Win32.Sobig.F@mm Removal Tool 1.0

Win32.Sobig.F@mm Removal Tool 1.0 Screenshot Name: Win32.

Developer:	SOFTWIN software by SOFTWIN →
Price:	0.00
License:	Freeware
File size:	0K
Language:
OS:	Windows Vista (?)
Rating:	0 /5 (0 votes)

Name: Win32.Sobig.F@mm
Aliases: W32/Sobig.F@mm
Type: Executable Mass Mailer
Size: ~70 KB
Discovered: 19.08.2000
Spreading: High
Damage: Low
In The Wild: Yes

Symptoms:
Registry keys:
HKLMSoftwareMicrosoftWindowsRunCurrentVersionTrayX with value:
%WINDIR%winppr32.exe /sinc
HKCUSoftwareMicrosoftWindowsRunCurrentVersionTrayX with value:
%WINDIR%winppr32.exe /sinc

Following files in the %WINDIR% folder:

Winstt32.dat
Winppr32.exe
Winstf32.dll

Technical description:

It arrives in e-mail in the following format:

Subject:
Randomly chosen from the following list:
"Re: Wicked screensaver"
"Re: That movie"
"Re: Your application"
"Re: Approved"
"Re: Re: My details"
"Re: Details"
"Your details"
"Thank you!"
"Re: Thank you!"

Body:
Please see the attached file for details.
Or
See the attached file for details

Attachment:
Randomly chosen from the following list:
“movie0045.pif"
"wicked_scr.scr"
"application.pif"
"document_9446.pif"
"details.pif"
"your_details.pif"
"thank_you.pif"
"document_all.pif"
"your_document.pif “

After the user opens the attachment the worm copies in the following location:
%WINDIR%winppr32.exe
and adds the following registry keys:
HKLMSoftwareMicrosoftWindowsRunCurrentVersionTrayX with value:
%WINDIR%winppr32.exe /sinc

HKCUSoftwareMicrosoftWindowsRunCurrentVersionTrayX with value:
%WINDIR%winppr32.exe /sinc

It searches for e-mails in the following file types:
html, wab, mht, hlp, txt, eml, htm, dbx

The worm also spreads trough network shares.
After the 10.09.2003 it stops spreading

Removal instructions:

The BitDefender Virus Analyse Team has releasead a free removal tool for this particular virus.

Important: You will have to close all applications before running the tool (including the antivirus shields) and to restart the computer afterwards. Additionally you'll have to manually delete the infected files located in archives and the infected messages from your mail client.

The BitDefender Antisobig-en.exe tool does the following:

it detects all the known Sobig versions;

it deletes the files infected with Sobig;

it kills the process from memory;

it repairs the Windows registry

You may also need to restore the affected files.

To prevent the virus from replicating itself from infected machines to clean machines, you should try to disinfect all computers in the network before rebooting any of them, or unplug the network cables.

tags the following windirwinppr32 exe exe sinc with value value windirwinppr32 thank you attached file pif document for details details pif file for the worm the infected

Win32.Sobig.F@mm Removal Tool 1.0 screenshot

Download Win32.Sobig.F@mm Removal Tool 1.0

Download Win32.Sobig.F@mm Removal Tool 1.0

Authors software

BitDefender for Mail Servers Virus Definitions -
SoftWin

BitDefender Virus Definitions March 21, 2007
SOFTWIN

Win32.Sobig.F@mm Removal Tool 1.0
SOFTWIN

Name: Win32.

BitDefender Free Edition 8.0
SoftWin

Makes it possible for you to get closer to the tricky world of data security Have you ever been looking for your own, tailored antivirus? Have you thought you can have it for free? The seventh generation of BitDefender allows you to customize your product, so you can make it yours.

MiMail worm free removal tool
SoftWin

A NEW variant of the MiMail worm family, version C, is proliferating across the world, according to security firm iDefense.

Similar software

Win32.Sobig.F@mm Removal Tool 1.0
SOFTWIN

Name: Win32.

EasyMP3 2005 2.0.0.19
ZeuS Microsystems

EasyMP3 was created to simply encode and decode audio files.

Advanced System Tune up 3.1.0.4
Softwaredepo.com

FREE Advanced System Tuneup and Optimizer is a free program that consist of many useful modules that can be launched from the startup screen.

Anim8or 0.95B
Steve Glanville

Anim8or is a character animation and 3D modeling application that I have written over the past couple of years, not as a commercial endeavor, but because I love 3D graphics, animation and programming.

Win32.MyDoom.M@mm Free Removal tool 1.0
SOFTWIN

Symptoms: - Presence of the following registry key: - HKLMSoftwareMicrosoftWindowsCurrentVersionRunJavaVM with the following value: - %WINDIR%java.

BackDoor.Rebbew (A,B,C,D) Removal Tool
SOFTWIN

The BitDefender Virus Analyse Team has releasead a free removal tool for this particular virus.

Win32.MyDoom.S@mm Free Removal tool 1.0
Bitdefender

Symptoms: Presence of "winpsd.

avast! Virus Cleaner 1.0.211
ALWIL Software

avast! Virus Cleaner is a free tool that will help you remove selected virus & worm infections from your computer.

Klez Removal Tool 1.0.11
Symantec Corporation

W32.

HS SoBigRemover 1.2
Yenicag Bilisim Ltd

This software can be used to detect large number of SoBig viruses in an email account and delete them remotely without needing to download any of them to your machine.

Other software in this category

CleanCIH 1.6
Proland

Clean your PC from the Win95.

Klez Removal Tool 1.0.11
Symantec Corporation

W32.

WinImp 1.21
Technelysium

WinImp is a new file archiver which not only recognises common archive formats, but also introduces a new, high performance archive format.

Softpit PC Search Light 1.3
Goldmarc Technology AS

The softpit PC search light is a useful utility for people who need to find critical information fast and precisely on their own computer.

freewareApp

Win32.Sobig.F@mm Removal Tool 1.0

Download Win32.Sobig.F@mm Removal Tool 1.0

Authors software

Similar software

Other software in this category

Search

Featured Software

Latest software

Top tags

Our network