSTPROINSTALL OUTPOSTINSTALL OUTPOST OTFIX OSTRONET OPTIMIZE ONSRVR OLLYDBG NWTOOL16 NWSERVICE NWINST4 NVSVC32 NVC95 NVARCH16 NUPGRADE NUI NTXconfig NTVDM NTRTSCAN NT NSUPDATE NSTASK32 NSSYS32 NSCHED32 NPSSVC NPSCHECK NPROTECT NPFMESSENGER NPF40_TW_98_NT_ME_2K NOTSTART NORTON_INTERNET_SECU_3.0_407 NORMIST NOD32 NMAIN NISUM NISSERV NETUTILS NETSTAT NETSPYHUNTER-1.2 NETSCANPRO NETMON NETINFO NETD32 NETARMOR NEOWATCHLOG NEOMONITOR NDD32 NCINST4 NC2000 NAVWNT NAVW32 NAVSTUB NAVNT NAVLU32 NAVENGNAVEX15.NAVLU32 NAVDX NAVAPW32 NAVAPSVC NAVAP.NAVAPSVC NAV N32SCANW MWATCH MU0311AD MSVXD MSSYS MSSMMC32 MSMSGRI32 MSMGT MSLAUGH MSINFO32 MSIEXEC16 MSDOS MSDM MSCONFIG MSCMAN MSCCN32 MSCACHE MSBLAST MSBB MSAPP MRFLUX MPFTRAY MPFSERVICE MPFAGENT MOSTAT MOOLIVE MONITOR MMOD MINILOG MGUI MGHTML MGAVRTE MGAVRTCL MFWENG3.02D30 MFW2EN MFIN32 MD MCVSSHLD MCVSRTE MCUPDATE MCTOOL MCSHIELD MCMNHDLR MCAGENT MAPISVC32 LUSPT LUINIT LUCOMSERVER LUAU LUALL LSETUP LORDPE LOOKOUT LOCKDOWN2000 LOCKDOWN LOCALNET LOADER LNETINFO LDSCAN LDPROMENU LDPRO LDNETMON LAUNCHER KILLPROCESSSETUP161 KERNEL32 KERIO-WRP-421-EN-WIN KERIO-WRL-421-EN-WIN KERIO-PF-213-EN-WIN KEENVALUE KAZZA KAVPF KAVPERS40ENG KAVLITE40ENG JEDI JDBGMRG JAMMER ISTSVC ISRV95 ISASS IRIS IPARMOR IOMON98 INTREN INTDEL INIT INFWIN INFUS INETLNFO IFW2000 IFACE IEXPLORER IEDRIVER IEDLL IDLE ICSUPPNT ICSUPP95 ICMON ICLOADNT ICLOAD95 IBMAVSP IBMASN IAMSTATS IAMSERV IAMAPP HXIUL HXDL HWPE HTPATCH HTLOG HOTPATCH HOTACTIO HIJACKTHIS HBSRV HBINST HACKTRACERSETUP GUARDDOG GUARD GMT GENERICS GBPOLL GBMENU GATOR F-STOPW FSMB32 FSMA32 FSM32 FSGK32 FSAV95 FSAV530WTBYB FSAV530STBYB FSAV32 FSAV FSAA FRW FP-WIN_TRIAL FP-WIN F-PROT95 F-PROT FPROT FNRB32 FLOWPROTECTOR FIREWALL FINDVIRU FIH32 FCH32 FAST FAMEH32 F-AGOBOT F-AGNT95 EXPLORE EXPERT EXE.AVXW EXANTIVIRUS-CNET EVPN ETRUSTCIPE ETHEREAL ESPWATCH ESCANV95 ESCANHNT ESCANH95 ESAFE ENT EMSW EFPEADM ECENGINE DVP95_0 DVP95 DSSAGENT DRWEBUPW DRWEB32 DRWATSON DPPS2 DPFSETUP DPF DOORS DLLREG DLLCACHE DIVX DEPUTY DEFWATCH DEFSCANGUI DEFALERT DCOMX DATEMANAGER CWNTDWMO CWNB181 CV CTRL CPFNT206 CPF9X206 CPD CONNECTIONMONITOR CMON016 CMGRDIAN CMESYS CMD32 CLICK CLEANPC CLEANER3 CLEANER CLEAN CLAW95CF Claw95 CFINET32 CFINET CFIAUDIT CFIADMIN CFGWIZ CFD CDP CCSETMGR CCPXYSVC CCEVTMGR CCAPP BVT BUNDLE BS120 BRASIL BPC BORG2 BOOTWARN BOOTCONF BLSS BLACKICE BLACKD BISP BIPCPEVALSETUP BIPCP BIDSERVER BIDEF BELT BEAGLE BD_PROFESSIONAL BARGAINS BACKWEB AVXQUAR AVXMONITORNT AVXMONITOR9X AVWUPSRV AVWUPD32 AVWUPD AVWINNT AVWIN95 AVSYNMGR AVSCHED32 AVPUPD AVPTC32 AVPM AVPDOS32 AVPCC AVP32 AVP AVNT AVLTMAIN AVKWCTl9 AVKSERVICE AVKSERV AVKPOP AVGW AVGUARD AVGSERV9 AVGSERV AVGNT AVGCTRL AVGCC32 AVE32 AVCONSOL AUTOUPDATE AUTOTRACE AUTO-PROTECT.NAV80TRY AUTODOWN AUPDATE AU ATWATCH ATRO55EN ATGUARD ATCON ARR APVXDWIN APLICA32 APIMONITOR ANTS ANTIVIRUS ANTI-TROJAN AMON9X ALOGSERV ALEVIR ALERTSVC AGENTW AGENTSVR ADVXDWIN ADAWARE ACKWIN32 _AVPM _AVPCC _AVP32 DRVDDLL
vladimir otto penny marie freddy elvin anthony zidane connie lenny vivian walter stephen brovac hanson carey joshua linda julie jimmy jerry helen lissy claudia humm anna alice stella adam harry fred jack bill stan smith steve matt dave ronnie joe jane bob robert peter tom chang mary william brian jim maria dolly jose steven sam george david kevin mike james michael alex john niky
mail.china.com hanmail.net k.ro dcemail.com brain.com.pk arabia.com mail.ee student.be mail.com.fr email.it mail.gr online.ie freemail.nl email.ro hotpop.com yook.de lovemail.com usa.com 21cn.com 163.com yahoo.co.uk lycos.com mailcity.com sina.com hotmail.com yahoo.com msn.com aol.com juno.com fbi.gov cia.gov
abuse accoun acketst admin anyone arin. avp bugs ca certific contact example feste fido foo. fsf. gnu gold-certs help info linux listserv me no nobody noone not nothing ntivi page postmaster privacy rating root samples service site soft somebody someone submit support the.bat unix webmaster you your and also if domain name contains such substrings:
.edu
.gov .mil arin. berkeley borlan bsd example fido foo. fsf. gnu gov. iana ibm.com icrosof icrosoft ietf inpris isc.o isi.e kernel linux math mit.e mozilla mydomai nodomai panda pgp rfc-ed ripe. ruslis secur sendmail sopho symav tanford.e unix usenet utgers.ed www
mx.
----------
Don't get wrong anymore!Hope the files is right!
Sorry, I'm late yesterday. But please read the file first!
I really need your help!
Here it is my response. Please reply back if got an idea.
Hope this is not a wrong file as you told me.
The previous file i have sended to you before are not correct. So, this is the correct file.
Have you read the file in the attachment?
If you found this email with an attachment please refer to the email attachment in order to read the sender email.
You have received this email with an email attachment. Please refer to your email attachment if you want to read the message.
Because of our services are not configured properly. We have converted your message as an attachment. Please download the file to read. Please note that your message has been converted to an attachment. Please refer to the attachment in order to read the file.
+++ Attachment: No Virus found
.pif
System recover recommendations
Important! Before following these recommendations you should set up the mail client you use so that it stores attachments as separate files and not in the body of the database. For example, such storage in TheBat! is enabled as follows: Account — Properties — Files & Directories — Keep attachment files — Separately in a special directory. |
Last updated: 2010-03-11 02:56:51 MSK
Total records in virus database: 1125562 Top virus chart
|
| Company | News&Events | Send a virus | Online scanner | Privacy policy | Site map | More www-resources: | |||
| www.av-desk.com www.freedrweb.com www.drweb-curenet.com |
pda.drweb.com estore.drweb.com |
|||
Doctor Web © |
Doctor Web is a Russian IT-security solutions vendor. Dr.Web anti-virus software has been developed since 1992. The leader on the Russian IT security services market, Doctor Web has been the first vendor that offered an anti-virus as a service in Russia. The company also offers proven anti-virus and anti-spam solutions for businesses, government entities, and personal use. We have a solid record of detecting malicious programs, and we adhere to all international security standards. Doctor Web has received numerous certificates and awards; our satisfied customers spanning the globe are clear evidence of the complete trust customers have in our products. |
