|
|
W32/Anset@mm
Download the latest version of Command AntiVirus
Get the latest virus definition files
Buy Command AntiVirus online
Name: W32/Anset@mm
Aliases: Anset, W32/Anset@MM, W32/Anset-C, W32.Anset.Worm
Type: Internet Worm
Discovery Date: October 24, 2001
Description:
W32/Anset@mm is a mass-mailing worm written in Delphi. This worm arrives as an email containing the following information:
Subject: ANTS Version 3.0
Message:
Hi,
Anhängend die neue Version 3.0 von ANTS, dem bislang einzigartigen
kostenlosen Trojanerscanner. Zum installieren einfach die angefügte
Datei ausführen.
Attached you will find the brand new Version 3.0 of ANTS, the unique
freeware trojan scanner. To install ANTS simply run the attached setup
file.
Attachment: ANTS3SET.EXE
When the attachment is run, the worm will copy itself into the Windows\System directory with a random name. The name and location of this duplicate file will be added to the following registry key:
HKCU\Software\Microsoft\Windows\CurrentVersion\Runonce\
[random name] "C:\\Windows\[random name]"
This will cause the worm to be activated each time the user's system is rebooted.
W32/Anset@mm will also email a copy of itself to recipients in the Microsoft Outlook address book.
Detection:
Command Antivirus version 4.58.3 or higher with definition files dated 10/25/01 will detect and delete this worm.
Note: CSAV will use the generic message is a security risk or is a "backdoor" program to identify the worm.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Home · Purchase Center · Virus Center · Support Center
|
|
|
