SoftwareTipsandTricks.com
Home Forums Windows 7 Security Tips
Forums

Windows 7
Windows Vista
Windows XP

Security Tips
Troubleshooting
Keyboard Shortcuts
Encyclopedia


Drivers

Internet Terms
Computer Terms

File Extensions (75)
File Extensions (15K+)

Startup Applications
Necessary Files
Useless Files
At Your Option Files
Dangerous Files
Browser Objects

DLL Files
SYS Files
INF Files
OCX Files
VXD Files

Virus Database
Virus Warnings

Easter Eggs
Tips and Tricks
Articles
Hot Downloads


Privacy Policy
Contact Us







  ACTIVEDS.EXE

Name ACTIVEDS.EXE

Description

WORM_OPASERV.T
This memory-resident worm a member of the OPASERV family of worms, spreads via shared network drives.
Its destructive payloads are executed when the system date is between December 24 to 31 or when the year is greater than 2002.
This worm deletes files, overwrites the boot sector and destroys the CMOS.
It also modifies the registry and the configuration file, WIN.INI, so that it automatically executes every Windows startup.
It uses a known exploit that enables malicious users to access shared drives, as discussed in a security bulletin from Microsoft.

Removing autostart entries from the registry prevents the malware from executing during startup:
HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>CurrentVersion>Run
IASHLPR="%Windows%\IASHLPR.EXE"
FONTVIEW="%Windows%\FONTVIEW.EXE"
MPREXE="%Windows%\MPREXE.EXE"
Scr="%System\scr.scr"
BIOS1="%Windows%\BIOS1.EXE"

HKEY_CURRENT_USER>Software>Microsoft>Windows>CurrentVersion>Run,
Winsrv=%Windows%\winsrv.exe
CLICONFG="%Windows%\CLICONFG.EXE"

HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>CurrentVersion>RunServices
LoadManager="%Windows%\msload.exe"
ACTIVEDS="%Windows%\ACTIVEDS.EXE"

Use antivirus (also check How To Remove section)to automatically remove these registry items.


Still have a problem? Ask for help at our discussion forum.



Search Dangerous Files :
 

: : Recent posts at Forums : :

cdlhaomteq

jlpjmahwus

jxtwhbgxwx

hhtncfanie

kvzqzouzic

tqklruhrcc

Mod Poke out

uoyssicoqq

Loose galleries

tsvtyyfcmw

eoeyudaqqg

grnyormvhx

fzbcctaokv

mywpgqcrac

znbvscrxfz

neckfcdpbx

gahebjsynd

weruclpasb

Sexual pictures

wgtqpofyjf

fcyhwssqck

piogoitlfp

awynyrwgfv

Unencumbered galleries

ltzjpfaldz

oaumvpsiff

Mature galleries

<b>ซื้อหวยออนไลน์</b> สมัครสมาชิกที่นี่! จ$

Секс фото галереи ради взрослых

zobicezsru




SoftwareTipsandTricks, All Rights Reserved.