Win32.HLLP.Semisoft.a, W32/Semisoft.60416a, Win32.HLLP.Semisoft.60416, W32/Semisoft, Win32/HLLP.Semisoft.A,
PE_SOFT.60416, W95/Semis.G, W32/HLLP.60516, Win32:Semisoft, Win32/HLLP.Semisoft.A,
Category: Computer Virus
Active & Spreading
Asia, North and South America, and some parts of Europe and Australia
13 Feb 2007
This virus contaminates Windows executable files, including NT and 9x. The virus drops infected files on the computer system and tries to contaminate other Windows executable files.
W32.Semisoft.59904 Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
We recommend that you scan your system for malware. Our partner has a computer virus removal tool to automatically clean W32.Semisoft.59904 from your computer.
More details about W32.Semisoft.59904
The W32.Semisoft.59904 virus tries to ping 4 different Internet Protocol addresses thought to be seen in New Zealand. Then, it runs a port, enabling remote access. The virus also tries to change the registry key to open the virus on Windows startup. There are a few variants of the W32.Semisoft.59904 virus, which have been located previously in the wild. The W32.Semisoft.59904 virus is a pretending PE infector, which duplicates under Windows NT and 9x. The virus affects the files “Setup.exe” and “Notepad.exe”, and makes clean backups of these pieces of data as Setupx.exe and Notepadx.exe. The virus drops the files Winipxa.exe, Winipx.exe, and Winsrvc.exe in the directory of Windows.
The W32.Semisoft.59904 application may download and install files without the knowledge of the user. It may download malware programs such as backdoor program, Trojan dropper application, adware program, spying software, key logger, password stealer Trojan application and worms. The application may also install data mining and rootkit tools. The program may utilize the downloaded rootkit tool to hide its presence from the computer. Rootkit tools may also hide the downloaded files by the application. The rootkit tools rename the files of the application into a legitimate Windows file. This makes the core components of the downloader Trojan program and the downloaded files hard to detect.