1. Symantec/
  2. Security Response/
  3. W32.Kergez.A@mm

W32.Kergez.A@mm

Risk Level 1: Very Low

Discovered:
August 5, 2003
Updated:
February 13, 2007 12:04:38 PM
Also Known As:
I-Worm.Kergez [KAV]
Type:
Worm
Systems Affected:
Windows

W32.Kergez.A@mm is a mass-mailing worm that sends itself to all the email addresses that it finds in the following files:
  • Files with the *.asp, *.ht* extensions.
  • Files located in any of the directories specified in the registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders.

The email messages will have the following characteristics:

Subject
: (One of the following)
  • Are you vulnerable to identity theft!
  • Protects against viruses, worms, Trojans & hackers.
  • Position Virus Percentage by Occurrence...
  • Microsoft Software Update Services
  • Saves money with 12 months of fast free antivirus updates
  • Cleans and removes infected files
  • Now its even easier to reduce spam
  • The easy, automatic way to keep your PC virus free
  • Protects against Trojans hackers
  • Kisacasi AntiVirusleri update etmeyi unutmayin ;)
  • Protects against viruses
  • InternetExplorer security patch
  • Online hackers
Attachment: (One of the following)
  • WinXP_Virus_Patch.exe
  • Virusun_Ensesine_Tokat.exe
  • Sophos_Patch.exe
  • Flood_Protect.exe
  • TrendMicro_Patch.exe
  • InternetWorm_Clean.exe
  • Fprot_Patch.exe
  • Security.exe
  • PantaAntivirus_Patch.exe
  • DoS_Protect.exe
  • DDoS_Kill.exe
  • Virus_Research.exe
  • Kaspersky_Patch.exe
  • BullGuard_Patch.exe
  • Norton_Patch.exe
  • Virus_Cleaner.exe
  • Virus_Guard.exe
  • Protect.exe
  • Virus_Hunter_II.exe
  • Internet_Speed.exe
  • Virus_Block.exe
  • Antivir.exe
The worm attempts to terminate the processes of various programs, including antivirus software.

W32.Kergez.A@mm is written in Microsoft Visual C++ and is UPX-packed.

Antivirus Protection Dates

  • Initial Rapid Release version August 6, 2003
  • Latest Rapid Release version August 8, 2016 revision 023
  • Initial Daily Certified version August 6, 2003
  • Latest Daily Certified version August 9, 2016 revision 001
  • Initial Weekly Certified release date August 6, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Scott Gettis

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube