Name : Christmas.exe
Path : %SYSTEM%\christmas.exe
[ C:\Windows\System32\Christmas.exe ]
type : Internet
Name : W32.Maldal.C@mm
Alias : I-Worm.Maldal.C,
level : Low
is copied to Windows system folder by Maldal.C.
It is an Internet worm uses Microsoft Outlook to spread.
The worm is 37,376 bytes long and written in
Visual Basic. It needs "MSVBVM50.dll"
to spread otherwise it will show dll missing
error. The e-mail attachment name will be "Christmas.exe"
The worm arrives as an e-mail
attachment. The message subject will be "Happy
New Year", the body will be "Hii I cant
describe my feelings But all i can say is Happy
New Year :) Bye".
When executed it opens
the Microsoft Outlook Address book and sends
email to all the email Ids stored and also copies
"Christmas.exe" to Windows System
folder. Then it changes the registry settings so that
Christmas.exe is automatically executed when the
system is restarted.
Maldal worm changes the
computer name to Jacker. It also changes Internet
Explorer homepage link to zacker.htm web site. On
visiting the link it drops a VB script, which
tries to delete antivirus programs installed. It
deletes any files with the extensions: .DLL, .DRV,
.VXD, and .TSP in the System directory.
This worm is also known
as W32.Reeezak.A@mm, W32.Zacker.C@mm, W32.Maldal.C@mm.
How can I protect my
Solo has incorporated Christmas.exe
signature file to protect users from this worm
attack. Solo antivirus registered users are
already protected from this worm. Make sure that
you have installed registered version of Solo
Antivirus to protect your system from all virus
to remove this worm?
you are already infected with christmas.exe
process, you can remove it from your computer
using Solo Antivirus software. Solo
antivirus can detect and remove W32.Maldal.C@mm
safely. Use the following link to Download
30 day trial version of Solo antivirus
to remove viruses from your computer.
Solo anti-virus not only
scans for all viruses, it contains a unique System
Integrity Checker to protect you from
New Internet Worms, Backdoors and
malicious VB, Java Scripts. It also
effectively removes all existing Internet Worms,
File viruses, malicious VBS, Java scripts,
Trojans, Backdoors, boot sector, partition table
and macro viruses.
purchase Solo antivirus using the link