Return To Home Page Search Fire Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info Prognet Privacy Statement

Click here to view product details, fire framework, screen shots, Y2K statement, etc.Download fire evaluation copy, updates, upgrades, user manual, free utils and lot more.Customers can enjoy technical support, security tips, FAQ, free virus alert mail, etc. Online ordering, renewal form and upgrade details.Resellers, dealers and distributors can enter here.Click here to view latest virus alerts, virus information center, virus calendar, etc.Latest news and other press releases.About Prognet Technologies Pvt. Ltd, technical team, clients, events and lot more.

 

NAVIDAD.B INTERNET WORM SPREADING RAPIDLY

                     Navidad.b is the modified variant of Navidad worm and it uses different icon and file name to spread. The worm is 16,896 bytes long {16.5KB} and it is packed with UPX file compressor. The e-mail attachment name will be "EMANUEL.EXE".

                     While opening the e-mail attachment, the worm will show the following error message. When the user clicks ok button it will create a flower icon in the tray.

    

When the infected user clicks the flower icon, it will display following message.

When the message box button is pressed it will display the followinmg message.

When the user try to close the message box it will display the following message box.

                    The worm drops "WINTASK.EXE" in the Windows system folder and it modifies the registry settings to load automatically. So the infected user can't run any Windows applications. When the user try to run an application, the worm file is executed and it will generate one more flower icon in the tray.

                    The worm also sends infected mails to the mails stored in the inbox. The message subject will be "RE:" and the message body will be empty. The e-mail attachment name will be "EMANUEL.EXE". A free download is available to fix the registry settings modified by Navidad worm.

How can I protect my system?

Fire has incorporated I-Worm/Navidad into its virus signature file, with the aim of helping users affected by this Worm attack to detect and eliminate it from their systems. Fire anti-virus users can update this signature file by using online update facility.

How can I find my system is infected?

                     You can check the system manually. This worm creates flower icons in the tray. Also the infected user can't open any Windows applications. A free download of FireLite [ 1100KB ] version is available to detect all viruses. If you find any virus, use registered windows version of Fire to remove. To get the registered version of Fire call us at 044-28170440 or mail to service@fireav.com or purchase Fire online using

[Analysis: Mr.Ramesh, Mr.Xavier, Prognet Technologies Pvt. Ltd, Jan. 2001]

Go to top of the page
.