Email-Worm.Warezov.G!rem
Email-Worm.Warezov.G!rem is a malicious computer worm which spreads via the Internet as an attachment to infected email messages. Email-Worm.Warezov.G!rem sends itself to email addresses harvested from the victim machine. Email-Worm.Warezov.G!rem is activated once the user launches the attached file by clicking on the attachment. Email-Worm.Warezov.G!rem will then install itself and start propagating. Stop Email-Worm.Warezov.G!rem from spreading by removing it from the system immediately.
Aliases
Email-Worm.Win32.Warezov.et (Kaspersky Lab)
W32/Stration.dr (McAfee)
WORM_STRAT.DR (Trend Micro)
W32/Strati-Gen (Sophos)
Win32.Warezov (Ikarus)
Win32/Stration.worm.135680.G (AhnLab)
packed with: UPX (Kaspersky Lab)
W32/Stration.dr (McAfee)
WORM_STRAT.DR (Trend Micro)
W32/Strati-Gen (Sophos)
Win32.Warezov (Ikarus)
Win32/Stration.worm.135680.G (AhnLab)
packed with: UPX (Kaspersky Lab)
File System Modifications
- The following files were created in the system:
# File Name 1 %System%\e1.dll 2 %Windir%\serrv.exe 3 %Windir%\serrv.s 4 %Windir%\serrv.wax
Registry Modifications
- The following newly produced Registry Values are:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.