Discovered: April 21, 2003
Updated: February 13, 2007 12:00:26 PM
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
W32.HLLW.Kefy is an encrypted worm that attempts to spread itself through the KaZaA, KaZaA Lite, KMD, Morpheus, eDonkey2000, Limewire, Bearshare, iMesh, Overnet, Applejuice, Gnucleus, Grokster, Gnotella, Shareaza, Neomodus, Rapigator, WinMX, and Swapnut file-sharing networks, as well as ICQ. The worm attempts to terminate the processes of various antivirus and security programs.
W32.HLLW.Kefy also attempts to copy itself to the root folder of all the drives. This threat is written in the Microsoft Visual Basic programming language.
Protection
-
Initial Rapid Release version April 22, 2003
-
Latest Rapid Release version July 12, 2008 revision 018
-
Initial Daily Certified version April 22, 2003
-
Latest Daily Certified version July 12, 2008 revision 019
-
Initial Weekly Certified release date April 23, 2003
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Moderate
Damage
Distribution
-
Distribution Level: Medium
Writeup By: Yana Liu
