iMartin
10-02-2003, 12:27 AM
W32.Galil.C@mm is a mass-mailing worm that sends itself to the email addresses it finds in the files that have the .htm, .html, .eml, and .txt file extensions. The email will have a variable subject line and attachment name.
This worm sends itself to all the contacts in the Microsoft Outlook address book and MSN Messenger contact list, and it attempts to spread itself through the KaZaA file-sharing network.
This threat is written in the Microsoft Visual Basic programming language and is compressed with UPX.
Type: Worm
Infection Length: 56,614 bytes, 20,992 bytes
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Systems Not Affected: DOS, Linux, Macintosh, OS/2, UNIX
-How To Remove-
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
Disable System Restore (Windows Me/XP).
Update the virus definitions.
Restart the computer in Safe Mode or VGA mode.
Run a full system scan and delete all the files detected as W32.Galil.C@mm.
Delete the value that was added to the registry.
More Info Here (http://www.symantec.com/avcenter/venc/data/[email protected])
This worm sends itself to all the contacts in the Microsoft Outlook address book and MSN Messenger contact list, and it attempts to spread itself through the KaZaA file-sharing network.
This threat is written in the Microsoft Visual Basic programming language and is compressed with UPX.
Type: Worm
Infection Length: 56,614 bytes, 20,992 bytes
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Systems Not Affected: DOS, Linux, Macintosh, OS/2, UNIX
-How To Remove-
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
Disable System Restore (Windows Me/XP).
Update the virus definitions.
Restart the computer in Safe Mode or VGA mode.
Run a full system scan and delete all the files detected as W32.Galil.C@mm.
Delete the value that was added to the registry.
More Info Here (http://www.symantec.com/avcenter/venc/data/[email protected])