Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer


HijackThis automated log analyzer! Submit a log and you will receive ALL the information we have in our DB's on everything on your system INSTANTLY!


Click here to scan for Fvprotect.exe Related Errors and Optimize PC performance

What is it?

What does it do?
This NETSKY variant propagates via email using its own Simple Mail Transfer Protocol (SMTP) engine.

It exploits a known vulnerability affecting Internet Explorer involving incorrect MIME Header (MS01-020), which allows the automatic execution of email attachments while an email is read or previewed. More information on this vulnerability is available at:

The email that it sends out has varying subjects, message bodies, and attachment file names. It gathers email addresses from files with certain extension names.

It also attempts to propagate via network shares by dropping copies of itself on certain folders found in the affected system.

It deletes several autorun registry entries in an attempt to prevent the automatic execution of BAGLE, NACHI, MYDOOM and DEADHAT worms. It also deletes certain registry keys.

Trend Micro has the full dirt ( HERE )

Fix Fvprotect.exe Errors: Free Scan

Recommended: Free PC Speed Test - what is slowing down your PC?

Fvprotect.exe is Spyware!

Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
Startup DB Entries: