-
Discovered:
- December 29, 2000
-
Updated:
- February 13, 2007 11:34:00 AM
-
Also Known As:
- TQLL-A, VBS.NewYear
-
Type:
- Worm
VBS.TQLL.A@mm is a worm that is written in Visual Basic Script. As of 6:00 P.M. PST on December 29, 2000, Symantec has had no confirmed reports
of this virus, and it is considered low risk at this time.
The worm is sent by email with the following subject, message, and attachment:
Subject: New Year !
Message: Wow Happy New Year !
Attachment: happynewyear.txt.vbs
The attachment size is 10,390 bytes.
The worm will not execute by simply reading the email message. If the attached Happynewyear.txt.vbs file is executed, it creates a malicious program named 3k.exe in the \Windows folder. Happynewyear.txt.vbs will then run 3k.exe automatically. 3k.exe is a Trojan horse program. Norton AntiVirus will detect it as Backdoor.TQLL. The worm also sends itself to everyone in your Microsoft Outlook address book.
Antivirus Protection Dates
-
Initial Rapid Release version December 29, 2000
-
Latest Rapid Release version December 29, 2000
-
Initial Daily Certified version December 29, 2000
-
Latest Daily Certified version December 29, 2000
-
Initial Weekly Certified release date pending
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Easy
Writeup By: Motoaki Yamamura
