COMMAND

    ICKill

SYSTEMS AFFECTED

    Win systems

PROBLEM

    Bachrach found following.  After you run ICKill, it creates a file
    in the directory called 1.exe that acts as a fake explorer.  1.exe
    accesses   your   regedit   database,   and   copies   itself   to
    windows/system.  It changes the regedit so that the fake one  will
    run on startup.   It acts mostly the  same as the normal  explorer
    with one  very crucial  execption.   It contacts  a host  (I still
    can't figure out  which one), and  executes the commands  that are
    embedded within a text file on the computer.

    Bachrach has set up a page on this to both inform people at:

        http://members.tripod.com/~hakz/ICQ/index.html

    That site  also has  all of  the letters  Bachrach wrote to ICKill
    author and he wrote back.

SOLUTION

    Well if anyone  out there is  using or has  ever used ICKill  then
    get rid of it.  Bachrach has set up a page on this to both  inform
    people and explain how to get rid of all traces of the program:

        http://members.tripod.com/~hakz/ICQ/index.html