W32.Tendoolf
Aliases: Backdoor.SubSeven, W32/Floodnet@MM
Variants: Win32/Cute.Worm, WORM_TENDOOLF.A
Classification: Malware
Category: Trojan Horse
Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 01 May 2002
Damage: Low
Characteristics: The W32.Tendoof application is a Backdoor Subseven varient which propagates through email. The systems affected include Windows 95, Windows, Windows NT Windows 98, Windows XP, Windfows 2000, and Windows Me.
W32.Tendoolf Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a trojan horse removal tool to automatically clean W32.Tendoolf from your computer.
More details about W32.Tendoolf
Once the W32.Tendoolf was executed, it replicates itself to the Windows in Drive C. It adds a value to the keys of the registry. The worm will then modify a line in System.ini file. The worm exists to be coded in order to have the capability to propagate through the email. The message of the email consists of Subject hat contains ‘Thoughts...’, Message that contains ‘I just found this program, and, i dont know why... but it reminded me of you. check it out.’, and an Attachment containing ‘.exe’. In laboratory environment, The routine of mailing hasn’t been reproduced successfully.You must have up-to-date virus definitions before removing the viruses on your computer. Delete the detected files as W32.Tendoolf then you must remove the added values found in the registry. When deleting it, just type the regedit to the Run dialog Box that appears. Then just navigate some keys and delete the values located on the right pane. Go to the Registry button then click the Exit. For computers having Windows Me, Windows 98, and Windows 95 only, you just eliminate the text that was added to the two start files on the windows. Go to the Start and then click the Run button. Type edit c:windowswin.ini then just click OK. The MS Dos Editor will open. In case the Windows was installed on another location it will make the proper substitution of the path. Look for the entry in the file section. Then choose the whole line. Make it sure that you haven’t chose some text then click on Delete. Save the file and then Exit the program.
Browse for more malware information
Contact Us
|
Privacy Policy
|
Site Map
Copyright © Uniblue Systems Limited 2007. All rights reserved.