1. Symantec/
  2. Security Response/
  3. W32.Erkez.B@mm


Risk Level 2: Low

June 10, 2004
February 13, 2007 12:24:19 PM
Also Known As:
W32/Zafi.b@MM [McAfee], Zafi.B [Computer Associates], W32/Zafi-B [Sophos], PE_ZAFI.B [Trend]
Systems Affected:

W32.Erkez.B@mm is a mass-mailing worm that sends itself to the email addresses found on an infected computer. It also copies itself to the folders that are likely to be shared on file-sharing networks.

When this worm infects a computer, it attempts to overwrite .exe files. The files that it targets are usually executables that belong to security products, including Symantec products. However, in some cases, the worm may overwrite .exe files that belong to other programs.

If the worm does overwrite .exe files, some programs or operating system functions may no longer work correctly.

This threat is compressed with FSG.

The worm does not have a static MD5 value.

Antivirus Protection Dates

  • Initial Rapid Release version June 11, 2004
  • Latest Rapid Release version March 23, 2017 revision 037
  • Initial Daily Certified version June 11, 2004
  • Latest Daily Certified version March 23, 2017 revision 041
  • Initial Weekly Certified release date June 13, 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Yana Liu

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube