|
W32/[email protected]
Download the latest version of Command AntiVirus
Get the latest virus definition files
Buy Command AntiVirus online
Name: W32/[email protected]
Aliases: Anset, W32/[email protected], W32/Anset-C, W32.Anset.Worm
Type: Internet Worm
Discovery Date: October 24, 2001
Description:
W32/[email protected] is a mass-mailing worm written in Delphi. This worm arrives as an email containing the following information:
Subject: ANTS Version 3.0
Message:
Hi,
Anh�ngend die neue Version 3.0 von ANTS, dem bislang einzigartigen
kostenlosen Trojanerscanner. Zum installieren einfach die angef�gte
Datei ausf�hren.
Attached you will find the brand new Version 3.0 of ANTS, the unique
freeware trojan scanner. To install ANTS simply run the attached setup
file.
Attachment: ANTS3SET.EXE
When the attachment is run, the worm will copy itself into the Windows\System directory with a random name. The name and location of this duplicate file will be added to the following registry key:
HKCU\Software\Microsoft\Windows\CurrentVersion\Runonce\
[random name] "C:\\Windows\[random name]"
This will cause the worm to be activated each time the user's system is rebooted.
W32/[email protected] will also email a copy of itself to recipients in the Microsoft Outlook address book.
Detection:
Command Antivirus version 4.58.3 or higher with definition files dated 10/25/01 will detect and delete this worm.
Note: CSAV will use the generic message is a security risk or is a "backdoor" program to identify the worm.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Home � Purchase Center � Virus Center � Support Center
|
|
|