Ads W32.Meetot Sunday, 03 July 2005 W32.Meetot is a worm that copies itself to mapped drives. Type: Worm Infection Length: 856,064 bytes Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP When W32.Meetot is executed, it performs the following actions: Copies itself as %System%[FILE NAME].exe. Note: %System% is a variable that refers to the System folder. By default this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP). Attempts to copy lidb2.mdb file to the %System% folder if the .mdb file is in the same folder as the worm. Adds the value: "worknote1" = "%System%[FILE NAME].exe" to the registry subkey: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun so that it runs every time Windows starts. Creates the folder "Meeting Notes" on mapped drives and copies itself and lidb2.mdb to this folder. Spreads through file sharing utilities. ============================================= To delete the value from the registry Click Start > Run. Type regedit Click OK Navigate to the subkey: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun In the right pane, delete the value: "worknote1" = "%System%[FILE NAME].exe" Exit the Registry Editor. ================================================.   < Prev   Next > [ Back ]

Main Menu SpamAlerts | Windows | Linux | Tutorials | Excell | WhitePapers | News | Spam | Virus Windows Focus VNews Vulnerability Hacking Sql Injection map Downloads Affiliates Online Store Free Ringtones Seo Directory IWebListin Jobs in India Freshers Jobs listings. Winkeyfinder

Copyright 2005-2007 SpamAlertz.com, Content on this site is From variuos other emails, and Advisories.