Email-Worm.Warezov!sd5
Email-Worm.Warezov!sd5 is a malignant computer worm which is able to change other files by corrupting, prepending, or overwriting them with its own body. Email-Worm.Warezov!sd5 can also damage necessary system files, making the computer exposed to external more serious threats. Email-Worm.Warezov!sd5 also reduces security settings by deleting security-related services making computer more vulnerable to the additional malware threats. Email-Worm.Warezov.G!rem is activated once the user starts the attached file by clicking on the attachment. Email-Worm.Warezov!sd5 is a dangerous risk that should be removed from an infected computer as quickly as possible.
File System Modifications
- The following files were created in the system:
# File Name 1 %System%\drivers\elglsn.sys 2 %System%\wmdrtc32.dl_ 3 %System%\wmdrtc32.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_IPFILTERDRIVERHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_IPFILTERDRIVER\0000HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_IPFILTERDRIVER\0000\ControlHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NDISFILESERVICES32HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NDISFILESERVICES32\0000HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NDISFILESERVICES32\0000\ControlHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisFileServices32HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisFileServices32\EnumHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisFileServices32\SecurityHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IPFILTERDRIVERHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IPFILTERDRIVER\0000HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IPFILTERDRIVER\0000\ControlHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NDISFILESERVICES32HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NDISFILESERVICES32\0000HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NDISFILESERVICES32\0000\ControlHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisFileServices32HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisFileServices32\EnumHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisFileServices32\Security
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.