1. Symantec/
  2. Security Response/
  3. W32.Witty.Worm

W32.Witty.Worm - Removal

Risk Level 2: Low

March 20, 2004
February 13, 2007 12:19:50 PM
Also Known As:
W32/Witty.worm [McAfee], WORM_WITTY.A [Trend]
Systems Affected:

Note: Because the worm resides in memory only and is not written to disk, virus definitions do not detect this threat. Symantec Security Response recommends that you follow the steps described below to remove this threat.

  1. Obtain the patch for the vulnerability from http://www.iss.net/download/.

  2. Disconnect the affected computer from the network.

  3. Restart the computer to remove the threat from memory.

    Note: If the computer has been infected, it may not restart properly. If this occurs, Symantec Security Response recommends using a data recovery program.

  4. Apply the patch.

  5. Reconnect to the network.

Writeup By: Eric Chien

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube