Discovered: June 10, 2004
Updated: February 13, 2007 12:24:19 PM
Also Known As: W32/Zafi.b@MM [McAfee], Zafi.B [Computer Associates], W32/Zafi-B [Sophos], PE_ZAFI.B [Trend]
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
W32.Erkez.B@mm is a mass-mailing worm that sends itself to the email addresses found on an infected computer. It also copies itself to the folders that are likely to be shared on file-sharing networks.
When this worm infects a computer, it attempts to overwrite .exe files. The files that it targets are usually executables that belong to security products, including Symantec products. However, in some cases, the worm may overwrite .exe files that belong to other programs.
If the worm does overwrite .exe files, some programs or operating system functions may no longer work correctly.
This threat is compressed with FSG.
Note:
The worm does not have a static MD5 value.
Antivirus Protection Dates
-
Initial Rapid Release version June 11, 2004
-
Latest Rapid Release version July 27, 2009 revision 085
-
Initial Daily Certified version June 11, 2004
-
Latest Daily Certified version July 27, 2009 revision 073
-
Initial Weekly Certified release date June 13, 2004
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Medium
-
Number of Infections: 50 - 999
-
Number of Sites: More than 10
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Moderate
Damage
Distribution
Writeup By: Yana Liu
Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
