1. Symantec/
  2. Security Response/
  3. W32.Heovin@mm


Risk Level 2: Low

December 6, 2002
February 13, 2007 11:41:29 AM
Systems Affected:

W32.Heovin@mm is a mass-mailing worm that uses Microsoft Outlook to send itself to all contacts in Windows Address Book. It attempts to send a copy of itself to other mIRC users. It also has backdoor capabilities that allows a hacker to remotely control an infected computer. The email message has the following characteristics:
The subject line is one of the following,
Subject: Flash funny pic
Subject: Check This update
Message: Check dis out!
Attachment: Funnyflush.pif

This threat is written in the Microsoft Visual Basic programming language.

NOTE: Definitions dated earlier than December 9, 2002, may detect this threat as Bloodhound.W32.VBWORM.

Antivirus Protection Dates

  • Initial Rapid Release version December 9, 2002
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version December 9, 2002
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date December 11, 2002
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Yana Liu

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube