wipe-deletion-erasure-purge


Worm.Win32.Drew.a

Worm.Win32.Drew.a

CyberScrub AntiVirus
Research Bank

This worm spreads via the Internet as an attachment to infected messages.

It sends itself to email addresses harvested from the victim machine.

The worm itself is a Windows PE EXE file approximately 30KB in size, packed using MEW. The unpacked file is approximately 168KB in size.

The worm contains a backdoor.

Installation

Once launched, the worm copies itself to the Windows system directory as 'winlogoff.exe'

It then changes the system registry accordingly:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell" = "Explorer.exe winlogoff.exe"

The worm creates a unique identifier "KiPiSx017ZxQ" in order to flag its presence in the system.

Propagation via email

The worm harvests email addresses from the MS Outlook address book. The worm establishes a direct connection to the SMTP server to send itself to these addresses.

Infected messages Message subject (chosen at random from the list below): 
Hello
Hi
love
Re:kiss
Re:Love
Message body (chosen at random from the list below): 
Hello baby,this is me screen!
Hello! I love sex, is you?
Hello this is me present! Cool screen. Bye.
I Love You!:)
Your Present! Scrren is me faice:) Bye baby!
Attachment name (chosen at random from the list below): 
FACE.SCR
I LOVE YOU.SCR
LOVE.SCR
PRESENT.SCR
SCREEN.SCR
Remote administration

The worm opens TCP port 25 on the victim machine in order to connect to mx1.hotmail.com

Payload

The worm deletes a range of firewall and antivirus applications from victim machines.

Check out if we have free removal tool for this virus


CyberScrub AntiVirus provides state of the art security protection for five years- at one low price. Our award winning technology ensures protection against viruses, worms and trojans backed by top customer support and value.
 
Five Year Cost Comparison
Product Initial Cost Yearly Subscription X Four Years Total
Norton 2004 AntiVirus $49.95* $29.95 $119.80 $169.75
McAfee VirusScan $49.95* $19.95 $79.80 $129.75
CyberScrub AntiVirus $49.95 Included No Additional Cost $49.95
*All prices MSRP as published on respective sites.



It is only a matter of time before a virus, worm or Trojan horse wrecks havoc on your important data. Important files, records, family pictures- all at risk. Some dangerous programs can even ruin your hard drive beyond repair.

CyberScrub AntiVirus offers the most effective protection from all known and unknown viruses.

CyberScrub AntiVirus is powered by a unique integrated technology for virus detection, based on principles of multi-generation heuristic analysis. This allows the program to protect you from suspect “viral behavior”. This highly effective methodology repelled all attacks of each “I LOVEYOU’ viral variation without any additional antivirus database updates. No other technology, including Norton, Trend, or McAfee was able to accomplish this.

CyberScrub AntiVirus is powerful, yet its exceptional ease of use and installation make it acceptable for beginner to pro


CyberScrub Antivirus constantly scans your hard drive and files to identify, clean and destroy infected objects. With updates available every three hours, 24 hours a day, 365 days a year, you can count on CyberScrub to protect your valued data.

CyberScrub AntiVirus
Lifetime Edition

"For the Life of Your Computer"
Save $10 Now!
Limited Time

 

Worm.Win32.Drew.a

Symantec Warns Of Flaw In Antivirus Program. More>>

CNN Legend Lynne Russell reports on CyberScrub AntiVirus for Tech Headline News.


















 
 

delete,deletion, file deletion, Internet clean up,privacy, HIPAA, Internet privacy, cookies, erase, erasure, shredder, wipe, overwrite, purge, deletion, security, file wipe, data destruction