Brothersoft.com Windows | Mac | Mobile | Games | Ask

You are here: Brothersoft.com > Windows > Security > Anti Virus >

Win32.Sober.S-AD Removal Tool Download

Categories

Security
Anti Virus
Other Security Tools
Spyware Removal
Firewalls
Keylogger
Password Recovery
Password Managers
Other Password Tools
Encryption Software
Monitoring Software
Mobile Security
Corporate Security Software
Virus Definitions Update
Security Suites
Android Apps
iPhone Apps

Win32.Sober.S-AD Removal Tool

A useful tool that removes the Sober virus infection from software.

Download 38KB
Last Week downloads: 0
Total downloads: 852
  • Last Updated: Sep 9, 2010
  • License: Freeware Free
  • OS: Windows 7/Vista/2003/XP/2000/2008/98/Me/NT
  • Requirements: No special requirements
screenshot

view larger (1)

User reviews

0 out of 5 based on 0 ratings for Win32.Sober.S-AD Removal Tool

For Win32.Sober.S-AD Removal Tool Publisher's description

The the virus creates the folder WinSecurity in the %WINDIR% folder and Drops the above files in it. It then executes the executable just dropped named
%WINDIR%\WinSecurity\services.exe
Then executes
%WINDIR%\WinSecurity\smss.exe
and finally
%WINDIR%\WinSecurity\crss.exe
Each of these processes play a specific role :
crss.exe examines if the registry key
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\RUN\ Windows = C:\WINNT\WinSecurity\services.exe
has been deleted and rewrites it if this is the case
services.exe starts searching the victim’s Folders for files containing e-mail addresses on wich to propagate.
Files with the following extension are scanned:
stm slk inbox imb csv bak imh x html imm imh cms nws vcf ctl dhtm cgi pp ppt msg jsp oft vbs uin ldb abc pst cfg mdw mbx mdx mda ade sln dsw mde frm bas adr clsxls nsf txt wab eml hlp mht nfo,etc. It creates the registry key
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\RUN\
Windows = C:\WINNT\WinSecurity\services.exe
in order to assure it will be run at every OS startup. If this key is deleted from the registry while the virus is running in memory, it will try to put it back, having a dedicated thread to do this job.
The virus tries to download a file from the Internet and run it:
http://home.pages.at/.../S??.exe
The worm implements it’s own SMTP engine for spreading via e-mail.
The virus also spoofs the sender’s domain address, wich will appear to originate from one of the following domains
microsoft.com, BigFoot.com, yahoo.com, t-online.de, Google.com, hotmail.com., mx1.mail.yahoo, mxbw.bluewin.ch etc.
The virus then searches list of active processes for Process names from the list below :
Microsoftanti gcas gcip hijack,etc. and tries to kill them.
For Win XP operating systems, the virus also tries to patch the tcpip.sys driver to allow it to open a virtually unlimited number of connections from the victim’s computer. you can free download Win32.Sober.S-AD Removal Tool now.

For Win32.Sober.S-AD Removal Tool Related Software

For Win32.Sober.S-AD Removal Tool

Tags

tool sober | win32 heur removal | cryptanalysis tool win32 | goback removal tool | best spyware removal | photoshop removal tool | brontok removal tool | wga removal tool | zlob removal tool | b.com virus removal | t.com virus removal | nero 9 removal | s60 virus removal | adware removal spyware | rar password removal

Statement

Please be aware that Brothersoft do not supply any crack, patches, serial numbers or keygen for Win32.Sober.S-AD Removal Tool,and please consult directly with program authors for any problem with Win32.Sober.S-AD Removal Tool.

DOWNLOAD Win32.Sober.S-AD Removal Tool

Top Freeware

in Anti Virus

Top Shareware

in Anti Virus

Popular Searches

b.com virus removal tool | iolo removal tool | drm removal tool | itunes removal tool | nod32 removal tool | avg removal tool | trojan horse removal tool | trojan dropper removal tool | zlob trojan removal tool | usb virus removal tool | autorun.inf removal tool | free adware removal tool | norton antivirus removal tool | trojan virus removal tool | free drm removal tool | trojan downloader removal tool | removal tool trojan horse | wga removal tool limewire | wga removal tool download | free virus removal tool | koobface virus removal tool | browser hijacker removal tool | symantec trojan removal tool.com | back door trojan removal tool | 2408 generic malware removal tool

New Software

in Anti Virus

ESSENTIAL DOWNLOADS
[Web Browsers] Internet Explorer for Windows 7
[Spyware Removal] Malwarebytes' Anti-Malware
[Video Players] ALLPlayer
[Download Managers] Orbit Downloader
[File Compression] WinRAR
[PDF Readers] Foxit Reader
[Optimize Utilities] TuneUp Utilities 2010
[Image Editors] Adobe Photoshop
[Video & Voice Chat Tools] Skype
[Audio Players] AIMP
POPULAR DOWNLOADS
Avira AntiVir Personal - Free Antivirus
Hotspot Shield
NetQin Mobile Antivirus for Nokia
Net Protector
Kaspersky Anti-Virus for Windows 7
NET.Framework
Your Freedom
avast! 4 Home Edition
USB Disk Security
Mobile Spy
Kaspersky Anti-Virus Mobile for Symbian
Wireless WEP Key Password Spy
Spy Phone
SniperSpy
JumBlo
K7 AntiVirus
Freezer
NetQin Anti-virus for S60 3rd
Quick Heal AntiVirus Pro 2012
NOD32 Antivirus
ComboFix
Kaspersky Internet Security 2011
Kaspersky Anti-Virus 2011
K7 TotalSecurity
AVG Anti-Virus Free Edition
USB Virus Scan
Avast! Free Antivirus
FortiClient Free Edition
Smart Virus Remover
Avast! Internet Security
NEW HOTS
RAR Password Unlocker
Hotspot Shield Elite
My Lockbox
ID Manager
CyberGhost VPN
RAR Password Recovery
Smart Guard
Opera Mini
Toy Story 2
HP Photosmart C3180 Printer Driver
Copyright 2002 - 2012 BrotherSoft.com All rights reserved. About Us | Contact Us | Privacy Policy | Safety Policy | FAQ | Submit Software | Advertise With Us Brothersoft Toolbar