Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fizzer Worm Uninstalling Itself

Posted by CowboyNeal on Friday May 16, 2003 @12:08AM from the sigh-of-relief dept.

boredMDer writes "According to a recent update on the Dshield.org mailing list, apparently the Fizzer Task Force has gained control of the Geocities webpage from which Fizzer updates itself. From an IRC-Security mailing list: 'We have also postted a Fizzer cleaner to the actual URL that the bot downloads its updates from, as a self extracting and running executable.' The Fizzer-uninstaller posted there creates the file '%WinDir%\uninstall.pky', which then causes Fizzer to remove all of its registry keys. Looks like the Fizzer worm will soon come to an end."

4 of 434 comments (clear)

Min score:

Reason:

Sort:

Possible application of strategy by trikberg · 2003-05-16 00:18 · Score: 1, Offtopic

This could be applied to another virus: Windows.
1. Hack the "secure" automatic update system.
2. Add/modify critical update.
3. Have said update uninstall Windows when executed.
3. Wait for machines to update themselves and auto-destruct.
4. ???
5. Profit.

--
This post is free (as in cheese in a mousetrap).
Re:outrageous by leviramsey · 2003-05-16 00:28 · Score: 0, Offtopic

Plz rate (5, Insightful). K thx.
Re:wtf? by insomnike · 2003-05-16 00:32 · Score: 0, Offtopic

Hey Scott!

Remember me? That's assuming you're the SComps I'm thinking of.

Aaron of t2.ph...
Helpfully by SEWilco · 2003-05-16 01:33 · Score: 0, Offtopic

In fact, most states have "Good Samaratin" laws...
You know, the source for that phrase is from a popular book. If you use the phrase you should have read it, just as if you want to use "Round up the usual suspects" or "I feel pretty and witty and bright", you should view the source so you know the context and inferences. If you read it you should have learned the proper spelling. Or maybe you have only read it in the original Hebrew and Greek.
And I'm just trying to help. :-)