W32.Changeup is a worm that spreads through removable and mapped drives. It also spreads by exploiting the Microsoft Windows Shortcut 'LNK' Files Automatic File Execution Vulnerability (BID 41732). The worm may also spread through certain file-sharing programs.

The threat W32.Changeup was discovered by Symantec Security Response Threat Severity Assessment on August 18, 2009 and was classified as Worm.

Initial Daily Certified version of virus definitions for Norton security products was released on August 17, 2009 revision 054. It should be noted that users with the older versions of Norton Internet Security are limited to Daily LiveUpdate definitions. For more information, go to the page where the are described virus definitions available for Norton products.

W32.Changeup Threat Assessment

Component	Severity
Wild Level	Low
Number of Infections	50 - 999
Number of Sites	3 - 9
Geographical Distribution	Low
Threat Containment	Easy
Removal	Easy
Damage Level	Medium
Distribution Level	Medium

According to the Symantec Threat Severity Assessment, overall risk of W32.Changeup is now categorized as «Low» — threat type characterized either as low or moderate wild threat (but reasonably harmless and containable) or non-wild threat characterized by an unusual damage or spread routine, or perhaps by some feature of the virus that makes headlines in the news. Read more about Threat Severity Assessment.

This threat affect the following operating systems:

• Windows 98
• Windows 95
• Windows XP
• Windows Me
• Windows Vista
• Windows NT
• Windows Server 2003
• Windows 2000

More information about W32.Changeup, you can find on the official site of Symantec Corporation, where in addition to useful information you can find technical details and removal instructions: www.symantec.com

It is also recommended to read the article Network security threats, where you can find a brief description and explanation of the most dangerous security threats plus a few simple tips on how to protect your personal computer from them.