1. /
  2. Security Response/
  3. VBS.Valentin@mm

VBS.Valentin@mm

Risk Level 2: Low

Discovered:
February 13, 2001
Updated:
February 13, 2007 11:49:37 AM
Also Known As:
VBS.San [Computer Associates], VBS/Valentin@MM [McAfee], VBS/San-A [Sophos], VBS_VALENTIN.A [Trend Micro]
Type:
Worm
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP

VBS.Valentin@mm uses the built-in Encoding function of Visual Basic files. When executed, this virus sends itself to all recipients in the Microsoft Outlook address book. It also spreads using mIRC and by copying itself to shared network drives. The payload overwrites files and adds the .txt extension to them. The payload is executed if the day of the month is the 8th, 14th, 23rd, or the 29th.

Currently Symantec has not received any submissions of this worm.

Antivirus Protection Dates

  • Initial Rapid Release version February 13, 2001
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version February 13, 2001
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date February 13, 2001
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Medium

Distribution

  • Distribution Level: High
Writeup By: Douglas Knowles

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver