|
|
Remove Sachy |
|
Sachy is a worm that spreads to network computers with unprotected Administrator accounts. Once executed, the parasite installs itself to the system and connects to the Internet. It downloads and executes other malicious parasites. Then it runs a spreading routine. Sachy is able to remove its files from the compromised system. Sachy manual removal:Kill processes:csrss.exe, smss.exe, toto.exe Delete files: csrss.exe, smss.exe, toto.exe, ftpdata.sys, home.sys, go.bat, nine.bat, vista.bat, yes.bat, run.vbs, wmi.vbs, run.reg Misc: Exact file location: toto.exe - C:\WINDOWS\System32 or C:\WINNT\System32 csrss.exe, yes.bat, wmi.vbs, run.reg - C:\WINDOWS\System32\ShellExt or C:\WINNT\System32\ShellExt ftpdata.sys, home.sys, go.bat, nine.bat, vista.bat, run.vbs - C:\WINDOWS\System32\drivers or C:\WINNT\System32\drivers smss.exe - C:\WINDOWS\System32 or C:\WINNT\System32; C:\WINDOWS\System32\ShellExt or C:\WINNT\System32\ShellExt
|
|
||||||
Previous: Sacrep Next: Sabine Trojan |
|||||||
| | 1-9 | O | P | Q | R | S | T | U | V | W | X | Y | N | M | L | A | B | C | D | E | F | G | H | I | J | K | Z | |||||||
Copyright ©
SpywareDot 2004-2009| Spyware Removal. All rights reserved. |
|||||||