Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- January 21, 2003
- Updated:
- February 13, 2007 11:56:17 AM
- Type:
- Worm
- Systems Affected:
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
W32.HLLW.Backzat.G is a mass-mailing worm that uses Microsoft Outlook to send itself to all the contacts in the Microsoft Outlook Address Book. It also attempts to spread itself through the Grokster, eDonkey2000, BearShare, Morpheus, and KaZaA file-sharing networks. This worm may distribute itself across the mapped drives and through AIM95, mIRC, and ICQ.
W32.HLLW.Backzat.G deletes the security software from your computer.
The email it sends has the following characteristics:
Subject: Fw: Hello there.
Message: Hey, I just recieved a screen saver in the mail and it is really cute. Take a loot.
Attachment: CuteKirby.Scr
This threat is written in the Microsoft C++ programming language and is compressed with UPX.
Antivirus Protection Dates
- Initial Rapid Release version January 22, 2003
- Latest Rapid Release version September 28, 2010 revision 054
- Initial Daily Certified version January 22, 2003
- Latest Daily Certified version September 28, 2010 revision 036
- Initial Weekly Certified release date January 22, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
- Wild Level: Low
- Number of Infections: 0 - 49
- Number of Sites: 0 - 2
- Geographical Distribution: Low
- Threat Containment: Easy
- Removal: Easy
Damage
- Damage Level: Medium
Distribution
- Distribution Level: Low
Writeup By: Yana Liu
