%SysDir%\bpool.exe |
| Name |
%SysDir%\bpool.exe |
Description
|
Bpool.exe is mass-mailing worm W32.Mytob.AJ@mm.
Bpool.exe tries to terminate antiviral programs installed on a user computer.
Bpool.exe opens a back door on TCP port 10087.
Bpool.exe spreads by exploiting the DCOM RPC vulnerability (Microsoft Security Bulletin MS03-026) and the Microsoft Windows Local Security Authority Service Remote Buffer Overflow (Microsoft Security Bulletin MS04-011).
Related files:
%System%\bpool.exe
%System%\bps.exe
C:\sysrun.exe
C:\funny_pic.scr
C:\see_this!!.scr
C:\my_photo2005.scr
Adds the value:
"Major Microsoft Windows Driver Boot loader" = "bpool.exe"
to the Windows startup registry keys.
More info: http://securityresponse.symantec.com/avc...
Removal:
Kill bpool.exe process and remove bpool.exe from Windows startup using antivirus (also check How To Remove section)Startup Optimizer. |
|
|
|
|
Home
