A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z | Encyclopedia Home
Also see: Hoax Encyclopedia | Repair Center | News Briefs | Glossary | Infected Attachments | Prevention Center
|
Tqll
According to reports from F-Secure Tqll exhibits the following characteristics:
Type: Internet/email worm
What to look for: Search for 3k.exe
Aliases: VBS/Tqll, New Year Worm
Systems Affected: Windows 32-bit systems
Payload: Installs backdoor component (identified by F-Secure as Psychward.G)
ITW: Yes
Origin:
Description: When it is executed, it first creates to the Windows directory a file named "3k.exe". This file is a backdoor detected by FSAV as Psychward.G. The worm then executes the backdoor, after which the script uses Outlook to send itself to every recipient listed in each address book. The message appears as follows:
Subject: New Year !
and carries an attachment named: happynewyear.txt.vbs
Body: Wow Happy New Year!
How to prevent it: Do not open attachments received unexpectedly even if from known senders. Most email worms take advantage of the infected user's address book, and thus email worms are most likely to be received from a known source.
