Discovered: May 8, 2003
Updated: February 13, 2007 12:01:11 PM
Also Known As: W32/Fizzer@MM [McAfee], Win32.Fizzer [CA], W32/Fizzer-A [Sophos], WORM_FIZZER.A [Trend], Fizzer [F-Secure], Win32/Fizzer.A@mm [RAV], I-Worm.Fizzer [KAV]
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
The W32.HLLW.Fizzer@mm:
- Is a mass-mailing worm that sends itself to all the contacts in the Windows Address Book.
- Contains a backdoor capability that uses mIRC to communicate with a remote attacker.
- Also contains a keylogger and attempts to spread through the KaZaA file-sharing network.
- Attempts to terminate the processes of various antivirus programs if they are found to be active.
NOTE: Virus definitions dated May 9, 2003 were posted as LiveUpdate definitions on May 12, 2003 in response to the upgrade.
Protection
-
Initial Rapid Release version May 9, 2003
-
Latest Rapid Release version June 25, 2009 revision 003
-
Initial Daily Certified version May 9, 2003
-
Latest Daily Certified version June 25, 2009 revision 007
-
Initial Weekly Certified release date May 9, 2003
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: More than 1000
-
Number of Sites: More than 10
-
Geographical Distribution: Medium
-
Threat Containment: Moderate
-
Removal: Moderate
Damage
Distribution
Writeup By: Yana Liu
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
