Know Your Malware: Mogi Removal

Mogi is an Internet worm, which spreads through file sharing networks using popular peer-to-peer applications including eDonkey2000, Kazaa, eMule, Limewire, Morpheus, BearShare and Gnucleus. It may also propagate via the ICQ network. Once executed, Mogi silently installs itself to the system, hides dropped files with a rootkit, injects malicious code into running processes and runs a spreading routine. It creates infected files with meaningful names in shared directories of installed file sharing programs.

The worm's payload is comprised of several harmful functions. Mogi terminates running antiviruses, firewalls, security-related programs, associated update tools and processes of various other applications. It installs a rootkit in order to conceal its activity and presence in the system and performs Denial of Service attacks against predefined remote hosts. Remove Mogi, removal instructions

Linked by shanmuga Wednesday, 23rd November 2005 6:45AM