W32.Relfeer
Aliases: N/A
Variants: N/A
Classification: Malware
Category: Computer Worm
Status: Active & Spreading
Spreading: Slow
Geographical info: North America
Removal: Easy
Platform: W32
Discovered: 01 May 2007
Damage: Low
Characteristics: W32.Relfeer is a worm. It spreads through network shares and file-sharing applications. It also attempts to download other malicious files on to the infected computer. It is a slow infector and a low risk worm that can be easily removed using an updated antivirus software.
W32.Relfeer Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean W32.Relfeer from your computer.
More details about W32.Relfeer
The worm W32.Relfeer propagates through unsecured network shares and file-sharing applications. When the worm executes, it drops and opens the following file:[WORM FILE NAME].ppt. Afterwards, the worm may create copies of itself with several of the following filenames: reloc32.exe, system32\updates.exe, system32\wandrv.exe, system32\WAN_DR.ULD, svhst32.exe, config_.exe, sysutil.exe, and [WORM FILE NAME].exe. The worm may also copy itself to file-sharing application folders using variable filenames. Next, the worm creates registry entries to make sure that it executes whenever Windows starts. The worm then checks for Internet connection trying to access the following location: www.google.de. The worm may download and execute files via HTTP from predetermined location that include idalpi.freehostia.com and iggywal.bravehost.com.The worm may also download one or more files via FTP from the following hosts: ftp.0catch.com, renaldo241.0catch.com, and ws6.100ws.com.The W32.Relfeer application may also be used to add unwanted programs to the system. These are downloaded, installed, and executed in the system. Registry entries may also be made to make sure they run at system startup. Data files may also be copied, moved, or deleted. The settings of the system may be changed. Certain features may be disabled to prevent the software from being removed. The running processes of anti-malware applications may be stopped or erased. Access to security websites can also be blocked to prevent security software from updating.
Browse for more malware information
- W32.Relfeer
- W32.Relnek.A
- W32.Remabl.Worm
- W32.Remadmin
- W32.Remadworm
- W32.Renama.A@mm
- W32.Renco@mm
- W32.Repad.Worm
- W32.Reploret
- W32.Resdoc
- W32.Resik.A
- W32.Rexli.A@mm
- W32.Reztrict@mm
- W32.Ridnu.B
- W32.Rinbot!gen
- W32.Rispif.A
- W32.Rokid
- W32.Ronoper.B@mm
- W32.Rontokbro
- W32.Rontokbro.AN@mm
- W32.Row@mm
- W32.Ruland.A@mm
- W32.Rungbu
- W32.Rusty@m
- W32.SQLExp.Worm
- W32.Sachiel
- W32.Sachy.A
- W32.Safook
- W32.Sagevo
- W32.Salga.A@mm
Contact Us
|
Privacy Policy
|
Site Map
Copyright © Uniblue Systems Limited 2007. All rights reserved.