New worms spread via email provide fake links

Currently, there has been a kind of worm - a new worm that spreads via email in the form of an ordinary event or advertising newsletter.

Currently, there has been a kind of worm - a new worm that spreads via email in the form of an ordinary event or advertising newsletter . Starting to appear in August last year, they often put ' Here You Are ' after the main subject line of the email, and it mentions many PDF document paths, but in fact it is executable file - * .exe. When users accidentally activate these files, they immediately spread through the email addresses found in your inbox.

>> Warning about viruses inviting downloading sex videos in email

Picture 1 of New worms spread via email provide fake links
Although the familiar rules of the worm are quite methodical and easy to grasp, they are increasingly complex and sophisticated. For computer experts, this is not difficult, but isn't everyone a computer expert? On September 14, 2010, one person claimed to be the author of this worm, applied the Ministry of Defense related technologies IRAQ, equipped with some impossible 'components'. missing like keylog and backdoor in it.

Now everyone can hear and know this worm. But how to remove them from the system? After experimenting with the help of Ant members (http://www.raymond.cc/forum/members/ant.html) in Raymond's online community, please use the system control program. like Task Manager, Process Explorer . find the following applications and remove from the system:

% windows% systemupdates.exe
% windows% csrss.exe
% windows% ff.exe
% windows% gc.exe
% windows% hst.iq
% windows% ie.exe
% windows% im.exe
% windows% op.exe
% windows% pspv.exe
% windows% rd.exe
% windows% re.exe
% windows% re.iq
% windows% tryme1.exe
% windows% vb.vbs
% system% SendEmail.dll

And in turn delete the following Registry keys:

- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options0hoeav.com
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsw.com
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options360rpt.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options360safe.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options360safebox.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options360tray.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options6.bat
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options6fnlpetp.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options6 × 8be16.cmd
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsBIOSREad.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsBdSurvey.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsCaVCmd.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsCavaUd.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsCavapp.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsa2cmd.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsa2free.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsa2service.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsa2upd.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsaNtIaRP.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsaNtS.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsaPVxdWIN.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsaVCONSOL.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsaVENGINE.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsaVP32.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsaVPCC.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsaVPM.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsabk.bat
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsadobe Gamma Loader.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsalgsrvs.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsalgssl.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsangry.bat
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsanti-trojan.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsantihost.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsapu-0607g.xml
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsapu.stt
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsarSwp.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashEnhcd.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashLogV.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashMaiSv.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashPopWz.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashQuick.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashServ.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashSkPcc.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashUpd.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashWebSv.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsashdisp.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsast.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsaswBoot.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsaswRegSvr.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsaswUpdSv.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsautoRun.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsautoRunKiller.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsautorun.bin
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsautorun.ini
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsautorun.reg
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsautorun.txt
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsautorun.wsh
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsautoruns.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsautorunsc.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsavMonitor.ExE
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavadmin.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsavastSS.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavcenter.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavciman.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavconfig.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgamsvr.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgas.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgcc.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgcc32.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgemc.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavginet.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgnt.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgrssvc.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgrsx.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgscan.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgscanx.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgserv.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavguard.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgupsvc.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgw.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgwdsvc.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavltd.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavmailc.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavnotify.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavp.com
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavp.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavscan.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavzkrnl.dll
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsbad1.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsbad2.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsbad3.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsbdagent.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsbdsubwiz.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsblackd.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsblackice.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionscaiss.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionscaissdt.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionscatcache.dat
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionscauninst.exe
- HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionscavasm.ExE

And restore the default values ​​of the following Registry keys:

HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem
EnableLUA = dword: 00000000 to EnableLUA = dword: 00000001
HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon
Shell = Explorer.exe% windows% csrss.exe to Shell = Explorer.exe

The probability of success when applying the above method is quite high. However, to ensure the safety and security of the system, we recommend that you use the current popular security programs of Kaspersky, Panda, Norton, BitDefender, Avira . all available on download.com.vn's online store. Good luck!

Update 26 May 2019
Category

System

Mac OS X

Hardware

Game

Tech info

Technology

Science

Life

Application

Electric

Program

Mobile