Home Malware Programs Worms Email-Worm.Win32.Zhelatin.ml

Email-Worm.Win32.Zhelatin.ml

Posted: March 16, 2011

Threat Metric

Threat Level: 9/10
Infected PCs: 15
First Seen: July 24, 2009
OS(es) Affected: Windows

Email-Worm.Win32.Zhelatin.ml is a backdoor worm that uses email messages as a primary system for finding new PCs to haunt. Computers that get attacked by Email-Worm.Win32.Zhelatin.ml may suffer from serious security vulnerabilities or be forced to perform illegal botnet-based activities. Because Email-Worm.Win32.Zhelatin.ml is known to use root-access level technology Email-Worm.Win32.Zhelatin.ml can be difficult to detect and even harder to delete. Removing Email-Worm.Win32.Zhelatin.ml should be handled by professional anti-malware software with all the latest threat information updates.

Email-Worm.Win32.Zhelatin.ml is an Email with Malicious Intent

Email-Worm.Win32.Zhelatin.ml uses email messages to spread to computers as an attached file. The built-in SMTP engine Email-Worm.Win32.Zhelatin.ml comes with allows the worm to use any infected computer's resources to email itself. Email-Worm.Win32.Zhelatin.ml is also noted for searching for files with contact information to harvest for more potential victims, which potentially can put all saved email addresses on an infected PC at risk.

Additions to the Registry let Email-Worm.Win32.Zhelatin.ml run whenever Windows boots, but you may not see the worm as an active program or process. Email-Worm.Win32.Zhelatin.ml is reported to use rootkit tactics to conceal itself deeply inside a system and avoid detection or removal.

The main goal of backdoor malware like Email-Worm.Win32.Zhelatin.ml is to disable the PC's security. This commonly takes place as a deactivated firewall or a firewall with numerous unsafe exceptions made to bypass Email-Worm.Win32.Zhelatin.ml. Other security-related services and applications may also be blocked by Email-Worm.Win32.Zhelatin.ml.

Low computer security as a result of Email-Worm.Win32.Zhelatin.ml or another backdoor type of infection turns your PC into a juicy target for other malware attacks and domination by remote hackers. It also allows your computer to be recruited into a botnet, which Email-Worm.Win32.Zhelatin.ml and other backdoor malware use to launch DDoS attacks and similar illegal acts.

Email-Worm.Win32.Zhelatin.ml and similar worms are also known for spreading through network-shared directories and removable drives. It's essential that any PC infected by Email-Worm.Win32.Zhelatin.ml be 'quarantined' from the network and not share removable drives until you've verified that the worm is gone. Users don't need to interact with infected files to catch Email-Worm.Win32.Zhelatin.ml over a network, due to potential Autorun.inf abuse.

Expel Email-Worm.Win32.Zhelatin.ml Before It Expels You from Your Own PC

Email-Worm.Win32.Zhelatin.ml is rated as an extremely high security risk for any computer Email-Worm.Win32.Zhelatin.ml infects. All Windows systems are vulnerable to Email-Worm.Win32.Zhelatin.ml attack, including the new Windows 7 and the elderly Windows 95, as well as everything in between. Avoiding clicking on strange attachments, even when they're sent by friends, is your best chance of staying uninfected by Email-Worm.Win32.Zhelatin.ml.

Removing Email-Worm.Win32.Zhelatin.ml and other rootkit-based malware is all but impossible to do manually, so you should feel no shame in looking to verified anti-malware products for help. Although versions of Email-Worm.Win32.Zhelatin.ml are years old there's no guarantee that you don't have a newer version, so be careful to keep your anti-virus scanners updated. Don't assume that Email-Worm.Win32.Zhelatin.ml is gone until repeated scans over several reboots come up clean, since Email-Worm.Win32.Zhelatin.ml's root-level access can hide the worm extremely well!

Email-Worm.Win32.Zhelatin.ml

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



install.exe, noskrnl.exe, away.exe.exe File name: install.exe, noskrnl.exe, away.exe.exe
Size: 125.29 KB (125290 bytes)
MD5: 53ba6f796e6069870416247bfd9f399b
Detection count: 81
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
drabste.exe File name: drabste.exe
Size: 7.53 KB (7530 bytes)
MD5: de2b6e7b917f7459f2bb7e6a1d3c35f4
Detection count: 61
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
Loading...