Bride & FunLove Removal Tool Crack Full Version
Bride & FunLove Removal Tool is a lightweight utility that will enable you to clean the virus from your computer in a flash.
[email protected] is a mass-mailing worm written in Visual Basic, which carries along the file infector Win32.FunLove.4070. The FunLove body and most of the character strings used by the virus are encrypted, to make reverse engineering more difficult. The worm arrives in an email message.
|Crack size||~ 500KB|
Email messages containing the worm will be sent to addresses gathered by scanning .htm and .dbx files, and also to the anonymous user on the name/domain server.
The worm will overwrite the beginning of msconfig.exe (in the Windows System folder) with a sequence of code that drops a version of the file infector Win32.FunLove.4070 in bride.exe; this virus contains the following text: DonkeyoVaccineiEraser instead of the original Fun Loving Criminal. This dangerous virus will proceed to infecting executable files on the local system and on network shared folders.
[email protected] is the second version of the mass-mailer [email protected]; it doesn't carry along the FunLove file infector anymore, and doesn't install itself (it won't automatically be run at Windows start-up). Its strings are no longer encrypted and on Windows NT/2000/XP the executable might not be run (its format is slightly damaged, and the NT versions make more thorough verifications of executable format compliance than the 9x versions). The worm arrives in an email message.
It arrives attached to an email message in the following format:
From: ‹Registered Owner›
or: ‹forged address› (may be the same with the recipient's)
Subject: Re: AVAR(Association of Anti-Virus Asia Reseachers)
or: ‹Unreadable characters›‹Registered Organization›
or: ‹Unreadable characters›Trand Microsoft Inc.
AVAR(Association of Anti-Virus Asia Reseachers) - Report.
Invariably, Anti-Virus Program is very foolish.
‹random name›.TXT (12.6 KB) MUSIC_1.HTM
‹random name›.GIF (120 bytes) MUSIC_2.CEO
The worm exploits the IFRAME vulnerability in order for the attached executable to be automatically launched when the message is displayed in the preview pane, and the Microsoft VM ActiveX Component vulnerability in order for the HTM file to add CEO to the executable files extensions and the worm to be run when the user opens the attached CEO file.
Jennifer, 17 December 2017
maicon, 27 December 2016
Leave a comment
Your email will not be published. * Required