Discovered: November 24, 2001
Updated: February 13, 2007 11:37:49 AM
Also Known As: I-Worm.BadtransII [KAV], Badtrans.B@mm [Norman], W32/Badtrans.B [Panda], WORM_BADTRANS.B [Trend], W32/Badtrans-B [Sophos], W32/Badtrans.B@mm [F-Secure], W32/BadTrans@MM [McAfee], Win32.Badtrans.29020 [CA], Worm/Badtrans.B [Vexira]
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Due to a decreased rate of submissions, Symantec Security Response has downgraded the threat level of this worm from Category 3 to Category 2 as of May 5, 2003.
W32.Badtrans.B@mm is a MAPI worm that emails itself out using different file names. It also creates the file \Windows\System\Kdll.dll. It uses functions from this file to log keystrokes.
Antivirus Protection Dates
-
Initial Rapid Release version November 24, 2001
-
Latest Rapid Release version March 31, 2009 revision 036
-
Initial Daily Certified version November 24, 2001
-
Latest Daily Certified version April 15, 2009 revision 048
-
Initial Weekly Certified release date November 24, 2001
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Medium
-
Number of Infections: More than 1000
-
Number of Sites: More than 10
-
Geographical Distribution: High
-
Threat Containment: Moderate
-
Removal: Moderate
Damage
Distribution
Writeup By: Peter Ferrie
Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
