W32.Kergez.C@mm
Aliases: I-Worm.Kergez.c, W32/Kergez.worm, Backdoor.Kergez, Win32.HLLW.Kergez.2, Troj/Kergez-A
Variants: N/A
Classification: Malware
Category: Computer Worm
Status: Active & Spreading
Spreading: N/A
Geographical info: North America
Removal: N/A
Platform: W32
Discovered: 06 Aug 2003
Damage: N/A
Characteristics: W32.Kergez.C@mm is a mass-mailing worm that propagates itself through email addresses in files with .asp, .htm, and .php extensions. The email messages will contain: Subject: Re: New Security Vuln and Attachment: Virus_Guard.exe. The worm is Microsoft Visual C++ written and UPX packed.
W32.Kergez.C@mm Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean W32.Kergez.C@mm from your computer.
More details about W32.Kergez.C@mm
W32.Kergez.C@mm is a mass-mailing worm that spreads through email. It specifically spreads by sending email messages to email addresses it finds in files that have the extensions .asp, .htm, and .php. After W32.Kergez.C@mm is executed, it may copy itself to %Windir%\Kangaroo.exe and %System%\Internat67.exe. It may also add values to the registry to ensure that it runs every after Windows starts up. The worm attempts to terminate certain processes especially those related to security processes (e.g. Firewall, Alarm, Secure, Clean, Anti, etc). The worm sends itself to all the email addresses it finds in files that have .asp, .php, and .htm extensions. The email messages contain the subject “New Security Vuln”, a body that contains the message “Are you vulnerable to identity theft…”, and an attachment named Virus_Guard.exe.The worm W32.Kergez.C@mm can be manually removed from the system. First of all, the System Restore function must be temporarily disabled to ensure effective virus removal. Then, update the virus definitions. Use a reliable antivirus software program to run a full system scan on the computer. Delete all files that are detected as W32.Kergez.C@mm. Edit the Win.ini file. Reverse any changes made in the registry. Before making any changes in the registry, it is advised that you back up the registry. Mistakes in the registry can have serious consequences like permanent data loss or corrupted files. Reboot the computer and rescan the system to double check if the threat has been totally eliminated.
Browse for more malware information
- W32.Kergez.C@mm
- W32.Kerim@mm
- W32.Kernelbot.A
- W32.Kibtos
- W32.Kibuv.B
- W32.Killaut.A
- W32.Kiman.B
- W32.Kitro.A.Worm
- W32.Klez.A@mm
- W32.Kobot.A
- W32.Koddro@mm
- W32.Koobface.A
- W32.Korgo.A
- W32.Korron.A
- W32.Kromber
- W32.Kueight
- W32.Kuskus.Worm
- W32.Kwbot.B.Worm
- W32.Langex@mm
- W32.Lashplay
- W32.Launcer.A
- W32.Lavehn.A@mm
- W32.Leave.B.Worm
- W32.Lecivio
- W32.Lecna.A
- W32.Led@mm
- W32.Leebad
- W32.Lemoor.A
- W32.Liac.A@mm
- W32.Likasimal
Contact Us
|
Privacy Policy
|
Site Map
Copyright © Uniblue Systems Limited 2007. All rights reserved.