Search Solo Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info SRN Micro Privacy Statement



Process Name  : Christmas.exe

Process Path : %SYSTEM%\christmas.exe
[ C:\Windows\System32\Christmas.exe ]

Process type    : Internet Worm

Malware Name : W32.Maldal.C@mm

Alias             : I-Worm.Maldal.C, W32/Maldal-C, WORM_Maldal.C,

Threat level : Low

Process Details

                     Christmas.exe is copied to Windows system folder by Maldal.C. It is an Internet worm uses Microsoft Outlook to spread. The worm is 37,376 bytes long and written in Visual Basic. It needs "MSVBVM50.dll" to spread otherwise it will show dll missing error. The e-mail attachment name will be "Christmas.exe"

                     The worm arrives as an e-mail attachment. The message subject will be "Happy New Year", the body will be "Hii I can’t describe my feelings But all i can say is Happy New Year :) Bye".

                     When executed it opens the Microsoft Outlook Address book and sends email to all the email Ids stored and also copies "Christmas.exe" to Windows System folder. Then it changes the registry settings so that Christmas.exe is automatically executed when the system is restarted.

                     Maldal worm changes the computer name to Jacker. It also changes Internet Explorer homepage link to zacker.htm web site. On visiting the link it drops a VB script, which tries to delete antivirus programs installed. It deletes any files with the extensions: .DLL, .DRV, .VXD, and .TSP in the System directory.

                     This worm is also known as W32.Reeezak.A@mm, W32.Zacker.C@mm, W32.Maldal.C@mm.

How can I protect my system?

                   Solo has incorporated Christmas.exe in its signature file to protect users from this worm attack. Solo antivirus registered users are already protected from this worm. Make sure that you have installed registered version of Solo Antivirus to protect your system from all virus threats.

How to remove this worm?

                   If you are already infected with christmas.exe process, you can remove it from your computer using Solo Antivirus software. Solo antivirus can detect and remove W32.Maldal.C@mm safely. Use the following link to Download 30 day trial version of Solo antivirus to remove viruses from your computer.

                   Solo anti-virus not only scans for all viruses, it contains a unique System Integrity Checker to protect you from New Internet Worms, Backdoors and malicious VB, Java Scripts. It also effectively removes all existing Internet Worms, File viruses, malicious VBS, Java scripts, Trojans, Backdoors, boot sector, partition table and macro viruses.

You can purchase Solo antivirus using the link