Precisa de ajuda? Peça à comunidade ou contrate um perito.
Acesse a Avira Answers
Alias:I-Worm.Maldal.d [KAV], I-Worm.Maldal.e [KAV], I-Worm.Maldal.f [KAV], W32/Maldal.d@MM [McAfee], W32/Maldal.e@MM [McAfee], W32/Maldal.f@MM [McAfee], W32/Maldal.g@MM [McAfee], WORM_MALDAL.D [Trend], WORM_MALDAL.E [Trend], WORM_MALDAL.F [Trend], WORM_MALDAL.G
Type:Worm 
Size:27 KByte 
Origin: 
Date:00-00-0000 
Damage:Sent by email. 
VDF Version:6.23.00.00 
Danger:Medium 
Distribution:High 

DistributionThe email sent by the worm contains:

Subject:

Body:
Test this game
I wish u like it
I have got this file for you
Surprise !!!
download this game & have fun ;)
desktop maker ,you may need it ;)
have you ever got a gift !?
What women wants !
Don't waste any time ,Subscribe now
Make your pc funny !
new program from my fun groups
Map of the world
Create your Ecard
looooooooooooooooool
Send it to everybody you love
Its made by me ;)
Our symbol
If you have an elegant taste
Test your mind
1 + 1 = 3 !!!
Singer , searsh for any song and sing ;)For everybody wants to marry a woman that he doesn't love !
nowadays , there is no womanhood !! :P
Just Try to fix it
Keep these advertisements run and earn 0.25 $ per 10 minute ;)
See this file

Attachment:
.exe

Technical DetailsWhen activated, the worm is copied as C:\WinDIR\SystemDIR\Win.exe.
It makes the following autostart registry entry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run %SystemDIR%\win.exe

In most cases, Windows can no longer be loaded because of the infection.
Then, the worm searches for the computer name, as it is programmed to use it in the email's components.

It deletes all antivirus programs it can find in the following directories:
Program Files\AntiViral Toolkit Pro\
Program Files\Command Software\F-PROT95\
eSafe\Protect\
PC-Cillin 95\
PC-Cillin 97\
Program Files\Quick Heal\
Program Files\FWIN32\
Program Files\FindVirus\
Toolkit\FindVirus\
F-macro\
Program Files\McAfeeVirusScan95\
Program Files\Norton AntiVirus\
TBAVW95\
VS95\
Rescue\
Program Files\Zone Labs\

Finally, it deletes some files, including those with extensions:
.ini .php .exe .com .mpeg .dat .zip .txt .exe .xls .doc .jpg
Descrição enviada por Crony Walker em terça-feira, 15 de junho de 2004

Voltar . . . .
https:// Esta janela é criptografada para sua segurança.