Symantec security response discovered the W32.HLLW.Fizzer@mm worm. This is a level 3 worm and was found on 5-08-03!
This question was answered on May 13, 2003. Much of the information contained herein may have changed since posting.
W32.HLLW.Fizzer@mm is a mass-mailing worm that sends itself to contacts in the victims address book The worm can also spread itself via the Kazaa peer to peer network It contains a DoS attack tool, an external keylogger DLL, an HTTP server and backdoor capabilities.
The Fizzer worm is very complex and attempts to disable antivirus programs when possible It also has the ability to update itself automatically
The email message has the following characteristics:
Subject, Message, & Attachment: Varies, file names are randomly chosen from a list carried by the worm.
Systems affected: Windows 95, 98, NT, 2000, XP, & Me
Get complete instruction on protection and removal from Symantec at:
<a href="http://sarc.com/avcenter/venc/data/[email protected]"> http://email@example.com</a>
About the author
Posted by Michal of Data Doctors on May 13, 2003