1. /
  2. Security Response/
  3. W32.Sircam.Worm@mm


Risk Level 2: Low

July 17, 2001
February 13, 2007 11:36:55 AM
Also Known As:
W32/SirCam@mm [McAfee], Backdoor.SirCam, I-Worm.Sircam.a [AVP], WORM_SIRCAM.A [Trend], W32/Sircam-A [Sophos], W32/Sircam [Panda], Win32.Sircam.137216 [CA], W32/Sircam.worm@mm [F-Secure], Win32.HLLW.SirCam [DrWeb]
Systems Affected:
Windows 95, Windows 98, Windows Me

W32.Sircam.Worm@mm contains its own SMTP engine, and propagates in a manner similar to the W32.Magistr.Worm.
Due to what appears to be a bug, W32.Sircam.Worm@mm does not replicate under Windows NT, 2000, or XP.

Symantec Security Response has created a tool to remove this worm.

CAUTION: In some cases, if you have had NAV quarantine or delete infected files, you will not be able to run .exe files, however you will still be able to run the removal tool.

Configure Windows for maximum protection
Because this virus spreads by using shared folders on networked computers, to ensure that the virus does not reinfect the computer after it has been removed, Symantec suggests sharing with read-only access or using password protection. For instructions on how to do this, see your Windows documentation or the document How to configure shared Windows folders for maximum network protection.

Antivirus Protection Dates

  • Initial Rapid Release version July 17, 2001
  • Latest Rapid Release version May 1, 2013 revision 021
  • Initial Daily Certified version July 17, 2001
  • Latest Daily Certified version May 1, 2013 revision 017
  • Initial Weekly Certified release date July 17, 2001
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Low
  • Number of Infections: More than 1000
  • Number of Sites: More than 10
  • Geographical Distribution: Medium
  • Threat Containment: Moderate
  • Removal: Moderate


  • Damage Level: Medium


  • Distribution Level: High
Writeup By: Peter Ferrie

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report