W32/Maldal.E@mm

Threat risk

Threat risk medium


Detection files published: 03 Jan 2002	Description created: 2001-12-31	Description updated: 2002-01-03

Malware type: Worm	Alias: W32/Maldal.D	Spreading mechanism Email

Payload: Deletes files

Summary
Spreading description
Threat description
Removal

Summary

This is a variant in the Maldal email worm series. So far there are at least seven variants in this family.

This variant is compressed using the Aspack compression utility, and is 27136 bytes long.

Spreading description

Email characteristics:

Body: Variable, somposed of several fragments

Attachment: zacker.exe, or executable with name of computer

The worm renames the infected computer (ComputerName) to "ZaCker".

Because of this the subject and attachment name will often be "ZaCker" as the worm uses computername for mail subject and attachment name.

Threat description

The worm attepts to delete a lot of files, including several antivirus installations.

Removal

General information about removal of malicious software

Norman's antivirus products are in general able to remove all malicious software that is detected.
Some malware, however, uses techniques that the general product does not remove sufficiantly. We have therefore developed the free product Norman Malware Cleaner. Please use the latest version of this program from the link below - if your Norman antivirus is unable to clean-up the infection.

Usage	Title	Comment
	Stopping network share infectors
	Cleaning of back-up folders on Windows Me and XP

Print page