|W32.HLLW.Cult.P@mm is a mass-mailing worm that uses its own SMTP engine to send itself to randomly generated email addresses.
The worm also has IRC Trojan functionality that allows an attacker to control infected computer by using Internet Relay Chat (IRC).
The commands allow the attacker to perform any of the following actions:
Deliver system and network information to the attacker
Download and execute files
Dynamically update the installed worm
Send the worm to other IRC channels to attempt to compromise more computers
Trigger a mass-mailing function
Send email that contains the worm to any email address
The email message has the following characteristics:
Subject: Hello , I sent you a beautiful Love Card ^_*
To see your Card, Please open the attachment
If you want to send a reply, please visit
Copies itself as %System%\Windvd98.exe.
Adds the value:
to the registry keys:
so that the worm runs when you start Windows.
Use antivirus (also check How To Remove section)Startup Optimizer to remove it from the system registry.
Still have a problem? Ask for help at our discussion forum.
: : Recent posts at Forums
Fatal error: Incompatible file format: The encoded file has format major ID 1, whereas the Loader expects 7 in /home/software/public_html/forum/includes/functions_vbseo.php on line 0