W32.Magflag.A@mm
Aliases: Win32.Wreckage.A, TROJ_YABE.B, Win32/Rechnung!Worm
Variants: W32/Bagle.AK-mm, W32/Bagle.gen.b@MM, W32/Bagle-AK, Trojan.Win32.Agent.jk
Classification: Malware
Category: Computer Worm
Status: Active & Spreading
Spreading: Fast
Geographical info: N/A
Removal: Easy
Platform: W32
Discovered: 28 Sep 2005
Damage: Low
Characteristics: Belonging to a mass mailing Worm family, this malware makes use of Peer to Peer file sharing networks to deliver its infection to other computer systems. The payload delivery routine of the W32.Magflag.A@mm includes the capability download malicious files and execute them locally in the compromised machine. The source of the files that are downloaded are usually websites which are also under the control of the malicious author.
W32.Magflag.A@mm Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean W32.Magflag.A@mm from your computer.
More details about W32.Magflag.A@mm
Aside from using Peer to Peer file sharing networks, this malware and some of its variants have the ability of using the email messaging service to spread its codes to other vulnerable computer systems. The W32.Magflag.A@mm is known for executing a legitimate operating system process and injecting its codes into the process. It will then terminate the authentic system process and takes it place. This routine allows the W32.Magflag.A@mm to mimic original system processes to avoid arousing user suspicion and avoiding detection of system monitoring tools. The W32.Magflag.A@mm will create an executable copy of itself into the directory folder of the operating system. It will attempt to mix with legitimate system files to conceal its presence and complicate its removal from the infected computer system.The W32.Magflag.A@mm will modify the contents of the Windows Registry service by adding a new key value that will give it the functionality of automatically loading together with the operating system components. The Windows Registry will be used to bypass the active firewall protection system of the infected computer system. The W32.Magflag.A@mm will contact predetermined websites to cause the downloading and local execution of malicious files. The downloaded files are normally identified by their double file extension. The W32.Magflag.A@mm will harvest stored email addresses and target the remote systems by sending email messages with dangerous file attachments.
Browse for more malware information
- W32.Magflag.A@mm
- W32.Mailbancos@mm
- W32.Maldal.C@mm
- W32.Mancsyn
- W32.Mandaph
- W32.Maniccum
- W32.Mant.Worm
- W32.Mapson.C.Worm
- W32.Mari@mm
- W32.Marque.Worm
- W32.Masy.Worm
- W32.Matcher.Worm
- W32.Mdmbot
- W32.Medbot.A
- W32.Meetot
- W32.Melting.Worm
- W32.Mertian.Worm
- W32.Messmulti
- W32.Mexer.B.Worm
- W32.Mibling
- W32.Midlak@mm
- W32.Mikbaland
- W32.Mimail.A@mm
- W32.Mimbot.B
- W32.Minera.A
- W32.Mineup.Worm
- W32.Miniman@mm
- W32.Miroot.Worm
- W32.Mits.A@mm
- W32.Mixor
Contact Us
|
Privacy Policy
|
Site Map
Copyright © Uniblue Systems Limited 2007. All rights reserved.