Panda Software reports the appearance of Lirva, a new and potentially fast-spreading worm
Posted on 08.01.2003
Panda Software's Virus Laboratory has detected the appearance of a new worm Lirva (W32/Lirva). This new malicious code has the capacity to spread using various means of transmission, including e-mail, the file swapping tool KaZaA and the IRC and ICQ chat programs. When Lirva is sent via e-mail, it exploits a known vulnerability in Microsoft Internet Explorer to run automatically when the message carrying the malicious code is viewed in the Preview Pane.

The characteristics of the e-mail carrying Lirva are variable, as the subject, the message and the name of the attached file are selected from a list of possibilities.

If the user opens the file attached to the e-mail or if Lirva automatically runs itself by exploiting the Internet Explorer vulnerability, it will create several files in the affected computer including copies of the worm. Lirva also creates files and stores them under a random name in the shared files directory in KaZaA. If the IRC program is installed on the affected computer, Lirva modifies the 'script.ini' file.

This worm is also programmed to block antivirus programs and firewalls in order to render the victim's computer defenseless.

Finally, it ensures that it is run every time the computer starts up by modifying an entry in the Windows Registry.

Panda Software's Tech Support service has already registered several incidents caused by this worm and therefore clients are advised to treat e-mails and files received with caution and to update their antivirus solutions from to avoid possible incidents involving Lirva.

From this address, users can also access the company's free, online scanner Panda ActiveScan to disinfect computers that may have been hit by this malicious code.

More detailed information about Lirva is available in Panda Software's Virus Encyclopedia.


The evolution of backup and disaster recovery

Posted on 25 July 2014.  |  Amanda Strassle, IT Senior Director of Data Center Service Delivery at Seagate Technology, talks about enterprise backup issues, illustrates how the cloud shaping an IT department's approach to backup and disaster recovery, and more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Jul 28th