1. /
  2. Security Response/
  3. VBS.TQLL.A@mm

VBS.TQLL.A@mm

Risk Level 1: Very Low

Discovered:
December 29, 2000
Updated:
February 13, 2007 11:34:00 AM
Also Known As:
TQLL-A, VBS.NewYear
Type:
Worm

VBS.TQLL.A@mm is a worm that is written in Visual Basic Script. As of 6:00 P.M. PST on December 29, 2000, Symantec has had no confirmed reports
of this virus, and it is considered low risk at this time.

The worm is sent by email with the following subject, message, and attachment:

Subject: New Year !

Message: Wow Happy New Year !

Attachment: happynewyear.txt.vbs

The attachment size is 10,390 bytes.

The worm will not execute by simply reading the email message. If the attached Happynewyear.txt.vbs file is executed, it creates a malicious program named 3k.exe in the \Windows folder. Happynewyear.txt.vbs will then run 3k.exe automatically. 3k.exe is a Trojan horse program. Norton AntiVirus will detect it as Backdoor.TQLL. The worm also sends itself to everyone in your Microsoft Outlook address book.

Antivirus Protection Dates

  • Initial Rapid Release version December 29, 2000
  • Latest Rapid Release version December 29, 2000
  • Initial Daily Certified version December 29, 2000
  • Latest Daily Certified version December 29, 2000
  • Initial Weekly Certified release date pending
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Low

Distribution

  • Distribution Level: Low
Writeup By: Motoaki Yamamura

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver