W32.Tendoolf

Risk Level 1: Very Low

Printer Friendly Page

Discovered: May 1, 2002

Updated: February 13, 2007 11:59:57 AM

Also Known As: Backdoor.SubSeven, W32/Floodnet@MM, Win32/Cute.Worm, WORM_TENDOOLF.A

Type: Trojan Horse

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP

W32.Tendoolf is a variant of Backdoor.Subseven, which appears to be able to spread through email. The email message has the following characteristics:

Subject: Thoughts...
Message: I just found this program, and, i dont know why... but it reminded me of you. check it out.
Attachment: Cute.exe

The mailing routine has not been successfully reproduced in a laboratory environment.

Definitions dated prior to May 2, 2002, may detect this as Backdoor.SubSeven.

Protection

Initial Rapid Release version May 2, 2002
Latest Rapid Release version August 20, 2008 revision 017
Initial Daily Certified version May 2, 2002
Latest Daily Certified version January 20, 2009 revision 048
Initial Weekly Certified release date May 8, 2002

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

Wild Level: Low
Number of Infections: 0 - 49
Number of Sites: 0 - 2
Geographical Distribution: Low
Threat Containment: Easy
Removal: Easy

Damage

Damage Level: Low

Distribution

Distribution Level: Low

Writeup By: Douglas Knowles

Technical Details

Search Threats

Search by name

_{Example: W32.Beagle.AG@mm}