Download CA Internet Security 2009 - FREE Scan & Removal Utility for Win32/Fruspam.E
What is Win32/Fruspam.E
Win32/Fruspam.E is a mass-mailing worm that has the capability to send spam email through its own SMTP engine. It also targets systems running servers with IIS.
The virus Win32/Fruspam.E tries to obtain the IP address of the affected system by sending a HTTP request to whatismyip.com. Additionally, it connects to whois.apnic.net to determine the details of the IP address such as country, description, address and other details.
Method of Distribution of Win32/Fruspam.E
There are two methods by which Win32/Fruspam.E generally propagates to your system.
Via Email: Win32/Fruspam propagates via email. It downloads images from two legitimate websites and uses the images to construct the spam email.
Fruspam scans the system and harvests target email addresses from files on the affected machine. It communicates these email addresses to a remote SMTP server and attempts to use the server for sending the spam emails. It performs DNS MX (mail exchanger) queries to find an appropriate mail server for each domain it tries to send itself to. If it cannot find the DNS server, it attempts to guess the correct one for each domain, by different methods.
Via File Replacement: If the compromised system runs a web server with IIS (Internet Information Services), Win32/Fruspam.E attempts to modify or replace the legitimate IIS file at %Root%\inetpub\wwwroot\index.htm with its own .htm file.
Removing of Win32/Fruspam.E
Removal of malware like Win32/Fruspam.E should be entrusted to automatic removing by a reputed Security Software like CA Internet Security 2009. You may find a few instructions on Internet for the manual removal of malware like Win32/Fruspam.E, but it requires a lot of expertise to use them exactly, and there are always chances that the malware is not removed completely from all locations in your computer.
How to get rid of Win32/Fruspam.E - Removal Steps:
- Disable System Restore (Windows Me/XP). This is important because if a malware infects a computer, System Restore will also be backing up the malware. Windows always prevents outside programs, including security software, from modifying System Restore. Therefore, these security software cannot remove threats, which have been backed up in the System Restore folder.
- Download CA Internet Security 2009, if you do not have it already.
- CA Internet Security has been tested to be effective to successfully clean your system against Win32/Fruspam.E infections. We suggest that you update the virus definitions of your CA Internet Security protection.
- If you do not have CA Internet Security, we recommend that you first download the Trial version (Absolutely FREE) and scan your system. To download the Trial version absolutely FREE, click here.
- Run a full scan.
- Sometimes, a few malware like do not allow you to run virus scan. In that case, boot your system in Safe Mode and run the scan again.
- Follow the steps suggested. Restart the system in normal mode, once you have deleted the malware .
- If you get some error messages, you may require to delete the registry keys created by the malware .
- Warning: Registry Editing may be risky for your Windows Installation. It is always better to use a professional registry cleaner software like PC Tools Registry Mechanic. For manual registry cleaning, Click Start > Run, Type regedit and Click OK. But first, remember to take back up.
- Navigate to the registry keys related to malware (given above) and delete them.
- Restart the system.
.Download CA Internet Security 2009 - FREE Scan & Removal Utility for Win32/Fruspam.E
>>> Tip: Click Here to Boost Internet and PC performance
