SoftwareTipsandTricks.com
Home Forums Windows 7 Security Tips
Forums

Windows 7
Windows Vista
Windows XP

Security Tips
Troubleshooting
Keyboard Shortcuts
Encyclopedia


Drivers

Internet Terms
Computer Terms

File Extensions (75)
File Extensions (15K+)

Startup Applications
Necessary Files
Useless Files
At Your Option Files
Dangerous Files
Browser Objects

DLL Files
SYS Files
INF Files
OCX Files
VXD Files

Virus Database
Virus Warnings

Easter Eggs
Tips and Tricks
Articles
Hot Downloads


Privacy Policy
Contact Us







  ACTIVEDS.EXE

Name ACTIVEDS.EXE

Description

WORM_OPASERV.T
This memory-resident worm a member of the OPASERV family of worms, spreads via shared network drives.
Its destructive payloads are executed when the system date is between December 24 to 31 or when the year is greater than 2002.
This worm deletes files, overwrites the boot sector and destroys the CMOS.
It also modifies the registry and the configuration file, WIN.INI, so that it automatically executes every Windows startup.
It uses a known exploit that enables malicious users to access shared drives, as discussed in a security bulletin from Microsoft.

Removing autostart entries from the registry prevents the malware from executing during startup:
HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>CurrentVersion>Run
IASHLPR="%Windows%\IASHLPR.EXE"
FONTVIEW="%Windows%\FONTVIEW.EXE"
MPREXE="%Windows%\MPREXE.EXE"
Scr="%System\scr.scr"
BIOS1="%Windows%\BIOS1.EXE"

HKEY_CURRENT_USER>Software>Microsoft>Windows>CurrentVersion>Run,
Winsrv=%Windows%\winsrv.exe
CLICONFG="%Windows%\CLICONFG.EXE"

HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>CurrentVersion>RunServices
LoadManager="%Windows%\msload.exe"
ACTIVEDS="%Windows%\ACTIVEDS.EXE"

Use antivirus (also check How To Remove section)to automatically remove these registry items.


Still have a problem? Ask for help at our discussion forum.



Search Dangerous Files :
 

: : Recent posts at Forums : :

Callow Project

Callow Poke out

Stooday

Loose galleries

Daily gay photos usage

Free galleries

Лучшие докуме

Steve Alten - MEG, Books 1-5 (Meg, The Trench, Primal Waters, Hell's Aquarium, Nightstalkers) - eBooks [Isohunt.to]

Бизнес выгодн

Cheap Vintage Jerseys Sale

С двумя блочн

Adobe Photoshop CS6 13.0 Final (English Japanese) Mac Os X [Chi

My brand-new website

Matured placement

New spot

rld-fasi17

Big Black Grls!Old Fat MILF !# 5169110

Cheap Soccer Jerseys Free Shipping

Black Fat - Ebony moms boobs# 375967

Cheap Nike NFL Jerseys Wholesale

Fat Pussy BBW!Black Girls photo!# 1477877

Free grown-up galleries

Delivered full-grown galleries

Протестируй н

Порно фото. Даром зреть секс порно фотогрk

Social pictures

Прочные швед&

Последние стр

Lusty men photo blog

buying generic Septilin;ordering Septilin;Septilin overnight saturday delivery NO PRESCRIPTION




SoftwareTipsandTricks, All Rights Reserved.