Davinia is an email worm that propagates through Microsoft Outlook utilising Microsoft Word 2000. The worm will send an infected email, with a seemingly empty body and subject line, with an embedded script in order to open another site, in order to download and open an infected Microsoft Word document.
This document uses the "Office 2000 UA Control" exploit, in order to disable macro warnings without user confirmation. This allows for the macros to run without raising suspicion. Once the macro is run, it will send itself to all contacts found within Microsoft Outlook's address book.
The macro will drop a VBS file, "littledavinia.vbs" in the Windows directory, adding it to the system registry such that it will run on startup. The script will replace all rewritable files with a HTML file. Upon restart, Windows will not be able to start.
The worm will show the following message upon execution: