Xois
December 20th, 2001, 12:24 PM
Command Software Systems, Inc. **
*** VIRUS ALERT ***
W32/Keyluc.C@mm
Name: W32/Keyluc.C@mm
Aliases: W32/Maldal.c@MM, Maldal, W32.Maldal.C@mm, W32/Zacker-C
Type: Internet Worm
Discovery Date: December 19, 2001
Description:
W32/Keyluc.C@mm is a mass-mailing worm written in Visual Basic. This worm spreads through Microsoft Outlook, and arrives as an email that contains the following information:
Subject: Happy New Year
Message: Hii
I can't describe my feelings
(But all I can say is
Happy New Year :)
Bye
Attachment: Christmas.exe
When this attachment is run, the worm is executed and will display a window that appears to be a Christmas greeting.
While this pop-up window is distracting the user, the worm will copy itself to the Windows System directory as "Christmas.exe" and creates the following registry key:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run Zacker
= C:\Windows\Christmas.exe
And modifies the following registry key:
HKLM\System\CurrentControlSet\Control\ComputerName\ComputerName
ComputerName = "ZaCker"
W32/Keyluc.C@mm will also email a copy of itself to every recipient in the Microsoft Outlook address book.
Detection:
Command Antivirus version 4.58.3 with definition files dated 12/19/01 will detect and delete this virus.
======================================================================
To get the latest definition files, you can click the "update deffiles" button in your desktop Command Antivirus(tm) product, or link to download "virus definition updates" at:
US Web Site: http://www.commandsoftware.com/downloads/virus_definition_updates.cfm
UK Web Site: http://www.command.co.uk/html/downloads/defupdate.html
Australia (Pac Rim) Web Site: http://www.commandcom.com.au/downloads/index.html
==================================================================
If you have any issues concerning your membership to this list service, please send them to postmaster@commandsoftware.com
==================================================================
To unsubscribe from this list, please go to: http://www.commandcom.com/html/deflist.html
Enter your e-mail address
From the Choose an Option drop-down box
Select "Leave the Definition Files List" ==================================================================
*** VIRUS ALERT ***
W32/Keyluc.C@mm
Name: W32/Keyluc.C@mm
Aliases: W32/Maldal.c@MM, Maldal, W32.Maldal.C@mm, W32/Zacker-C
Type: Internet Worm
Discovery Date: December 19, 2001
Description:
W32/Keyluc.C@mm is a mass-mailing worm written in Visual Basic. This worm spreads through Microsoft Outlook, and arrives as an email that contains the following information:
Subject: Happy New Year
Message: Hii
I can't describe my feelings
(But all I can say is
Happy New Year :)
Bye
Attachment: Christmas.exe
When this attachment is run, the worm is executed and will display a window that appears to be a Christmas greeting.
While this pop-up window is distracting the user, the worm will copy itself to the Windows System directory as "Christmas.exe" and creates the following registry key:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run Zacker
= C:\Windows\Christmas.exe
And modifies the following registry key:
HKLM\System\CurrentControlSet\Control\ComputerName\ComputerName
ComputerName = "ZaCker"
W32/Keyluc.C@mm will also email a copy of itself to every recipient in the Microsoft Outlook address book.
Detection:
Command Antivirus version 4.58.3 with definition files dated 12/19/01 will detect and delete this virus.
======================================================================
To get the latest definition files, you can click the "update deffiles" button in your desktop Command Antivirus(tm) product, or link to download "virus definition updates" at:
US Web Site: http://www.commandsoftware.com/downloads/virus_definition_updates.cfm
UK Web Site: http://www.command.co.uk/html/downloads/defupdate.html
Australia (Pac Rim) Web Site: http://www.commandcom.com.au/downloads/index.html
==================================================================
If you have any issues concerning your membership to this list service, please send them to postmaster@commandsoftware.com
==================================================================
To unsubscribe from this list, please go to: http://www.commandcom.com/html/deflist.html
Enter your e-mail address
From the Choose an Option drop-down box
Select "Leave the Definition Files List" ==================================================================