VBS/TQLL.A - A NEW MASS MAILER DETECTED

                     VBS/Tqll.a is a VB Script worm uses Microsoft outlook to spread. It needs windows scripting host to work. The attachment name will be Happnewyear.txt.vbs. The VBS extension will not appear if windows scripting host is installed.

                     When you open the attachment, it opens the Microsoft Outlook Address book and sends email to all the addresses stored in that. The message subject will be "New Year !", the message body will be "Wow Happy New Year !". It also drops a file called "3K.EXE".

                     It only replicates using outlook and won't damage data in the local machine. Because of the mass mailing routine there is threat to down the e-mail servers.

How can I protect my system?

Fire has incorporated VBS/Tqll.a in virus signature file, with the aim of helping users affected by this script attack to detect and eliminate it from their systems. Fire anti-virus users can update this signature file by using online update facility.

How can I find my system is infected?

                   A free download of FireLite [ 1100KB ] version is available to detect all viruses. If you find any virus, use registered windows version of Fire to remove. To get the registered version of Fire call us at 044-28170440 or mail to service@fireav.com or purchase Fire online using

[Analysis: Mr.Stanley Rakesh, Mr.A.Xavier, Prognet Technologies Pvt. Ltd, Dec. 2000]