1. Symantec/
  2. Security Response/
  3. W32.Kriz


Risk Level 2: Low

August 11, 1999
February 13, 2007 11:34:21 AM
Systems Affected:

W32.Kriz was first discovered in the Fall of 1999. The virus infects files on Windows 95/98 systems.

The virus has a dangerous payload that triggers on December 25 of any year. The payload is designed to overwrite files on the floppy disk, hard disk, RAM disk, and network drives. It also clears the information stored on the BIOS. This payload is similar to the W95.CIH virus.

In October 2000, Symantec Security Response received an increase in submissions of the virus. Symantec Security Response believes that the spread of W32.Kriz gained momentum when several widespread worms were infected by W32.Kriz and helped spread the virus.

Antivirus Protection Dates

  • Initial Rapid Release version August 17, 1999
  • Latest Rapid Release version March 22, 2018 revision 051
  • Initial Daily Certified version August 17, 1999
  • Latest Daily Certified version March 23, 2018 revision 003
  • Initial Weekly Certified release date August 17, 1999
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Eric Chien

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube