Know Your Malware: Secefa.b Removal


Secefa.b is a dangerous and complex Internet worm, which spreads to vulnerable computers running Microsoft Windows operating system with unpatched security flaws. It automatically exploits certain vulnerabilities and does not require any user interaction. Once executed, Secefa.b silently installs itself to the system and runs a spreading routine. It runs a hidden FTP server used by remote infected computers to download malicious files.

The worm's payload is comprised of several harmful functions. Secefa.b terminates running antiviruses, firewalls, some spyware removers, security-related programs, few other applications and even certain parasites. It alters the Windows registry in order to bypass and disable the Windows Firewall and some system components including the Shared Access service. Secefa.b also blocks access to popular security-related web sites. Furthermore, the worm can download from the Internet and install Gamqowi, which is a dangerous trojan with additional backdoor functionality. Secefa.b automatically runs on every Windows startup.

Related files: msdef.exe, mstempf.exe, services.exe, upx.exe, ws1lib.exe, qwe.bat, ft54.scr

Secefa.b properties:
Connects itself to the internet
Hides from the user
Stays resident in background Remove Secefa.b, removal instructions

Linked by shanmuga Thursday, 1st December 2005 10:32PM