Know Your Malware: Imav Removal


Imav is a worm that spreads through ICQ instant messages containing links to copies of the worm. Once the user follows such a link, Imav displays an image and installs itself to the system. The worm disables essential services of installed antiviruses, firewalls and other security-related software, corrupts such software installations and deletes related files. Imav lowers security settings by preventing installed antiviruses from running on system startup. The parasite also blocks access to security-related Internet resources. It may download from the Internet and execute arbitrary files. Imav automatically runs on every Windows startup.

Related files: im_1.exe, im_2.exe, _dwn.exe, __dwn_sp.exe, ~[X].exe

Imav properties:
Connects itself to the internet
Hides from the user
Stays resident in background Remove Imav, removal instructions

Linked by shanmuga Saturday, 28th January 2006 7:38AM