1. Symantec/
  2. Security Response/
  3. W32.Kergez.C@mm


August 6, 2003
February 13, 2007 12:04:44 PM
Also Known As:

W32.Kergez.C@mm is a mass-mailing worm that sends itself to all the email addresses it finds in the following files:
  • Files with the *.php, *.asp, *.htm* extensions.
  • Files located in any of the directories specified in the registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders>
The email messages will have the following characteristics:

Subject: Re: New Security Vuln.
Attachment: Virus_Guard.exe

W32.Kergez.C@mm is written in Microsoft Visual C++ and is UPX-packed.

Antivirus Protection Dates

  • Initial Rapid Release version August 7, 2003
  • Latest Rapid Release version March 23, 2017 revision 037
  • Initial Daily Certified version August 7, 2003
  • Latest Daily Certified version March 23, 2017 revision 041
  • Initial Weekly Certified release date August 13, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Scott Gettis

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube