W32.Jermy.A
Aliases: Email-Worm.Win32.Kazus.d, I-Worm.Kazus.d, W32/Generic.a@MM, HLLM.Generic.259, Win32/VBMassMail.gen+
Variants: WORM_JERMY.C, W32/Jermy, Win32:Jeremy-C, I-Worm/Kazus.B, Worm Generic.LC
Classification: Malware
Category: Computer Worm
Status: Inactive
Spreading: Slow
Geographical info: Europe, America
Removal: Hard
Platform: W32
Discovered: 24 Oct 2003
Damage: Low
Characteristics: The W32.Jermy.A worm is an email worm written in Visual Basic. This worm will attempt to send itself to the addresses it will harvest from the address book of Microsoft Outlook. The email that that the worm will be sending will have an attachment that is infected with its code and can either be in the .exe or .scr format. The worm will likewise try to establish a connection to a predetermined IRC server to wait for commands that will be given by its remote master.
W32.Jermy.A Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean W32.Jermy.A from your computer.
More details about W32.Jermy.A
Once run in the compromised computer, the W32.Jermy.A will create a text file and an .ini file which is actually a Trojan. It will then copy itself to the system as a .scr file. Next, the worm will create autostart entries in the Registry allowing it to run whenever Windows is started. This worm is capable of searching the address book of Outlook Express and sending itself as an attachment to addresses it has obtained. The body of the email is in the Slovakian language. The worm is also able to alter the Search and Start page settings of the Internet Explorer by changing its registry values. When altered, Internet Explorer will be redirected to sites predefined by the worm. It then tries to connect with its author via an IRC server for more instructions.To remove the infection of the W32.Jermy.A worm, all dropped files related with it should be deleted upon detection. You can go to the Windows Task Manager and then look at the list of all active process. When all dropped files have been located, end them by clicking the ‘End Process’ option. You can also try to identify the security threat’s related files’ exact locations in the hard drive and then remove them. You can then turn on the Windows Task Manager again to make sure that the malware and all malicious files associated with it have been eliminated from the system.
Browse for more malware information
- W32.Jermy.A
- W32.Jitux.Worm
- W32.Joot.A@mm
- W32.Josam.Worm
- W32.Joydotto
- W32.Jubon@mm
- W32.Jumpred.A
- W32.Kabab.A
- W32.Kangero.A
- W32.Kassbot.A
- W32.Kaxela.A
- W32.Keco@mm
- W32.Kedebe.B@mm
- W32.Kelino.Worm
- W32.Kelvir!gen
- W32.Kergez.C@mm
- W32.Kerim@mm
- W32.Kernelbot.A
- W32.Kibtos
- W32.Kibuv.B
- W32.Killaut.A
- W32.Kiman.B
- W32.Kitro.A.Worm
- W32.Klez.A@mm
- W32.Kobot.A
- W32.Koddro@mm
- W32.Koobface.A
- W32.Korgo.A
- W32.Korron.A
- W32.Kromber
Contact Us
|
Privacy Policy
|
Site Map
Copyright © Uniblue Systems Limited 2007. All rights reserved.