Win32.Badtrans.B@mm Detection & Clean

Name: Win32.Badtrans.B@mm Detection & Clean
Works on: windows

Windows 7 and above

Version: 1
Last Updated: 27 Feb 2017
Release: 30 Jul 2010
Category: Antivirus > Removal Tools

Rate this software:
985 downloads

View Screenshots(1)

Comments

Download

Liked it? Tell others:

Win32.Badtrans.B@mm Detection & Clean Tags

Badtrans.B@mm cleaner Badtrans remover Badtrans worm Badtrans.B@mm Badtrans worm antivirus

Win32.Badtrans.B@mm Detection & Clean Details

Works on: Windows 10 | Windows 8.1 | Windows 8 | Windows 7 | Windows 2012
SHA1 Hash: a69715491f7b8141b85254ee8560cd9c71940d87
Size: 245.76 KB
File Format: exe

Rating: 2.52173913 out of 5 based on 23 user ratings

Downloads: 985
License: Free

Win32.Badtrans.B@mm Detection & Clean is a free software by Bitdefender LLC and works on Windows 10, Windows 8.1, Windows 8, Windows 7, Windows 2012.
You can download Win32.Badtrans.B@mm Detection & Clean which is 245.76 KB in size and belongs to the software category Removal Tools.
Win32.Badtrans.B@mm Detection & Clean was released on 2010-07-30 and last updated on our database on 2017-02-27 and is currently at version 1.

Thank you for downloading from SoftPaz! Your download should start any moment now. It would be great if you could rate and share:

Rate this software:
Share in your network:

Win32.Badtrans.B@mm Detection & Clean Description

Win32.Badtrans.B@mm Detection & Clean is a small utility that can help you get rid of the malware infection.
The virus comes in the following format:
From: e-mail address of the infected sender or one of the following e-mail addresses:
"Anna" [email protected]
"JUDY" [email protected]
"Rita Tulliani" [email protected]
"Tina" [email protected]
"Kelly Andersen" [email protected]
" Andy" [email protected]
"Linda" [email protected]
"Mon S" [email protected]
"Joanna" [email protected]
"JESSICA BENAVIDES" [email protected]
"Administrator" [email protected]
"Admin" [email protected]
"Support" [email protected]
"Monika Prado" [email protected]
"Mary L. Adams" [email protected]
Subject: Empty or having the following content:
RE:
RE: [original subject]
Body: Empty
Attachment: The name of the attachement is formed using one of the following words:
fun
Humor
docs
info
Sorry_about_yesterday
Me_nude Card
SETUP
stuff
YOU_are_FAT!
HAMSTER
news_doc
New_Napster_Site
README
images
Pics
The extension of the attachment could be a combination of .MP3., .DOC., .ZIP., with .scr., .pif. or just .scr or .pif.
The worm is using the IFRAME vulnerability and it will be executed on computers with Outlook Express just by preview. Computers with security patch will be infected only by executing the attachment.
After execution the worm copies itself in Windows %System% directory under the kernel32.exe name, and it will drop the kdll.dll at the same location.
To ensure that it will be executed at restart it adds the following registry key:
[HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\Kernel32]
with value kernel32.exe.
Then it will delete itself from the location where it was executed, and it will gather computer information (like User name, computer name, RAS information, passwords, so on) and sends it to the following e-mail address: [email protected]
The Worm has two methods of getting e-mail addresses:
It search them in *ht* and *.asp files in Internet Cache directory or it gets them with MAPI functions from e-mails received by the infected user.
It will not send itself twice to the same address because it keeps the already used e-mail addresses in %SYSTEM%\PROTOCOL.DLL.

Win32.Badtrans.B@mm Detection & Clean Screenshots

Win32.Badtrans.B@mm Detection & Clean screenshot 1

Similar Software