W32.Frethem.Gen@mm


Aliases: I-Worm.Frethem.gen
Variants: W32.Frethem.J@mm, W32/Frethem.gen@MM, WORM_FRETHEM.J

Classification: Malware
Category: Computer Worm

Status: Inactive
Spreading: Slow
Geographical info: Some parts of Asia, Europe, North and South America, Africa and Australia
Removal: Easy
Platform: W32
Discovered: 12 Jun 2002
Damage: Low

Characteristics: On June 12, 2002, a generic detection that identifies variants of W32.Frethem was found. This worm is called W32.Frethem.Gen@mm. the worm primarily affects Windows systems (Windows 2000, 98, Me, NT and XP).

More details about W32.Frethem.Gen@mm

The worm, W32.Frethem.Gen@mm, merely detects variants of W32.Frethem. W32.Frethem is a mass-mailing worm which uses SMTP engines to be able to propagate. This worm uses email addresses listed in the Microsoft Windows Address Book and from .dbx files. The worm recovers the infected computer host’s SMTP server information from the system registry. Then, it sends itself to all email addresses. Although there is no malicious payload, the worm has the ability to infect more than one computer.

Other properties of the W32.Frethem.Gen@mm program include the distribution of threats and installation of files without the user’s knowledge or consent. It does not normally ask the user’s permission before any installations are made. Neither does it provide users with an End-User License Agreement or EULA. Furthermore, this virus purportedly exploits the security vulnerabilities in the codes of some applications. Exploits refer to programs that target the loopholes or mistakes in the codes of applications.