Protector Plus Download Antivirus
Home
Download Antivirus
Antivirus Products
Order Antivirus


Antivirus Software for Windows XP/2000/2003
Antivirus Software for Windows Me/98
Antivirus Software for Exchange 2000/2003
Antivirus Software for NetWare

W32/Sober.A

NameW32/Sober.A
AliasesW32/Sober@MM, W32.Sober@mm, W32/Sober-A., sober, sober.a
Discovered on October 24, 2003

 Virus Information - W32/Sober.A:

W32/Sober.A is a mass mailing worm. This worm will infect Windows systems. This worm spreads through email.

The subject and the body of the infected mail will be random text. In some cases the infected mail purports to have originated from an antivirus company.

The infected attachment will be any one of the following extensions;

.scr
.com
.bat
.pif
.exe

Upon execution of the infected attachment, it displays a dialog box with a message, "File not complete!". After this, the worm copies itself as

similare.exe
drv.exe
systemchk.exe

in the Windows\System folder. The worm modifies registry at the following location to load itself during each startup.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

The worm collects the available email addresses from the infected system and stores all the collected email addresses in a file called MEDIA.DLL, in the Windows\System\MACROMED\HELP folder. After this the worm mails itself to these addresses using its own SMTP engine.

Anti virus for Windows Download Now!

Home Page Download Antivirus Antivirus Products Order Antivirus

Copyright © 2005 Proland Software.All rights reserved

antivirus software, anti virus software, anti virus, download antivirus, download anti virus, free antivirus, free anti virus, antivirus, download, free, windows, windows xp, xp, sp2, windows me, windows 2000, 98, 95, nt, me, 2003, netware, anti-virus, virus, worm, trojan, protector, plus, proland, virus software, spyware