Ads W32.Kelvir.AP Wednesday, 27 April 2005 W32.Kelvir.AP is a worm that sends a message to all MSN messenger contacts on the compromised computer and attempts to download a file. Also Known As: W32/Kelvir.worm.gen [McAfee] Type: Worm Infection Length: 8,704 bytes Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP When W32.Kelvir.AP is executed, it performs the following actions: Adds the value: "load" = "[path to worm]" to the registry subkey: HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWindows so that W32.Kelvir.AP runs every time Windows starts. Sends the following message to all the MSN messenger contacts on the compromised computer: Title: Hey look at us Body: http:/ /fr[domain removed]5.com/pictures.php?email=[email address] Notes: A recipient must click on the link, download the file [email address], and then execute the file. [email address] is an email address specified by the worm. At the time of writing, this file was unavailable. To delete the value from the registry Click Start > Run. Type regedit Click OK. Navigate to the subkey: HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWindows In the right pane, delete the value: "load" = "[path to worm]" Exit the Registry Editor.   < Prev   Next > [ Back ]

Main Menu SpamAlerts | Windows | Linux | Tutorials | Excell | WhitePapers | News | Spam | Virus Windows Focus VNews Vulnerability Hacking Sql Injection map Downloads Affiliates Online Store Free Ringtones Seo Directory IWebListin Jobs in India Freshers Jobs listings. Winkeyfinder

Copyright 2005-2007 SpamAlertz.com, Content on this site is From variuos other emails, and Advisories.