Return To Home Page Search Fire Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info Prognet Privacy Statement

Click here to view product details, fire framework, screen shots, Y2K statement, etc.Download fire evaluation copy, updates, upgrades, user manual, free utils and lot more.Customers can enjoy technical support, security tips, FAQ, free virus alert mail, etc. Online ordering, renewal form and upgrade details.Resellers, dealers and distributors can enter here.Click here to view latest virus alerts, virus information center, virus calendar, etc.Latest news and other press releases.About Prognet Technologies Pvt. Ltd, technical team, clients, events and lot more.

 

Blackmal/Nyxem Worm

Information about Blackmal Worm:

                     Blackmal Worm mostly comes as an attachment in different form and uses the mail address of the targeted system and keeps spreading in the same manner. The worm starts attacking on 3rd of every month starting from February 3rd of 2006.

                     When the worm file is executed it copies itself as one of the following

%Windows%\Rundll16.exe
%System%\scanregw.exe
%System%\Winzip.exe
%System%\Update.exe
%System%\WINZIP_TMP.EXE
%System%\SAMPLE.ZIP
%System%\New WinZip File.exe
movies.exe
Zipped Files.exe

W32.Blackmal.E@mm modifies registry run section to load automatically on the next startup. The registry modification is given below.

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ScanRegistry = scanregw.exe /scan

                     The nature of the virus is destructive and will attack files with extension .doc , .pdf , .xls , .zip , .ppt , ...etc. This will also attack antivirus applications making the system more vulnerable for future attacks.

                     It contains its own SMTP engine and spreads through shared network and mass mailing method. It spreads on Windows 95,Windows 98,Windows 2000,Windows NT and Windows XP

Removing Blackmal worm from your computer:

                     Fire has incorporated blackmal worm in signature file to protect Fire users from this worm attack. Fire anti-virus users can update this signature file by using online update facility. It is available with the registered version of Fire anti-virus Kit.

                     A free download of FireLite [ 1100 KB ] version is also available to detect Blackmal Worm. If you find this worm, use registered version of Fire to remove. To get the registered version of Fire call us at 044-28170440 or mail to service@fireav.com

[Analysis: Mr.Jacob Kalis, Prognet Technologies Pvt. Ltd, Feb. 2006]

Go to top of the page
.