Nombre de virus: W32/Holar.h@MM
Alias conocidos: -
Riesgo Infección: Bajo (Bajo, Medio, Alto, Muy Alto)
Propagación: Como fichero adjunto a e-mail, a través de comparticiones de red o por redes tipo P2P
Activación: Por ejecución de fichero infectado, contiene un contador destructivo.
Detección: desde DATS 4267
Motor necesario: desde 4.1.60
Infección actual: Baja (Inicial, Media, Elevada)

Asunto: '''*< Love Speaks it all >*'''

Texto:
Hii
Try this great program allowing u to translate 100 languages .
just write a passage in english and chose a language to get
the traslation one of my friends used it with his arabian gf
and it worked successfully ;)
so , Now we can say ' Love Speaks it All ' :)

Asunto: Co0o0o0o0oL

Texto:
i thing the subject is enough to describe the attached file !
check it out and replay your opinion
Cya

Asunto: Fw:

Texto:
You're gonna love it ;)
delete it after reading , Professor :P

Asunto: Heeeeeeeeeeeeeeeey

Texto:
i've got this surprise from a friend :)
it really deserves a few minutes of your time.
Bye

Asunto: Wussaaaaaaaap?

Texto:
Should i email u first to email me?
u don't know how much ur emails mean to me.
i wish u like this email and plzz don't forget me :)

Asunto: WoW But not for NoW

Texto:
coz i couldn't get the other part of it ,
any way , check it out
having alil thing is better than nothing :P

Asunto: y0 Ain't Got Shyt !

Texto:
All u can get is burning ur self
Coz all we can do is to watch, nothing for us to touch :(


Asunto: Why Do We FOk?

Texto:
let me answer ,,,
hummmmmmmmm
Coz we Burn Our selves by watching ********** like the
one i attached :P


Asunto: Heeelllooo , anybody home????

Texto:
i tried many times to send u this email but ur account was
out of storage as i think any way , make sure that i didn't
and i won't forget u :)
Cya Forgotten :P


Asunto: Why did u send me this shyt?

Texto:
THANX BUT I DON'T ACCEPT SEX MATERIALS FROM
STRANGERS. I SAW THEM N I WONDERED HOW U COULD
DO SO ?
I REATTACHED THE SHYT U SENT
PLEASE DON'T EMAIL ME ,


Asunto: Re:Hi

Texto:
No thanx , keep it for you :)


Asunto: Lo0o0o0o0o0o0o0o0o0o0o0o0oL

Texto:
Measure your intelligence , the power of your mind and the
speed of your reaction by answering several Qs , don't
forget to send me your mark.
I took 3.5/10 :P
Let's see who is more intelligent than the other!
Good Luck


Asunto: hurry up !!!

Texto:
this is the last one i could find ,
Don't forget , send me the project in a zipped file :)
Bye


Asunto: To Early To Have Sex!

Texto:
When i saw it i didn't believe that she was only 8 yrs old.
but when i saw the blood and heard the voice of her :( i got
Shocked


Asunto: Fw:Send it to all of the ppl u love

Texto:
Don't Believe ur self, I don't Love Ya :P
But i Don't know why i sent this to u.
Make use of it , Bye ;)


Asunto: Surpise !

Texto:
I'm in a harry ,
Send me any clip with voice like the one i attached .
And stop sending the booooring pictures
For your elegant Taste
elegant ppl should satisfy thier taste with elegant things ;)


Asunto: Again?

Texto:
I sent this email to another body :P and he replayed saying
Thanx !! i always write your email wrongly.
Hummm, if u like it replay to me , and don't forget to write
ur signature to make sure that i didn't send the email to a
wrong one ;)


Asunto: Who are you??????

Texto:
i'm fine , thanx for asking :)
and thanx for the nice attachements.
but unfortunately, i don't remember you
i will be waiting for u emaill to remind me of your self.


Asunto: Hummm , i hope u accept this show as an apology.

Texto:
The Spanish Beauty
it's a mix of the Arabian beauty & the european grace !
satisfy your eyes with the beauty that u have never seen ;)


Asunto: I've Got it :)

Texto:
I've got it from KaZaA network ,
it seems not to be full but that's all i could find :(


Asunto: Helloooooooo

Texto:
I've got your email , but you forgot to upload the
attachments. Don't be selfish , i sent you all the files i
have, send me anything :(


Asunto: If u are booooored ...

Texto:
i found it in my Recycled , i know u love this kind of thing ;)
attachment :) bye

Asunto: Dispatch@McAfee.com

Texto:
Virus Alert !
Dear User,
McAfee.com Has recieved an infected message from you
.We believe that you are infected with Win32/HaWawi@MM
Virus.
Please download the attached tool (ToolAv01w32) which
will help you to clean your PC.
For more information :
*Create an email addressed to virus_research@nai.com.

 

Aint_it_Funny.pif

AniMaL_N_Burning_Ladies.pif

Beauty_VS_Your_FaCe.pif

Broke_ass.pif

Come_2_Cum.pif

Endless_life.pif

Famous_PpL_N_Bad_Setuations.pif

Gurls_Secrets.pif

HaWawi_N_Hawaii.pif

Hearts_translator.pif

Hot_Show.pif

How_to_improve_ur_love.pif

Leaders_Scandals.pif

Lo0o0o0o0oL.pif

Real_Magic.pif

Shakiraz_Big_ass.pif

Short_vClip.pif

Sweet_but_smilly.pif

Tears_of_Happiness.pif

Tedious_SeX.pif

Teenz_Raper.pif

The_Truth_of_Love.pif

ToolAv01w32.pif

unfaithful_Gurls.pif

White_AmeRica.pif

XxX_Mpegs_Downloader.pif

 

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Explore" = C:\WINDOWS\SYSTEM\EXPLORE.exe

Propagación a través de red

Activación

si el contador supera el valor de 30 ejecuciones, el gusano intentará borrar todos los ficheros de datos del sistema, presentando secuencialmente las siguientes cajas de mensaje:

Eliminación
El gusano se controla desde los DAT arriba indicados (mínimo 4267). Para detener el proceso en memoria del gusano, y eliminar ficheros y claves de registro creadas, pueden ejecutar nuestra utilidad EliHolaA

SATINFO, VIRUSCAN SPAIN SERVICE 29 de Mayo de 2003

Anterior