Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- September 2, 2004
- Updated:
- February 13, 2007 12:27:34 PM
- Also Known As:
- WORM_REMADM.A [Trend]
- Type:
- Worm
- Systems Affected:
- Windows 2000, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
W32.Remadmin is a worm that attempts to propagate through network shares.
Some of the processes that the Worm may terminate are:
- DefWatch
- Symantec AntiVirus Client
- NSCTOP
- Symantec Core LC
- SAVScan
- SAVFMSE
- ccEvtMgr
- navapsvc
- ccSetMgr
- VisNetic AntiVirus Plug-in
- McShield
- AlertManger
- McAfeeFramework
- AVExch32Service
- AVUPDService
- McTaskManager
- Network Associates Log Service
- Outbreak Manager
- MCVSRte
- mcupdmgr.exe
- AvgServ
- AvgCore
- AvgFsh
- awhost32
- Ahnlab task Scheduler
- MonSvcNT
- V3MonNT
- V3MonSvc
- FSDFWD
Antivirus Protection Dates
- Initial Rapid Release version September 3, 2004
- Latest Rapid Release version September 28, 2010 revision 054
- Initial Daily Certified version September 3, 2004
- Latest Daily Certified version September 28, 2010 revision 036
- Initial Weekly Certified release date September 8, 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
- Wild Level: Low
- Number of Infections: 0 - 49
- Number of Sites: 0 - 2
- Geographical Distribution: Low
- Threat Containment: Easy
- Removal: Easy
Damage
- Damage Level: Low
Distribution
- Distribution Level: Low
Writeup By: Jeong Mun
