1. /
  2. Security Response/
  3. W32.Erkez.B@mm


Risk Level 2: Low

June 10, 2004
February 13, 2007 12:24:19 PM
Also Known As:
W32/Zafi.b@MM [McAfee], Zafi.B [Computer Associates], W32/Zafi-B [Sophos], PE_ZAFI.B [Trend]
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

W32.Erkez.B@mm is a mass-mailing worm that sends itself to the email addresses found on an infected computer. It also copies itself to the folders that are likely to be shared on file-sharing networks.

When this worm infects a computer, it attempts to overwrite .exe files. The files that it targets are usually executables that belong to security products, including Symantec products. However, in some cases, the worm may overwrite .exe files that belong to other programs.

If the worm does overwrite .exe files, some programs or operating system functions may no longer work correctly.

This threat is compressed with FSG.

The worm does not have a static MD5 value.

Antivirus Protection Dates

  • Initial Rapid Release version June 11, 2004
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version June 11, 2004
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date June 13, 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Yana Liu

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report