W32.Solvina.gen


Aliases: Win32.Mauz.a, W32/Solvina@MM, Win32.HLLM.Lamb.8192, W32/Solvina, Win32/Solvina.A@mm,
Variants: WORM_SOLVINA.A, Worm/Solvina, Win32:Trojan-gen., I-Worm/Solvina, Win32.Lamb.A@mm,

Classification: Malware
Category: Computer Worm

Status: Active & Spreading
Spreading: Moderate
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 18 Jan 2002
Damage: Low

Characteristics: The W32.Solvina.gen program is a mass mailing worm that multiplies itself to all contacts in the address book of Microsoft Outlook.

More details about W32.Solvina.gen

The W32.Solvina.gen program is a mass mailing worm that spreads itself to all contacts in the address book of Microsoft Outlook. The W32.Solvina.gen application is written in the Microsoft VB or Visual Basic programming language and compressed w/ “PackLite”. The email message has these characteristics: “Subject: Request Information”, “Message: Hi, We haven’t heard from you concerning your request for support in the 48 hours since we sent you a response. Consequently, we have changed the status of your question to be SOLVED. If your question is still UNRESOLVED please use the attached file below to update our records (File is self-extracting)”, and “Attachment: Lamb.exe”.

As with any other malicious programs, the W32.Solvina.gen worm is injected into the user’s system by employing deceptive means or by taking advantage of any security loophole it can locate within the system. It can also be installed through means that do not secure the prior consent of the user. Once installed, procedures to uninstall the program’s components are not adequate and complicated. The W32.Solvina.gen worm is capable of launching itself automatically at every Windows startup by simply modifying one of its created registry keys. It also creates various registry keys, processes and registry values when it has been installed.