- June 4, 2003
- February 13, 2007 12:02:01 PM
Also Known As:
W32.HLLW.Lavits is a worm that attempts to spread across the KaZaA file-sharing network. This worm also uses Microsoft Outlook to send email to all the contacts in the Microsoft Outlook Address Book. When W32.HLLW.Lavits is run, it will display a fake message with the message title "Application Error."
The email does not have an attachment. The email messages have the following characteristics:
Subject: Where are you?
Where are you?,I enjoy speaking with you :)
Simdi icinden buda kim diyorsundur :)
W32.HLLW.Lavits is written in Visual Basic (VB) and is packed with UPX.
NOTE: Definitions dated prior to June 6, 2003 may detect this threat as W32.HLLW.Xolox@mm.
Security Response could not successfully reproduce the mass-mailing routine in a controlled laboratory environment. The worm did not attach itself to any outgoing emails.
Antivirus Protection Dates
Initial Rapid Release version June 5, 2003
Latest Rapid Release version September 28, 2010 revision 054
Initial Daily Certified version June 5, 2003
Latest Daily Certified version September 28, 2010 revision 036
Initial Weekly Certified release date June 5, 2003
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Scott Gettis