W32/Agobot-R

Category: Viruses and Spyware Protection available since:29 Aug 2003 00:00:00 (GMT)
Type: Win32 worm Last Updated:29 Aug 2003 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download a free security scan - Find threats your antivirus missed

Affected Operating Systems

Windows

Recovery Instructions:

Please follow the instructions for removing worms.

Check your administrator passwords and review network security.

Download and install the Microsoft patch for the RPC/DCOM vulnerability, available from http://www.microsoft.com/technet/security/bulletin/MS03-026.asp.

You will also need to edit the following registry entries, if they are present. Please read the warning about editing the registry.

At the taskbar, click Start|Run. Type 'Regedit' and press Return. The registry editor opens.

Before you edit the registry, you should make a backup. On the 'Registry' menu, click 'Export Registry File'. In the 'Export range' panel, click 'All', then save your registry as Backup.

Locate the HKEY_LOCAL_MACHINE entries:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Config Loader

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\Config Loader

and delete them if they exist.

Close the registry editor.

download Try Sophos products for free
Download now

Security Threat Report 2012

Our 2011 recap and emerging trends for 2012
Go to report

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy